#3636: Possible buffer overflow in smime.c
-----------------------+----------------------
Reporter: wfiveash | Owner: me
Type: defect | Status: assigned
Priority: major | Milestone:
Component: mutt | Version: 1.5.21
Resolution: | Keywords:
-----------------------+----------------------
Comment (by wfiveash):
I wrote a small test using sscanf() on Solaris 11 and verified that the
field width does not include the string terminator. You may want to check
the various places the *scanf() functions are called in mutt to make sure
there are no potential buffer overruns.
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3636#comment:3>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
