Date: Fri, 9 Oct 1998 03:02:53 +0000 From: duke <duke@VIPER.NET.AU> Subject: Re: buffer overflow in dbadmin To: BUGTRAQ@NETSPACE.ORG > hi, > dbadmin.c: strcpy(op_temp,curField->name); > dbadmin.c: strcat(rec_new,curField->name); both op_temp and rec_new are malloc()'d so they are safe enough. dbadmin still looks exploitable however from: strcat(qbuf,thetable); qbuf is not malloc'd but is a global variable. -- Mark