Eggdev: [PATCH] CVE-2007-2807: stack-based buffer overflow

Will Buckner wcc at techmonkeys.org
Wed Oct 17 01:48:47 CST 2007


Nico,

Extremely sorry for the late response. Your e-mail got caught up in our 
mailing list approval queue :) Thanks for the patch; it has been 
committed (with slight modifications) to CVS for Eggdrop 1.6.19.

The only modifications I made were to use some of our macros for 
snprintf/strncpy (egg_snprintf() and strncpyz() respectively). We have a 
compatibility layer for systems that don't support snprintf(), and we 
use strncpyz() in most places to replace strncpy().

Thanks again!

Will
Nico Golde wrote:
> Hi,
> I wrote a patch to fix 
> http://www.eggheads.org/bugzilla/show_bug.cgi?id=462
> but since I am no eggdrop user I have problems testing it, I 
> have no idea how to use eggdrop and I am too lazy to learn 
> :)
>
> The patch is attached, can you please state if it should 
> work or not?
>
> Please Cc me, I am not subscribed.
>
> Kind regards
> Nico
>
>   




More information about the Eggdev mailing list