Re: Re: licq remote DoS?
You're right, there is no check against FD_SETSIZE. IMO it's a bad idea not to
enforce some kind of accepted connections limit. However, I'm pessimistic about
the possibility of executing arbitrary code - even if you succeed to overwrite
the return address, you must think of some other way to place "evil code". Of
course, nothing is impossible :)
BTW, my PoC code has some pretty dumb bug, char hostname[12] should be char
hostname[15]...stupid me, I forgot about the dots in the ip address :)