Re: More patch ideas for qpopper

From: Magne Oestlyngen (magneat_private)
Date: Sun Jun 28 1998 - 06:30:00 PDT

Next message: Aaron D. Gifford: "And another qpopper overflow (does this make 3?)"

Previous message: M.C.Mar: "Re: dip-3.3.7p exploit (stackpatch_"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Aaron D. Gifford wrote:
>
> I noticed that popper.h had a #define for MAXPARMLEN but never used it.  I
> decided it's a good idea and added it to my popper on top of some of the other
> patches I've seen here.  I bumped up the MAXPARMLEN size to 16.  So far on my
> FreeBDS-based system with only 5,000 users, I haven't noticed any problems
> yet.

> Is there a reason the qpopper folks didn't do this in the first place?  The
> defined it, but never used it.

This would break APOP, which parameters are a username and a md5sum (32
bytes,
if I read the source correctly).

> Puzzled,
> Aaron out.


--
  Systems Administrator, Internet Innherred as
  Magne Oestlyngen <magneat_private>

Next message: Aaron D. Gifford: "And another qpopper overflow (does this make 3?)"
Previous message: M.C.Mar: "Re: dip-3.3.7p exploit (stackpatch_"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:00:22 PDT