aboutsummaryrefslogtreecommitdiffstats
path: root/dist-tools/send-security-announce.sh
diff options
context:
space:
mode:
authorAlexander Bluhm <alexander.bluhm@gmx.net>2017-08-10 19:38:24 +0200
committerAlexander Bluhm <alexander.bluhm@gmx.net>2017-08-10 19:56:39 +0200
commit418cda65f752e367fa663fd13884a45fcbc39ddd (patch)
tree88d7f97d60a5c14c9259e4940761cd2855d22e07 /dist-tools/send-security-announce.sh
parent53e6c9984e8f533f57daef7d5c3c57c2d9a7bee9 (diff)
downloadfetchmail-418cda65f752e367fa663fd13884a45fcbc39ddd.tar.gz
fetchmail-418cda65f752e367fa663fd13884a45fcbc39ddd.tar.bz2
fetchmail-418cda65f752e367fa663fd13884a45fcbc39ddd.zip
Do not overrun plugin string when copying it.
parse_plugin() expands the % in plugin string to plugin_copy. It checks that is does not write behind the end of the destination memory, but the source length was not checked. This resulted in reading from a possibly invalid memory location which may cause a segmentation fault. Add a check for the string length of the source.
Diffstat (limited to 'dist-tools/send-security-announce.sh')
0 files changed, 0 insertions, 0 deletions