> Thank you for looking at the patch. I will fix the uncontrolled sprintf,
There are two security holes: 1) the fact that shell meta characters can be injected from URLs; 2) the lack of any limit checking on the size of the buffer (500 bytes is quite typical of buffer sizes used on compromised systems; people looking for loopholes try long strings). It is possible that other limits prevent your ever exceeding 500 characters, but they would have to be heavily commented in both places to ensure that no change ever violated that assumption, and even then anyone doing a security audit would flag a problem. The second problem is the most serious because people are actively seeking this sort of problem. > The answer to your first question is that is it using mime encoding as > descibed in some RFC whose number escapes to me right now. RFC 15XX? MIME defines 5 encodings: 7bit 8bit binary quoted-printable base64 Pine used base64 when it should have used quoted-printable. ; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to [EMAIL PROTECTED]
