Hi,
I tested courier and courier-authlib compiled with address sanitizer.
This uncovered an out of bounds memory access in the file
authgetconfig.c in courier-authlib:
if (memcmp(p, env, l) == 0 &&
The problem here is that p might actually be shorter than l and thus
this reads
Hanno Böck writes:
Hi,
I tested courier and courier-authlib compiled with address sanitizer.
This uncovered an out of bounds memory access in the file
authgetconfig.c in courier-authlib:
if (memcmp(p, env, l) == 0 &&
The problem here is that p might actually be shorter than l