[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request -- memcached
From:       Jamie Strandboge <jamie () canonical ! com>
Date:       2010-04-08 19:02:13
Message-ID: 1270753333.25949.88.camel () severus ! strandboge ! com
[Download RAW message or body]


On Thu, 2010-04-08 at 11:57 -0500, Jamie Strandboge wrote:
> People wanting to fix this may want to more thoroughly look at the
> patch[1]. After a cursory glance at it, I'm not sure it is enough:
> 1. it uses:
>   if (strcmp(ptr, "get ") && strcmp(ptr, "gets ")) {
> 
> Why not use something like (*totally* untested):
>   if (strncmp(ptr, "get ", 5) && strncmp(ptr, "gets ", 5)) {
> 
> just in case ptr is not NULL terminated? I haven't checked if this is an
> actual issue, but it certainly wouldn't hurt. '5' should probably be
> changed to something more reasonable.
> 

FYI, looks like upstream decided to use strncmp after all:
http://github.com/memcached/memcached/commit/d9cd01ede97f4145af9781d448c62a3318952719


-- 
Jamie Strandboge             | http://www.canonical.com

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic