[DeleGate-En] Y2000 & Security in Delegate 5.8.8
I got no answer about my Y2000 question. So I looked by myself in
About Y2000, I didn't find anything wrong, well, I'm no expert at
finding Y2000 bugs at all :-)
Most of year computations are in the Strftime.c.
Another thing I found (which really bother me) is about security of Delegate.
There are so many sprintf() and fixed size arrays declarations that I stopped
at the 10th ;-(
Well in fact ALL of your arrays are fixed size !
Most of your arrays are sized to 1024 bytes, so I guess I could easily
crash the Delegate server or get Delegate to execute some silly code.
Maybe you should take a look at the snprintf() function, and malloc() ?
More than just email--Get your FREE Netscape WebMail account today at http://home.netscape.com/netcenter/mail