[mapserver-dev] Ticket 3537 - Buffer overflow vulnerabilities
thomas bonfort
thomas.bonfort at gmail.com
Wed Oct 6 08:49:54 EDT 2010
Alan,
* it seems suspicious to me that you are using the sizeof operator to
compute string lengths,shouldn't you be using strlen instead?
* why replace all functions with their snyyyy couterpart (i.e. sprintf
by snprintf, etc...) when treating data that isn't submitted over the
wire (for example DRIVER names, etc...) ?
regards,
thomas
On Tue, Oct 5, 2010 at 19:57, Alan Boudreault <aboudreault at mapgears.com> wrote:
> Hi Devs,
>
> As discussed during the meeting at FOSS4G 2010, I passed through the
> mapserver code source and fixed a lot buffer overflow vulnerabilities. I
> followed the good practices in C development of a few security sites. ie:
> https://buildsecurityin.us-cert.gov/bsi-rules/home.html
>
> I invite all file maintainers to take a look at my changes to see what those
> good practices are and comment if needed. If you have no objection, I'm
> going to commit this in trunk.
>
> I've run msautotest and the results before/after applying those patches are
> exactly the same. I would like to commit as soon as possible to let everyone
> test their applications with the changes.
>
> Here's the patches:
>
> http://trac.osgeo.org/mapserver/attachment/ticket/3537/3537-1.patch
>
> http://trac.osgeo.org/mapserver/attachment/ticket/3537/3537-2.patch
>
> regards,
>
> Alan
>
> --
>
> Alan Boudreault
>
> Mapgears
>
> http://www.mapgears.com
>
> _______________________________________________
> mapserver-dev mailing list
> mapserver-dev at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapserver-dev
>
>
More information about the mapserver-dev
mailing list