Date: Tue, 27 Jan 2015 18:19:48 -0800 From: Jonathan Brossard <endrazine@...il.com> To: Qualys Security Advisory <qsa@...lys.com> CC: oss-security@...ts.openwall.com Subject: Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Dear Qualys team, dear list, > From GHOST.c : > ... > char name; > memset(name, '0', len); > name[len] = '\0'; > ... I have been made aware off line that I have been working with an edited version of GHOST.c : the original version has a name buffer of size 1024, which is indeed perfectly fine to copy 991 + 1 byte ! There is no stack overflow in the original GHOST.c code : my humble appology for the noise :( Best regards, j- Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.