Article delegate-en/2793 of [1-5160] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] DeleGate/8.10.3(BETA) -- fixed a lot of overflows on arrays of char, pointers, and structures
14 Dec 2004 01:08:58 GMT (Yutaka Sato)
The DeleGate Project

Dear DeleGate users,

I inform you of the new release of DeleGate available as follows:
DeleGate/8.10.3(BETA) -- fixed a lot of overflows on arrays of char, pointers, and structures

This is the first version of DeleGate of which code is reviewed overall
about "buffer overflow".  The review covers any kind of arrays including
arrays of characters, or string buffer.  Through the review, more than
two hundreds of overflows, including several ones which can be caused
remotely and dangerous, have been found and fixed.

About a half of overflows were caused in standard functions for string
manipulation as strcpy().  In this release, Each strXXX() function is
replaced with XstrXXX() which does boundary checking before or during
achieving its function.

When a "writable string pointer" is passed from a function to a function,
it is passed together with its boundary information.  To do so
automatically, each pointer parameter and argument is wrapped with a
macro, as PVStr(param) and AVStr(arg).  The code needs to be compiled
as C++ program.   To make this wrapping work, "-DQS" and "-x c++" are
added to the default CFLAGS in Makefile.

The size of executable code increases about 30% compared with the code
which is compiled without "-DQS" and "-x c++".  But it is fairly small
compaired with the code by "Bounds Checking Gcc" which is about three
times large.

  FILE: delegate8.10.3.tar.{gz,bz2}
  DATE: Dec 14 09:45 JST 2004
  TAR-SIZE: 4730880 bytes
  TAR-MD5:  b4b433ef07fef027693fc972a1a78d2d

 + FTP: implemented SYST command (for Safari)
 * general: so many buffer overflows are fixed
 + SMTPGATE: fixed "ARCHIVE:${seqno}" and "${pid}" (6.1.0)
 + NNTP/HTTP: fixed to use '%' in POP/NNTP user name (7.9.11)
 + Resolvy: fixed RES_CONF=file:/path (8.9.3)
 + CHARCODE: fixed CHARSET= (disabled in 8.10.0)
 + Telnet: repaired disabled XDISPLOC substition for 'x' (8.10.0)
 + Telnet: fixed disconnection on pending ESC-seq. in code-conv. mode

  D G   Yutaka Sato <>
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]