Ah, there we have our answer, thank you! I was searching for a buffer
overflow while it was completely unrelated...
On Wed, Jun 8, 2011 at 5:38 PM, Mads Kiilerich <m...@kiilerich.com> wrote:
> Marc-André Moreau wrote, On 06/04/2011 09:41 PM:
>
> There appears to be a potential buffer overflow that manifests itself in
>> less subtle ways in the Windows build. I am using Visual C++ Express 2010.
>>
>> I've just spent about an hour or two trying to figure out where the buffer
>> overflow was, but couldn't find it yet. The crash happens in sec_verify_tls,
>> but doesn't consistently crash at the same place, depending on how you start
>> changing the code in that area. My guess is that there is a buffer overflow
>> somewhere before that part of the code, that will corrupt certain parts of
>> memory, but the effects of the corruption are only seen down the road when
>> sec_verify_tls gets called.
>>
>> I recall we once had a similar problem, where the buffer overflow was
>> caused by a static length used for a certain key size. With certain servers,
>> the key was longer than the static length, meaning that the buffer overflow
>> would only occur when connecting to certain servers. I'm connecting to
>> Windows 7 SP1, so maybe we're facing a similar problem again.
>>
>> Has anybody else been experiencing similar issues?
>>
>
> That sounds like the http://www.openssl.org/support/faq.html#PROG2 issue I
> solved Marts 9th.
>
> /Mads
>
>
------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Freerdp-devel mailing list
Freerdp-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freerdp-devel
