Re: [exim-dev] security improvement proposal : don’t assume…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jasen Betts
Date:  
À: exim-dev
Sujet: Re: [exim-dev] security improvement proposal : don’t assume int is equal to pointer size.
On 2016-04-21, none <ytrezq@???> wrote:
> Hello,
>
> As you know, using signed int instead of size_t for string size handling
> is a common source of potential remote code execution…
> The use of int in strn* functions and elsewhere seems to be the norm for
> exim (with a few exceptions). While I agree most integers in that case
> will never grow up to INT_MAX.


It seems to me that exim refuses to manipulate stings over 32767 bytes long.
that should be enough to make it safe.


--
\_(ツ)_