https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724279
I just ran the static analysis tool "cppcheck" over the source
code of ssmtp-2.64
It said many things, including
[arpadate.c:70]: (error) Buffer is accessed out of bounds.
[arpadate.c:72]: (error) Buffer is accessed out of bounds.
Source code is
if (offset>= 0)
sprintf (timezone, "+%02d%02d", offset / 60, offset % 60);
else
sprintf (timezone, "-%02d%02d", -offset / 60, -offset % 60);
so that's six bytes written into timezone. But
static char timezone[3];
Suggest increase size of timezone
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724279
I just ran the static analysis tool "cppcheck" over the source
code of ssmtp-2.64
It said many things, including
Source code is
so that's six bytes written into timezone. But
static char timezone[3];
Suggest increase size of timezone