[INN-COMMITTERS] STABLE-2_3 inn/innfeed (misc.c)

[Russ Allbery]

Forrest J Cavalier <mibsoft at epix.net> writes:

> Not.

> Unless I misunderstand totally, the only way there is a potential
> overflow is if untrusted non-user-news data gets into the logged output.

> I'd like someone to show me where that could happen.

Message ID containing %.  I'm pretty sure that there are at least some
places in innfeed where it logs a message ID.  It's hard to exploit, but
I'm pretty sure it's theoretically possible.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>