Hi!
scopy() in safestring.c has a bug. Just start vdelivermail(from vpopmail
4.8.7) from the shell
and it wil segfault. This is due to a bug in scopy.
It doesnt check if the char *src pointer is null...Well have a look
yourself.
a patch is attached. hopefully it is useful. Wasn't made with much thought.
Later,
Markus
--
Markus Wuebben
* ID-PRO Deutschland GmbH (Products & Development)
* Tel.: +49 (0) 2932 - 916 - 135 * Fax - 236
* mailto:[EMAIL PROTECTED]
* http://open-for-the-better.com
--- safestring.c Tue Jun 27 22:26:16 2000
+++ safestring.c.new Tue Aug 1 17:27:13 2000
@@ -36,6 +36,10 @@
int scopy(char *dest, const char *src, const int bound)
{
int i;
+ if(!src) {
+ dest = memset(dest, 0, bound);
+ return 0;
+ }
for (i=0; (src[i] != 0) && (i < (bound-1)); i++) {
dest[i] = src[i];
}
