Date: Tue, 20 Jan 2004 01:44:51 +0800 (MYT) From: Dinesh Nair <dinesh@alphaque.com> To: Anton Alin-Adrian <aanton@reversedhell.net> Cc: freebsd-hackers@freebsd.org Subject: Re: qmail remote root patch Message-ID: <20040120014314.S312-100000@prophet.alphaque.com> In-Reply-To: <400BD1D3.10201@reversedhell.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 19 Jan 2004, Anton Alin-Adrian wrote: > > Regarding latest qmail vulnerability, I coded this quickly patch. > > Please double-check me if I am wrong here. Forward this to > > freebsd-security please. > >320c320 > >< ++pos; > >--- > > > > > >> if (pos>9) ++pos; > http://www.guninski.com/qmailcrash.html woulnd't it be better to switch pos from an int to a u_int ? or do specific bounds checking before incrementing pos ? this patch seems to _only_ increment pos if it's > 9, and reading the code will show you where you're going to get into some problems. :) Regards, /\_/\ "All dogs go to heaven." dinesh@alphaque.com (0 0) http://www.alphaque.com/ +==========================----oOO--(_)--OOo----==========================+ | for a in past present future; do | | for b in clients employers associates relatives neighbours pets; do | | echo "The opinions here in no way reflect the opinions of my $a $b." | | done; done | +=========================================================================+
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040120014314.S312-100000>