[ntp:security] [Bug 690] Buffer overflow in Windows when doing DNS Lookups

bugzilla at ntp.isc.org bugzilla at ntp.isc.org
Sun Aug 20 03:38:33 UTC 2006


http://bugs.ntp.isc.org/690



----------------------------------------------------------------------------
Additional Comments From mayer at ntp.org (Danny Mayer)
Submitted on 2006-08-20 03:38

It turns out that I didn't do this. The code has been this way for a long time
and was always wrong. This line in do_nodename in ntp_rfc2553.c should be
changed from

memcpy(&sockin->sin_addr, hp->h_addr, hp->h_length);

to

memcpy(&sockin->sin_addr, hp->h_addr, sizeof(struct in_addr));

It is possible that it has an affect on bug #527, but I will need to test that.

Danny

-- 
Danny Mayer <mayer at ntp.org>



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


More information about the security mailing list