Displaying 1 result from an estimated 1 matches for "seenmail".
Did you mean:
senmail
2004 Jan 20
0
short analysys of qmail integer overflow bug - let there be light
...r/qmail/control/databytes to
a reasonable value (for example 16384 = 16MB) will prevent the
possibility of exploitation regarding the integer overflow in function
blast().
That is not true.
This is how blast() is called:
void smtp_data() {
int hops;
unsigned long qp;
char *qqx;
if (!seenmail) { err_wantmail(); return; }
if (!rcptto.len) { err_wantrcpt(); return; }
seenmail = 0;
if (databytes) bytestooverflow = databytes + 1;
if (qmail_open(&qqt) == -1) { err_qqt(); return; }
qp = qmail_qp(&qqt);
out("354 go ahead\r\n");
received(&qqt,"SMTP&quo...