On Tue, Mar 20, 2007 at 04:27:14PM +0000, Daniel P. Berrange wrote: > There was a buffer overflow in teh code to deal with building command line > arguments which was only exposed when the Fedora RPM builds uses the > stack protector args to GCC. The attached patch increases the buffer size > and uses snprintf() instead of sprintf(). Please apply ! > BTW, if anyone is looking for a patch to write - removing all other calls > to sprintf() would be a worthy task :-) Added to TODO in my checkout, I may end up doing it, Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ veillard@xxxxxxxxxx | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/