[Pkg-gnupg-maint] Bug#773507: explicit buffer overrun
Joshua Rogers
honey at internot.info
Fri Dec 19 10:24:10 UTC 2014
Package: gnupg2
Version: 2.1.1
Severity: normal
in dirmngr/ldap.c on line 617, argv may be overflowed.
617: argv[argc++] = url;
a check is made on line 591 that checks to see whether argv is less than or email to 399, and if it does, exit.
But argv is char *argv[50], while argc is a normal int.
If argc is 398, it will pass that check.
Thanks,
--
-- Joshua Rogers <https://internot.info/>
More information about the Pkg-gnupg-maint
mailing list