[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: games/xpat2

To: ports@openbsd.org
Subject: Re: games/xpat2
From: naddy@mips.inka.de (Christian Weisgerber)
Date: Fri, 29 Aug 2003 13:30:23 +0000 (UTC)
Newsgroups: list.openbsd.ports
References: <20030828171907.GA26424@quick.recoil.org> <Pine.OSF.4.33.0308291059240.81370-100000@oberon.cit.uws.edu.au>

Ian McWilliam <ianm@cit.uws.edu.au> wrote:

> That filename[64] should really be filename[MAXPATHLEN] and the
> appropriate include added if necessary.

Not from a security point of view.

> Where it gets this filename from should be checked throughly as
> it could potentially be passed a filename that is MAXPATHLEN from
> somewhere.

Look at the next 20 or so lines of code after the variable definition.
It's pretty safe.

However, the assumption throughout loadsave.c that sizeof(long)==4
is thoroughly broken.

-- 
Christian "naddy" Weisgerber                          naddy@mips.inka.de

References:
- games/xpat2
  - From: Anil Madhavapeddy <anil@recoil.org>
- Re: games/xpat2
  - From: Ian McWilliam <ianm@cit.uws.edu.au>

Prev by Date: Undeliverable: Re: Wicked screensaver
Next by Date: Failed to build python2.2 with current sbnapshot
Prev by thread: Re: games/xpat2
Next by thread: Re: games/xpat2
Index(es):
- Date
- Thread