James Couzens (jcouzens(_at_)obscurity(_dot_)org) wrote:
This point is moot, as only a complete idiot would run libspf compiled
with debugging code in a production server. And even if they were a
simple change to using vsnprintf is sufficient. Surprised to see you
raise such a non-issue,
Uh... he found a remote buffer overflow in the code. The correct
response to that is, "Oh, darn. Here's the patch for it." It is
*NOT* appropriate to say "Well, only an idiot would use that part
of the code."
--
Greg Wooledge | "Truth belongs to everybody."
greg(_at_)wooledge(_dot_)org | - The Red Hot Chili Peppers
http://wooledge.org/~greg/ |
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)½§Åv¼ð¦¾Øß´ëù1Ií-»Fqx(_dot_)com
signature.asc
Description: Digital signature