On Mon, 30 Aug 1999, Nic Bellamy wrote: > tracked this problem to an sprintf() into a buffer on the stack > in the log_xfer() routine in src/log.c. Gotta love it. Sigh. What's interesting to note is that I notified the contact at ProFTPd of this exact overflow back during the last ftpd fiasco (there was more than one way to break proftpd). Assuming that you're making this assertion from the absolute latest source available, I'd say it's unfortunate that this wasn't dealt with many months ago. --jordan
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:00:23 PDT