[exim] a question about auth_client_item()

Pàgina inicial
Delete this message
Reply to this message
Autor: zerons
Data:  
A: exim-users
Assumpte: [exim] a question about auth_client_item()
Hi, all

I am reading exim code now. A piece of code in auth_client_item()
come to my attention.

https://github.com/Exim/exim/blob/master/src/src/auths/get_data.c#L172

I didn't do full test.
I wonder if `ss` could be something like this: '^^^^', or '^^aaaaaaaa^'.
If so, then `len` could be less than `i`, lead to memory corruption in
memmove.