Package: gnumach gnumach device_open is not paranoid enough about the device name. I haven't tried it, but I think that having 128 non-digits with no trailing zero will make gnumach run past the buffer in dev_name_lookup.
Maybe not worth fixing for gnumach (esp as opening a device requires the device master port anyway). But it reminds me of the broader issue of the necessity to audit the code, esp at the borders caused by user supplied data. Thanks, Marcus -- `Rhubarb is no Egyptian god.' Debian http://www.debian.org [EMAIL PROTECTED] Marcus Brinkmann GNU http://www.gnu.org [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.marcus-brinkmann.de _______________________________________________ Bug-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-hurd
