ZDI-CAN-338: libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
Josh Bressers
bressers at redhat.com
Thu Jun 26 13:51:30 EDT 2008
On 26 June 2008, Richard Laager wrote:
>
> On Thu, 2008-06-26 at 12:14 -0500, Mark Doliner wrote:
> > I think the vulnerability is valid, but I think our fix needs to make sur=
> e
> > we're not wrapping back to 0.
>
> Any idea on the right way to do that?
>
Look at this:
https://www.securecoding.cert.org/confluence/display/seccode/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap
The whole guide is quite good.
I'll see about CVE ids hopefully later today. I've been terribly bogged
down with other things and I've not found time for this yet. Sorry.
--
JB
More information about the Packagers
mailing list