Je hebt een klacht over de onderstaande posting:
Zal me verbazen als er ook daadwerkelijke productiemachines kwetsbaar zullen zijn.. --- In order to reach the overflow at line 157, the hostname argument must meet the following requirements: - Its first character must be a digit (line 127). - Its last character must not be a dot (line 135). - It must comprise only digits and dots (line 197) (we call this the "digits-and-dots" requirement). - It must be long enough to overflow the buffer. For example, the non-reentrant gethostbyname*() functions initially allocate their buffer with a call to malloc(1024) (the "1-KB" requirement). - It must be successfully parsed as an IPv4 address by inet_aton() (line 143), or as an IPv6 address by inet_pton() (line 147). Upon careful analysis of these two functions, we can further refine this "inet-aton" requirement: (source: http://seclists.org/oss-sec/2015/q1/274)
Beschrijf je klacht (Optioneel):