oss-sec mailing list archives
OpenDMARC buffer overflows
From: Hanno Böck <hanno () hboeck de>
Date: Tue, 17 Sep 2019 19:58:26 +0200
Hi, In light of the recent OpenDMARC issue I had a look at their Github PR tracker. This one https://github.com/trusteddomainproject/OpenDMARC/pull/45 caught my attention. Quote: "Fix a few potential crashes Fix missing from_domain check for store_dkim Add checks for longer than buffer while parsing record" This seems to add and fix a few length checks for buffers, i.e. fixing buffer overflows. I haven't analyzed it in detail. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno () hboeck de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
Current thread:
- OpenDMARC buffer overflows Hanno Böck (Sep 17)
- Re: OpenDMARC buffer overflows Alyssa Ross (Sep 17)
- Re: OpenDMARC buffer overflows Thomas Ward (Sep 17)
- Re: OpenDMARC buffer overflows Alyssa Ross (Sep 17)