Re: ECDL buffer overflow

Robert Harley (Robert.Harley@inria.fr)
Thu, 30 Dec 1999 14:48:46 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: ThosStew@aol.com: "Re: PCS/WAP mobile phone interface to e-gold"
Previous message: Adam Rifkin -4K: "InfoSpace goes wireless. Also, Tibco.Net"
Maybe in reply to: Wil Harris: "ECDL buffer overflow"

Yes, the very paranoid may want to add this at the end:

pauillac-ecdl8/27 > diff ecdl2K-108.c ecdl2K-108.c~
2477,2482d2476
< if ( entry->h_length < 0
< || (size_t)entry->h_length > sizeof(http_addr.sin_addr.s_addr)
< ) {
< puts("Error: address buffer overflow!");
< return -1;
< } /* end if */

(in the 32-bit source it is at 3808,3813d3807).

Bye,
Rob.

Next message: ThosStew@aol.com: "Re: PCS/WAP mobile phone interface to e-gold"
Previous message: Adam Rifkin -4K: "InfoSpace goes wireless. Also, Tibco.Net"
Maybe in reply to: Wil Harris: "ECDL buffer overflow"