Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#1 small stack overflow by memcpy

open
Jonathan Day
9
2012-09-14
2005-04-27
Marcus Meissner
No

in rfc2440.c there is a small memory overflow of a buffer
which has 1 byte less than required.

Ciao, Marcus

Discussion

  • mcrypt-2.6.4-overflow.patch

     
  • Jonathan Day
    Jonathan Day
    2005-06-14

    Logged In: YES
    user_id=1466

    I'm investigating both mcrypt and libmcrypt for other buffer
    overflows. Thanks for pointing this one out and offering the
    patch!

     
  • Pavol Rusnak
    Pavol Rusnak
    2008-01-16

    Logged In: YES
    user_id=1688417
    Originator: NO

    Marcus notified me that 14 is not enough. Right is "uchar buf[15];"