#42862 [Opn->Asn]: [PATCH] IMAP toolkit crash: rfc822.c legacy routine buffer overflow

Mon, 21 Jul 2008 14:48:14 -0700 

 ID:               42862
 Updated by:       [EMAIL PROTECTED]
 Reported By:      Maylein at ub dot uni-heidelberg dot de
-Status:           Open
+Status:           Assigned
 Bug Type:         IMAP related
 Operating System: *
 PHP Version:      5.2.6
-Assigned To:      
+Assigned To:      pajoye
 New Comment:

I will give it some love while working on the imap lib.


Previous Comments:
------------------------------------------------------------------------

[2008-07-08 18:27:11] david at blue-labs dot org

please fix 008_imap-bufferoverflows.patch to include the typedef for
RFC822BUFFER.

/* Output buffering for RFC [2]822 */

typedef long (*soutr_t) (void *stream,char *string);

typedef struct rfc822buffer {
  soutr_t f;                    /* I/O flush routine */
  void *s;                      /* stream for I/O routine */
  char *beg;                    /* start of buffer */
  char *cur;                    /* current buffer pointer */
  char *end;                    /* end of buffer */
} RFC822BUFFER;

------------------------------------------------------------------------

[2008-06-24 10:54:50] hoffie at gentoo dot org

This is CVE-2008-2829.

------------------------------------------------------------------------

[2008-06-18 17:43:50] hoffie at gentoo dot org

Over 7 months and two releases have passed, yet no developer even
commented on this *security* issue (according to the c-client devs). So
what's up with this, are there any problems with the patch? If yes,
would you mind pointing them out, so that one can try to fix them?

------------------------------------------------------------------------

[2008-05-27 13:06:39] falon at csi dot it

I use Horde Groupware Webmail Edition 1.0.6 with Apache/1.3.41 (Unix)
PHP/5.2.5 mod_ssl/2.8.31 OpenSSL/0.9.8g.

I had the same bug.

I tried sborril patch: it fix the problem also in my environment. I
appreciate if could be added to next release of php.

Regards

------------------------------------------------------------------------

[2008-04-03 21:55:29] pubear at u dot washington dot edu

I am using imap c-client 2007a with php-5.2.5.

I am working with an extensively modified version of:
http://migrationtool.sourceforge.net

I ran into this issue migrating people's mailboxes in Exchange Server. 
I wanted to confirm that the patch submitted by sborrill at precedence
dot co dot uk appears to have fixed the buffer overflow bug.

Thank you very much.

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/42862

-- 
Edit this bug report at http://bugs.php.net/?id=42862&edit=1

Reply via email to