Re: [exim-dev] STARTTLS belt & braces

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Nigel Metheringham
Date: 2011-03-24 07:54 -000
À: Phil Pennock
CC: Exim-dev@exim.org
Sujet: Re: [exim-dev] STARTTLS belt & braces

On 24 Mar 2011, at 07:06, Phil Pennock <exim-dev@???> wrote:

>
> Should we also just memset() the plaintext buffer to fill it with \0
> content at the point that TLS is started, always? After all, even
> without a data-past-TLS, a pipelined NOOP command with attack-code as
> its parameter, immediately followed by STARTTLS as the terminal of the
> pipeline would also leave shellcode in an available buffer. Fortunately
> the input buffer is malloc()d, so not fixed in location; however, with
> many systems using OS distribution configs, the memory allocations might
> be semi-predictable, leaving a common set of candidate locations


It's probably worth doing since it's easy and cheap

Nigel


[Sent from a mobile device - apologies for brevity and spelling]