Date: Thu, 30 Jul 1998 13:42:01 +0200 From: Martin Cracauer <cracauer@cons.org> To: obrien@FreeBSD.ORG Cc: freebsd-security@FreeBSD.ORG Subject: mutt security fix Message-ID: <19980730134201.A12433@cons.org>
next in thread | raw e-mail | index | archive | help
David, [CC to -security for those hwo care] This is from http://paul.boehm.org/mutt-parse.patch. It fixes a remotly exploitable buffer overrun in MIME subtype checking. As the mutt folks didn't react yet, I suggest you commit it to the mutt port. --- parse.c.old Tue Jul 28 18:25:50 1998 +++ parse.c Tue Jul 28 18:25:56 1998 @@ -268,7 +268,7 @@ if ((pc = strchr(s, '/'))) { *pc++ = 0; - while (*pc && !ISSPACE (*pc) && *pc != ';') + while (*pc && !ISSPACE (*pc) && *pc != ';' && i < (SHORT_STRING - 1)) { buffer[i++] = *pc; pc++; -- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Martin Cracauer <cracauer@cons.org> http://www.cons.org/cracauer cracauer@wavehh.hanse.de (batched, preferred for large mails) Tel.: (private) +4940 5221829 Fax.: (private) +4940 5228536 Paper: (private) Waldstrasse 200, 22846 Norderstedt, Germany To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980730134201.A12433>