[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Buffer overflow in the StringQuotedWord() function

From: Matěj Cepl
Subject: Re: Buffer overflow in the StringQuotedWord() function
Date: Fri, 23 Oct 2020 15:53:28 +0200
User-agent: Evolution 3.36.5

William Bader píše v Čt 22. 10. 2020 v 22:55 +0000:
> The attached patch should fix both of the CVEs.
> The one in StringQuotedWord was more complicated because it was due to a 
> string longer than MAX_BUFF, and when I fixed the access there, other places 
> had errors.
> The one in srcnext needed only an extra test in a loop.
> I tested the manual in doc/user before and after, and the only differences 
> seemed to be places that embedded the current time.

https://build.opensuse.org/request/show/843612 posted to
OpenSUSE/Factory. Tom Callway (spot, maintainer of lout on
Fedora) has been notified.



https://matej.ceplovi.cz/blog/, Jabber: mcepl@ceplovi.cz
GPG Finger: 3C76 A027 CA45 AD70 98B5  BC1D 7920 5802 880B C9D8
My life has been full of terrible misfortunes most of which never
    -- Michel de Montaigne

Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to

[Prev in Thread] Current Thread [Next in Thread]