RE: [Exim] Another small patch, please comment

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
Mmichael at <-
MMPhilip Hazel at ->
Delete this message
Reply to this message
Author: michael
Date:  
To: exim-users
Subject: RE: [Exim] Another small patch, please comment
> The memcpy is a memory exception waiting to happen. It would copy random
> bytes off the stack beyond the end of the string. You need to do the string
> copy of the source string and then fill the unused bytes.

That would only happen if a too long string length was passed to
string_cat. As it is, the function appears to be used only to copy
part of a string, where memcpy does not make a difference, or at some
cases the full string including a terminating NUL. I did not see a call
where a greater length than the string size is passed to the function.
That would probably be a bug anyway and asking for trouble in case the
source string is not NUL terminated. But Exim may try that for good
reasons and I just didn't see it, hence my request for comments.

Michael


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-RE: [Exim] How to define destination for faulty addresses for remote MTA?Re: [Exim] Installing with ${ROOT}->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)