[mew-int 01915] Fwd: Mew-4.1 format string crash bug (env-var MAIL)
Ulf Härnhammar
Ulf.Harnhammar.9485 at example.com
Fri Nov 26 01:20:17 JST 2004
This bug is still present in the new beta. Apart from being a format string bug,
it also seems to be a buffer overflow BTW. It's clearly the Right Thing to fix
this kind of bug to get more stable programs. The Debian maintainer of Mew
agrees, so he has already fixed this bug in the Debian package mew-bin.
// Ulf
-- Forwarded message --
Hello,
I have found a format string bug in Mew-4.1. It causes crashes in incm, when
the environment variable MAIL contains strings like "%n%n%n%n".
I have attached a patch that corrects this problem.
// Ulf Harnhammar
http://www.advogato.org/person/metaur/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mew.formstringcrash.patch
Type: application/octet-stream
Size: 375 bytes
Desc: not available
URL: <http://www.mew.org/pipermail/mew-int/attachments/20041125/023bb30f/attachment.obj>
More information about the Mew-int
mailing list