[ntp:security] [Bug 3566] An out-of-bounds read bug in ntpd/ntp_control.c:3088 in ctl_getitem()

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Thu Jan 24 18:01:38 UTC 2019


--- Comment #3 from Juergen Perlinger <perlinger at ntp.org> 2019-01-24 18:01:38 UTC ---
Same as with 3567: the port was of course fixed, I ran NTPD in non-forking mode
under valgrind, not so much as a burp. And the code in the ntp.org code base
CAN NOT cause the described buffer overrun. Unless reqend is calculated wrong,
but that's not an issue of THIS code location.

Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the security mailing list