https://bugs.exim.org/show_bug.cgi?id=2571
--- Comment #2 from Orange Tsai <[email protected]> --- Hi! The patch just checks "pointer + offset" is smaller than the end of `responseptr`. However, the check condition is prone to integer overflow. An attacker can make a crash on 32-bit system. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
