'Re: Found a stack corruption (saslutil.c:get_fqhostname)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cyrus-devel
Subject:    Re: Found a stack corruption (saslutil.c:get_fqhostname)
From:       Дилян_ =?UTF-8?Q?=D0=9F=D0=B0=D0=BB=D0=B0=D
Date:       2021-10-06 8:34:50
Message-ID: 19ff5ddc38d1aed15de58f51782324e98a1970c1.camel () aegee ! org
[Download RAW message or body]

Hello Gerard,

is this fixed upstream

https://github.com/cyrusimap/cyrus-sasl/blob/master/lib/saslutil.c#L528

?

Greetings
  Дилян

On Wed, 2021-10-06 at 03:51 -0400, gerald.scheidl via Devel wrote:
> Hi all,
> 
> We have found and fixed a stack corruption in lib/saslutil.c (~line 536
> at the start of   get_fqhostname):
> The two code lines there need to be:
> 
>        return_value = gethostname (name, namelen);
>        name[namelen - 1] = '\0'; /* ensure string is always 0 terminated*/
> 
> The problem is a off by one regarding namelen.
> 
> Kind regards,
> Gerald Scheidl
> Cyrus / Devel / seediscussions +participants +delivery  optionsPermalink

------------------------------------------
Cyrus: Devel
Permalink: https://cyrus.topicbox.com/groups/devel/Te46e721837320c06-M759dabf93c5b0714c7ef491b
Delivery options: https://cyrus.topicbox.com/groups/devel/subscription
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic