[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Buffer overflow in the StringQuotedWord() function
From: |
Matěj Cepl |
Subject: |
Re: Buffer overflow in the StringQuotedWord() function |
Date: |
Fri, 23 Oct 2020 15:53:28 +0200 |
User-agent: |
Evolution 3.36.5 |
William Bader píše v Čt 22. 10. 2020 v 22:55 +0000:
> The attached patch should fix both of the CVEs.
> The one in StringQuotedWord was more complicated because it was due to a
> string longer than MAX_BUFF, and when I fixed the access there, other places
> had errors.
> The one in srcnext needed only an extra test in a loop.
> I tested the manual in doc/user before and after, and the only differences
> seemed to be places that embedded the current time.
https://build.opensuse.org/request/show/843612 posted to
OpenSUSE/Factory. Tom Callway (spot, maintainer of lout on
Fedora) has been notified.
Best,
Matěj
--
https://matej.ceplovi.cz/blog/, Jabber: mcepl@ceplovi.cz
GPG Finger: 3C76 A027 CA45 AD70 98B5 BC1D 7920 5802 880B C9D8
My life has been full of terrible misfortunes most of which never
happened.
-- Michel de Montaigne
signature.asc
Description: This is a digitally signed message part
- Re: Buffer overflow in the StringQuotedWord() function, (continued)
Re: Buffer overflow in the StringQuotedWord() function, Jeffrey Kingston, 2020/10/20
Re: Buffer overflow in the StringQuotedWord() function, William Bader, 2020/10/22
Re: Buffer overflow in the StringQuotedWord() function,
Matěj Cepl <=
Re: Buffer overflow in the StringQuotedWord() function, Matěj Cepl, 2020/10/23
Re: Buffer overflow in the StringQuotedWord() function, Oliver Bandel, 2020/10/21