[Mutt] #3721: Integer underflow

Mutt Mon, 22 Dec 2014 02:27:07 -0800

#3721: Integer underflow
------------------------+----------------------
 Reporter:  MegaManSec  |      Owner:  mutt-dev
     Type:  defect      |     Status:  new
 Priority:  major       |  Milestone:
Component:  crypto      |    Version:  1.5.23
 Keywords:              |
------------------------+----------------------
 Hi,


 In pgppubring.c, in the pgp_parse_keyblock function, an integer underflow
 may occur when copying memory.

 Overflowed or truncated value (or a value computed from an overflowed or
 truncated value) l - 1UL used as critical argument to function.

 689        memcpy (chr, buff + 1, l - 1);


 Thanks,

-- 
Ticket URL: <http://dev.mutt.org/trac/ticket/3721>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

[Mutt] #3721: Integer underflow

Reply via email to