Eggdev: [PATCH] CVE-2007-2807: stack-based buffer overflow
wcc at techmonkeys.org
Wed Oct 17 01:48:47 CST 2007
Extremely sorry for the late response. Your e-mail got caught up in our
mailing list approval queue :) Thanks for the patch; it has been
committed (with slight modifications) to CVS for Eggdrop 1.6.19.
The only modifications I made were to use some of our macros for
snprintf/strncpy (egg_snprintf() and strncpyz() respectively). We have a
compatibility layer for systems that don't support snprintf(), and we
use strncpyz() in most places to replace strncpy().
Nico Golde wrote:
> I wrote a patch to fix
> but since I am no eggdrop user I have problems testing it, I
> have no idea how to use eggdrop and I am too lazy to learn
> The patch is attached, can you please state if it should
> work or not?
> Please Cc me, I am not subscribed.
> Kind regards
More information about the Eggdev