1. Possible strcpy() buffer overflow in printjob.c:823 2. No room for NULL termination in printjob.c:825, printjob.c:827, printjob.c:836.
In looking over printjob.c in freebsd-current, it looks like someone already made the changes suggested by this PR. Those changes were done around Nov 30th, and they probably did not make it into the 3.4-stable system which this PR is referencing. (maybe this should be added to 3.x branch too? I didn't check to see if it's already there, I only looked at 'current') --- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer (MIME & NeXTmail capable) Rensselaer Polytechnic Institute; Troy NY USA
State Changed From-To: open->suspended Most of this patch had already been done, but two one-line fixes had not been. I've added those fixes to current, and the change is awaiting MFC.
Responsible Changed From-To: freebsd-bugs->gad@FreeBSD.org Because I'm trying to clean out PR's for lpr & friends.
State Changed From-To: suspended->closed Fix has been applied on both -current (5.x) and -stable (post 4.2)