Author: none Date: To: exim-dev Subject: [exim-dev] security improvement proposal : don’t assume int is equal to pointer size.
Hello,
As you know, using signed int instead of size_t for string size handling
is a common source of potential remote code execution…
The use of int in strn* functions and elsewhere seems to be the norm for
exim (with a few exceptions). While I agree most integers in that case
will never grow up to INT_MAX.
Why not doing the safest by default ? I mean using size_t for essential
string.c functions and the integers representing sizes that use them ?
Of course I can create a patch for such change myself.
