PHP :: Bug #3102 :: Buffer overflow with rfc822

Bug #3102	Buffer overflow with rfc822_date
Submitted:	2000-01-04 17:01 UTC	Modified:	2000-02-29 10:50 UTC
From:	sherin at simmcomm dot ch	Assigned:
Status:	Closed	Package:	IMAP related
PHP Version:	3.0.13	OS:	Linux
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2000-01-04 17:01 UTC] sherin at simmcomm dot ch

A buffer overflow occured in the function php3_imap_check in functions/imap.c while executing the following command:

rfc822_date (date);

The problem with this is that it is not checked if the returned date string is too long for the buffer. In my configuration i didn`t set up the timezone correct, so I got a somewhat large date string back.:

"Tue, 4 Jan 2000 15:42:40 +0000 (Local time zone must be set--see zic manual page)"

which was larger than the 50 chars allocated for the variable date could handle. I assume there are also other places where this problem occurs.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-02-29 10:50 UTC] hholzgra at cvs dot php dot net

bufsizes have been increased from 50 to 100
(lets hope its big enough now)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 25 23:01:29 2024 UTC