Re: [HACKERS] MySQL vulnerability

From: Goran Thyni <goran(at)kirra(dot)net>
To: "Thomas G(dot) Lockhart" <lockhart(at)alumni(dot)caltech(dot)edu>
Cc: Postgres Hackers List <hackers(at)postgresql(dot)org>
Subject: Re: [HACKERS] MySQL vulnerability
Date: 1999-01-26 16:49:39
Message-ID: 36ADF223.9CF728AA@kirra.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

"Thomas G. Lockhart" wrote:
> Are we vulnerable to stack or buffer overflows with our on the wire
> protocol?

There are lots of sprintf and such in there,
which are potential stack overflows.

A security audit should be good thing, but it is a where time consuming
(and not very fun) task in a complex system like a RDBMS.

regards,
--
-----------------
Göran Thyni
This is Penguin Country. On a quiet night you can hear Windows NT
reboot!

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message The Hermit Hacker 1999-01-26 18:07:52 Re: alloca (was: Postgres Speed or lack thereof)
Previous Message Goran Thyni 1999-01-26 16:43:07 Re: [HACKERS] Re: alloca (was: Postgres Speed or lack thereof)