Bug 500621
Summary: | possible buffer overflow | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jan F. Chadima <jchadima> |
Component: | nufw | Assignee: | Jerome Soyer <saispo> |
Status: | CLOSED UPSTREAM | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 11 | CC: | saispo, tmraz |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-11-25 17:42:57 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jan F. Chadima
2009-05-13 13:36:07 UTC
The overflow is of course only potential because the current sasl_encode64 implementation will never requre more that alloclen-3 bytes for the encoding. But nevertheless the code should be fixed as in the patch above. This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle. Changing version to '11'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping As the buffer overflow is not real I've just reported the problem with the patch upstream. |