Re: [Mutt] #2885: Buffer overflows in mutt_gecos_name
#2885: Buffer overflows in mutt_gecos_name
Comment (by Thomas Roessler):
{{{
That indeed suggests making the execution of that code conditional.
Good point; thanks Vincent.
On 2007-05-08 21:51:51 -0000, Mutt wrote:
> From: Mutt <fleas@xxxxxxxx>
> To: mutt@xxxxxxxx, brendan@xxxxxxxxxx, vincent@xxxxxxxxxx
> Cc: mutt-dev@xxxxxxxx
> Date: Tue, 08 May 2007 21:51:51 -0000
> Subject: Re: [Mutt] #2885: Buffer overflows in mutt_gecos_name
> Reply-To: fleas@xxxxxxxx
> X-Spam-Level:
> X-URL: http://www.mutt.org/
> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.1.5
>
> #2885: Buffer overflows in mutt_gecos_name
>
> Comment (by vinc17):
>
> The fix is implementation-defined behavior, and a C implementation may
> generate a trap when converting an unsigned value into a signed value
if
> the value is not representable in the signed type. I don't think gcc
can
> do this yet, but this would be a good (optional) feature (in case of a
> bug, a trap being better than an undetected overflow for security
> reasons).
>
> --
> Ticket URL: <http://dev.mutt.org/trac/ticket/2885#comment:9>
>
>
}}}
--
Ticket URL: <http://dev.mutt.org/trac/ticket/2885#comment:>