cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: [SECURITY ADVISORY] libcurl SASL buffer overflow

From: Steve Holme <steve_holme_at_hotmail.com>
Date: Sun, 10 Feb 2013 17:14:16 +0000

Hi,

On Sun, 10 Feb 2013, Alessandro Ghedini wrote:

> I'm working on adapting the above patch for curl
> 7.26.0 which is the version currently in Debian
> Wheezy (being it in freeze, it's not possible to
> update to 7.29.0).
>
> Could someone please have a look at the
> attached patch? Is it enough, or is there
> someting I've missed?

No that pretty much covers it. The main thing is to use a buffer size aware
string copy function on both the uri and response strings.

My only comment if you wanted to reduce code a little and save the amount of
work snprintf() has to do is to replace the service variable and the
following line:

+ snprintf(uri, sizeof(uri), "%s/%s", service, realm);

With:

+ snprintf(uri, sizeof(uri), "smtp/%s", realm);

I hope this helps.

Kind Regards

Steve
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-02-10

This message: [ Message body ]
Next message: Alessandro Ghedini: "[PATCH] htmltitle: fix suggested build command"
Previous message: Daniel Stenberg: "Re: [SECURITY ADVISORY] libcurl SASL buffer overflow"
In reply to: Alessandro Ghedini: "Re: [SECURITY ADVISORY] libcurl SASL buffer overflow"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]