Author: Jasen Betts Date: To: exim-dev Subject: Re: [exim-dev]
security improvement proposal : don’t assume int is equal to pointer size.
On 2016-04-21, none <ytrezq@???> wrote: > Hello,
>
> As you know, using signed int instead of size_t for string size handling
> is a common source of potential remote code execution…
> The use of int in strn* functions and elsewhere seems to be the norm for
> exim (with a few exceptions). While I agree most integers in that case
> will never grow up to INT_MAX.
It seems to me that exim refuses to manipulate stings over 32767 bytes long.
that should be enough to make it safe.