* Petr Baudis <[EMAIL PROTECTED]> wrote:
> > will attempt to append a "/" string to the directory name - resulting in
> > a 1-byte overflow (a zero byte is written to offset 4097, which is
> > outside the array).
>
> The name ends precisely at offset 4095 with its NUL character:
>
> {PAT
Dear diary, on Thu, Apr 14, 2005 at 02:53:54PM CEST, I got a letter
where Ingo Molnar <[EMAIL PROTECTED]> told me that...
>
> this patch fixes a 1-byte overflow in show-files.c (looks narrow is is
> probably not exploitable). A specially crafted db object (tree) might
> trigger this overflow.
>
2 matches
Mail list logo