[Bug 722386] Re: PAM pgsql buffer overflow when dealing with IPv6 addresses

Kees Cook Mon, 21 Feb 2011 11:11:11 -0800

src/backend_pgsql.c pg_execParam():

        if(rhost != NULL && (hentry = gethostbyname(rhost)) != NULL) {
                /* Make IP string */
                raddr = malloc(16);
                sprintf(raddr, "%d.%d.%d.%d",
                        hentry->h_addr_list[0][0],
                        hentry->h_addr_list[0][1],
                        hentry->h_addr_list[0][2],
                        hentry->h_addr_list[0][3]);



** Summary changed:

- PAM pgsql buffer overflow when dealing with IPv6 addresses
+ PAM pgsql buffer overflow when dealing with long addresses

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/722386

Title:
  PAM pgsql buffer overflow when dealing with long addresses

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 722386] Re: PAM pgsql buffer overflow when dealing with IPv6 addresses

Reply via email to