|
|
cURL Mailing List Monthly Index Single Mail
curl-tracker Archives
[ curl-Bugs-3413274 ] Bounds checking for FD_SET() in curl_multi_fdset()
From: SourceForge.net <noreply_at_sourceforge.net>
Date: Fri, 23 Sep 2011 21:11:44 +1000
Bugs item #3413274, was opened at 2011-09-23 21:11
Please note that this message will contain a full copy of the comment thread,
Initial Comment:
lib/select.c does this correctly, with a bounds checking macro, but lib/multi.c does not. I've confirmed a crash on libcurl 7.21.3.
In the worst case, this may lead to an arbitrary execution vulnerability if the calling app has a sandboxed scripting environment and untrusted scripts are allowed. So I'm checking the "private" box to be on the safe side.
----------------------------------------------------------------------
You can respond by visiting:
These mail archives are generated by hypermail. |
Page updated November 12, 2010.
web site info