[ntp:security] [Bug 3566] An out-of-bounds read bug in ntpd/ntp_control.c:3088 in ctl_getitem()

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Thu Jan 24 18:01:38 UTC 2019


http://bugs.ntp.org/show_bug.cgi?id=3566

--- Comment #3 from Juergen Perlinger <perlinger at ntp.org> 2019-01-24 18:01:38 UTC ---
Same as with 3567: the port was of course fixed, I ran NTPD in non-forking mode
under valgrind, not so much as a burp. And the code in the ntp.org code base
CAN NOT cause the described buffer overrun. Unless reqend is calculated wrong,
but that's not an issue of THIS code location.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list