Security Audit, was Re: [crossfire] Server release?
Mark Wedel
mwedel at sonic.net
Sat Apr 16 18:58:45 CDT 2005
tchize wrote:
>
I fixed this a few time ago (i think). This was related to server dying on a
>
sigpipe on abrupt connection close.
>
>
Just one note, on security.
>
Every part of the code is subject to strings overflows. I have seen countless
>
calls to sprintf instead of snprintf, which is inherently unsecure. Some
>
parts of those calls involve datas provided by client.
Yes - using sprintf, strcpy, etc are not safe.
Unfortunately, some number of those calls are on data passed in, where it
would require changing the function prototype to denote how large the buffer is.
There are still a lot of calls to sprintf/strcpy in the code - fixing those is
no smaller matter.
On the bright side, the server requires no special privileges to run, so could
be run in a jail/zone/chroot environment to mitigate the risks.
More information about the crossfire
mailing list