spf-discuss
[Top] [All Lists]

Re: SPF in MTAs

2004-02-07 19:10:58

On Feb 7, 2004, at 8:35 PM, James Couzens wrote:

On Sat, 2004-02-07 at 17:29, Greg Wooledge wrote:

Uh... he found a remote buffer overflow in the code.  The correct
response to that is, "Oh, darn.  Here's the patch for it."  It is
*NOT* appropriate to say "Well, only an idiot would use that part
of the code."

My apologies for the edge on my previous comment, you are correct, as
was Shapiro.  However, you seem to have overlooked my additional
comment, which stated: "And even if they were a simple change to using
vsnprintf is sufficient."

I think the point he was trying to make is that the code is poorly audited.

George

// George Schlossnagle
// Postal Engine -- http://www.postalengine.com/
// Ecelerity: fastest MTA on earth

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>