[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

lynx-dev Some more security issues in Lynx...

From: brian j. pardy
Subject: lynx-dev Some more security issues in Lynx...
Date: Fri, 30 Oct 1998 12:10:21 -0800 (PST)

Some more possible problems we need to get taken care of...

----- Forwarded message from Alan Cox <address@hidden> -----

From: address@hidden (Alan Cox)
Subject: Re: Sendmail, lynx, Netscape, sshd, Linux kernel (twice)
To: address@hidden
Date: Fri, 30 Oct 1998 19:44:48 +0000 (GMT)
In-Reply-To: <address@hidden> from "brian j. pardy" at Oct 28, 98 09:47:53 pm
X-SBClass: OK

> FWIW, from CHANGES (for 2.8.1rel.2, the most recent version):
> 1998-05-10 (2.8.1dev.10)
> [...]
> * fix for buffer-overrun in LYMail.c when processing a mailto:very-log-address
>   URL - BL

I've got another patch brewing for you btw. There are a pile of other possible
overrun cases that dont appear to be caught. I went through the code with
some snprintf using macros to clean the ones  could see up. In paticular
lynx regularly does shell expansion of a buffer into a buffer of similar
(not 5 times) the size.

I notice you dont use snprintf - is that a Lynx policy decision.


----- End forwarded message -----

GPG & PGP public keys: <URL:> 
PGP fingerprint: 42 57 B3 D2 39 8E 74 C3  5E 4D AC 43 25 D2 26 D4

unix soit qui mal y pense

reply via email to

[Prev in Thread] Current Thread [Next in Thread]