Re: [exim-dev] security improvement proposal : don’t assume…

Góra strony
Delete this message
Reply to this message
Autor: Jasen Betts
Data:  
Dla: exim-dev
Temat: Re: [exim-dev] security improvement proposal : don’t assume int is equal to pointer size.
On 2016-04-21, none <ytrezq@???> wrote:
> Hello,
>
> As you know, using signed int instead of size_t for string size handling
> is a common source of potential remote code execution…
> The use of int in strn* functions and elsewhere seems to be the norm for
> exim (with a few exceptions). While I agree most integers in that case
> will never grow up to INT_MAX.


It seems to me that exim refuses to manipulate stings over 32767 bytes long.
that should be enough to make it safe.


--
\_(ツ)_