2013.08.01 09:21 "[Tiff] Vulnerabilities in libtiff 4.0.3", by Pedro Ribeiro
-
2013.09.20 16:09 "Re: [Tiff] Vulnerabilities in libtiff 4.0.3", by Lee Howard
- 2013.09.20 16:24 "Re: [Tiff] Vulnerabilities in libtiff 4.0.3", by Bob Friesenhahn
- 2013.09.24 06:55 "Re: [Tiff] Vulnerabilities in libtiff 4.0.3", by Albert Cahalan
2013.09.20 17:05 "Re: [Tiff] Vulnerabilities in libtiff 4.0.3", by Bob Friesenhahn
Perhaps Bob confused it with strncpy which does have that problem. The man page wording on linux is a little ambiguous but the OS X one is quite clear and other online references also state that the null is always added by snprintf. glibc certainly does add it.
Yes, Bob was likely confused. :-)
Bob
--
Bob Friesenhahn
bfriesen@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/