[exim-dev] [Bug 662] New: stack corruption in daemon exec co…

Page principale
Ce message fait partie du fil suivant :
MArborescence complète du fil triée par date
M 
Tony Finch à ->
Supprimer ce message
Répondre à ce message
Auteur: Marcus Meissner
Date:  
À: exim-dev
Sujet: [exim-dev] [Bug 662] New: stack corruption in daemon exec code
------- You are receiving this mail because: -------
You are on the CC list for the bug. 

http://bugs.exim.org/show_bug.cgi?id=662
           Summary: stack corruption in daemon exec code
           Product: Exim
           Version: 4.69
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: security
          Priority: medium
         Component: Eximon
        AssignedTo: nigel@???
        ReportedBy: meissner@???
                CC: exim-dev@???



gcc 4.3 spotted this problem:

daemon.c:1696: warning: array subscript is above array bounds

and yes, uschar *extra[4] should have been [5] instead.

patch attached.

I am unsure of the security consequences, but it is possible to corrupt bits of
the stack in this function. Might also depend on the compiler.

Patch attached.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-dev
Informations sur la liste de diffusion | Messages voisins		<-[exim-dev] Bug 661[exim-dev] [Bug 663] New: $spam_score[_int] mismatch (rounding?)->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)