Re: [exim-dev] STARTTLS belt & braces

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MPhil Pennock at <-
MPhil Pennock at ->
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
To: Phil Pennock
CC: Exim-dev@exim.org
Subject: Re: [exim-dev] STARTTLS belt & braces

On 24 Mar 2011, at 07:06, Phil Pennock <exim-dev@???> wrote:

>
> Should we also just memset() the plaintext buffer to fill it with \0
> content at the point that TLS is started, always? After all, even
> without a data-past-TLS, a pipelined NOOP command with attack-code as
> its parameter, immediately followed by STARTTLS as the terminal of the
> pipeline would also leave shellcode in an available buffer. Fortunately
> the input buffer is malloc()d, so not fixed in location; however, with
> many systems using OS distribution configs, the memory allocations might
> be semi-predictable, leaving a common set of candidate locations

It's probably worth doing since it's easy and cheap

Nigel


[Sent from a mobile device - apologies for brevity and spelling]


This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-[exim-dev] STARTTLS belt & bracesRe: [exim-dev] STARTTLS belt & braces->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)