PHP :: Bug #3102 :: Buffer overflow with rfc822

Bug #3102	Buffer overflow with rfc822_date
Submitted:	2000-01-04 17:01 UTC	Modified:	2000-02-29 10:50 UTC
From:	sherin at simmcomm dot ch	Assigned:
Status:	Closed	Package:	IMAP related
PHP Version:	3.0.13	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	sherin at simmcomm dot ch
New email:
PHP Version:		OS:

New Comment:

[2000-01-04 17:01 UTC] sherin at simmcomm dot ch

A buffer overflow occured in the function php3_imap_check in functions/imap.c while executing the following command:

rfc822_date (date);

The problem with this is that it is not checked if the returned date string is too long for the buffer. In my configuration i didn`t set up the timezone correct, so I got a somewhat large date string back.:

"Tue, 4 Jan 2000 15:42:40 +0000 (Local time zone must be set--see zic manual page)"

which was larger than the 50 chars allocated for the variable date could handle. I assume there are also other places where this problem occurs.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-02-29 10:50 UTC] hholzgra at cvs dot php dot net

bufsizes have been increased from 50 to 100
(lets hope its big enough now)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Jan 15 11:01:31 2025 UTC