cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [SECURITY ADVISORY] libcurl SASL buffer overflow

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Sun, 10 Feb 2013 18:03:40 +0100 (CET)

On Sun, 10 Feb 2013, Alessandro Ghedini wrote:

>> http://curl.haxx.se/curl-sasl.patch
>
> I'm working on adapting the above patch for curl 7.26.0 which is the version
> currently in Debian Wheezy (being it in freeze, it's not possible to update
> to 7.29.0).
>
> Could someone please have a look at the attached patch? Is it enough, or is
> there someting I've missed?

Looks perfectly reasonable to me. I didn't look at the 7.26.0 code right now,
but the idea is simply to replace the strcat()s with the proper snprintf()s.

If I would make the patch, I would not introduce a new local array named
'service'. I would just have that first snprintf() use "smtp" instead of the
first %s. But that's just a matter of style and taste, not a technical issue.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2013-02-10