![[LWN Logo]](/images/lwn.banner.gif)
Date: Fri, 9 Oct 1998 03:02:53 +0000
From: duke <duke@VIPER.NET.AU>
Subject: Re: buffer overflow in dbadmin
To: BUGTRAQ@NETSPACE.ORG
>
hi,
> dbadmin.c: strcpy(op_temp,curField->name);
> dbadmin.c: strcat(rec_new,curField->name);
both op_temp and rec_new are malloc()'d so they are safe enough. dbadmin
still looks exploitable however from:
strcat(qbuf,thetable);
qbuf is not malloc'd but is a global variable.
-- Mark