Bugtraq mailing list archives
Re: Remote exploit in sendmail 8.8.0
From: dsr () lns598 lns cornell edu (Daniel S. Riley)
Date: Fri, 18 Oct 1996 09:01:23 -0400
"D. J. Bernstein" <djb () koobera math uic edu> writes:
Is it just my imagination, or does sendmail.8.8.1.patch replace if (mime_fromqp((u_char *) buf, &obp, 0, MAXLINE) == 0) with if (mime_fromqp((u_char *) buf, &obp, 0, &obp[MAXLINE] - obp) == 0) This is not exactly what I'd call a fix.
Agreed. Probably supposed to be if (mime_fromqp((u_char *) buf, &obp, 0, &obuf[MAXLINE] - obp) == 0) which still won't win any awards for elegance, but does at least do something, while &obp[MAXLINE] - obp === MAXLINE. -- Dan Riley Internet: dsr () lns598 lns cornell edu Wilson Lab, Cornell University HEPNET/SPAN: lns598::dsr (44630::dsr) http://w4.lns.cornell.edu/ "Distance means nothing/To me." -Kate Bush
Current thread:
- Remote exploit in sendmail 8.8.0 John Anonymous MacDonald (Oct 16)
- Re: Remote exploit in sendmail 8.8.0 Alain Magloire (Oct 17)
- <Possible follow-ups>
- Re: Remote exploit in sendmail 8.8.0 Thomas Roessler (Oct 17)
- Re: Remote exploit in sendmail 8.8.0 Dave Hayes (Oct 17)
- Re: Remote exploit in sendmail 8.8.0 D. J. Bernstein (Oct 17)
- Re: Remote exploit in sendmail 8.8.0 Daniel S. Riley (Oct 18)
- Re: Remote exploit in sendmail 8.8.0 Steven L Baur (Oct 18)