diff options
author | Daniel Gustafsson <daniel@yesql.se> | 2019-01-19 00:42:47 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2019-02-04 08:22:32 +0100 |
commit | 39df4073e5413fcdbb5a38da0c1ce6f1c0ceb484 (patch) | |
tree | d27fd08698a3365ab1d4ee8dc8dd050fcc8d7c2f /lib/rand.c | |
parent | 50c9484278c63b958655a717844f0721263939cc (diff) |
smtp: avoid risk of buffer overflow in strtol
If the incoming len 5, but the buffer does not have a termination
after 5 bytes, the strtol() call may keep reading through the line
buffer until is exceeds its boundary. Fix by ensuring that we are
using a bounded read with a temporary buffer on the stack.
Bug: https://curl.haxx.se/docs/CVE-2019-3823.html
Reported-by: Brian Carpenter (Geeknik Labs)
CVE-2019-3823
Diffstat (limited to 'lib/rand.c')
0 files changed, 0 insertions, 0 deletions