[exim-dev] [Bug 589] New: buffer overflow in moan_check_erro…

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMM 
Nico Erfurth at ->
Delete this message
Reply to this message
Author: Le Freak
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 589] New: buffer overflow in moan_check_errorcopy()
------- You are receiving this mail because: -------
You are on the CC list for the bug. 

http://bugs.exim.org/show_bug.cgi?id=589
           Summary: buffer overflow in moan_check_errorcopy()
           Product: Exim
           Version: 4.67
          Platform: x86
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: General execution
        AssignedTo: ph10@???
        ReportedBy: lefreak@???
                CC: exim-dev@???



i think there is buffer overflow in moan_check_errorcopy() in src/moan.c
line 614:
     Ustrncpy(temp, localpart, llen);
it copies mailbox part of mailadress to char temp[256] but mailbox part can be
larger than 256 chars!!!
i dont think this is real security buffer overflow but i think youre interested
anyways



--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] Preparing for 4.68[exim-dev] [Bug 590] New: incorrect processing combination with ldap request and macros->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)