UdmSearch version: 3.0.7b
Platform:
OS:
Database:
Statistics:
in proto.c, around line 590
// you sprintf() into a string the size of which you do not check.
// see sprintf manpage for hints :
// \"[...]Because sprintf and vsprintf assume an infinitely long
// string, callers must be careful not to overflow the actual
// space; this is often impossible to assure[...]\"
// so, if you have a very large document containing urls (a newsgroup with, say, 30000
messages) you segfault _badly_
// because you only allocate MaxDocSize bytes for indexer->buf
//
I\'ve seen other bugs of the type while scanning over the source. IMHO, memory
management and bounds-checking must be improved considerably...
I\'d like do do it but just don\'t have the time to do so, because I have to get the
thing running here quickly... I hope to help, though.
greetings,
Heiko Stoermer
______________
If you want to unsubscribe send "unsubscribe udmsearch"
to [EMAIL PROTECTED]
