This is a multi-part message in MIME format.
--------------010200060400030004010300
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Hi all,

the stand-alone library still contains two function with buffer 
overflows, namely gets() and getpass(). To fix that, I have written the 
appended patch. The new feature it requests is that the 
(architecture-dependent) putchar() function can handle '\a' and either 
beeps or ignores it completely.

Do architectures other than i386 support outputting '\a' or should the 
character simply be ignored then?

Roland

--------------010200060400030004010300
Content-Type: text/plain;
 name="libsa-gets.c.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="libsa-gets.c.patch"

? libsa-gets.c.patch
Index: gets.c
===================================================================
RCS file: /cvsroot/src/sys/lib/libsa/gets.c,v
retrieving revision 1.8
diff -u -p -r1.8 gets.c
--- gets.c	7 Aug 2003 16:32:27 -0000	1.8
+++ gets.c	22 Aug 2005 17:43:24 -0000
@@ -33,12 +33,17 @@
 
 #include "stand.h"
 
+#define PAPER_CARD_SIZE		80
+
 void
 gets(buf)
 	char *buf;
 {
 	int c;
-	char *lp;
+	char *lp, *bufend;
+
+	/* leave enough room for the terminating null character */
+	bufend = buf + PAPER_CARD_SIZE - 1;
 
 	for (lp = buf;;)
 		switch (c = getchar() & 0177) {
@@ -79,8 +84,11 @@ gets(buf)
 			putchar('\n');
 			break;
 		default:
-			*lp++ = c;
-			putchar(c);
+			if (lp < bufend) {
+				*lp++ = c;
+				putchar(c);
+			} else
+				putchar('\a');
 		}
 	/*NOTREACHED*/
 }

--------------010200060400030004010300--