[INN-COMMITTERS] STABLE-2_3 inn/innfeed (misc.c)

Russ Allbery rra at stanford.edu
Fri Jun 30 09:44:31 UTC 2000


Forrest J Cavalier <mibsoft at epix.net> writes:

> Not.

> Unless I misunderstand totally, the only way there is a potential
> overflow is if untrusted non-user-news data gets into the logged output.

> I'd like someone to show me where that could happen.

Message ID containing %.  I'm pretty sure that there are at least some
places in innfeed where it logs a message ID.  It's hard to exploit, but
I'm pretty sure it's theoretically possible.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the inn-workers mailing list