buffer overflow in ne_ntlm.c

Joe Orton joe at manyfish.co.uk
Wed Dec 2 16:23:44 EST 2009

On Tue, Dec 01, 2009 at 10:21:39AM +0800, basic wrote:
> hi,
>   found a buffer overflow in ne_ntlm.c mkhash() function. memset() in line 359 should set
> 5 bytes rather than 8 (the same as line 338). Here's a patch to fix it.

Hi! Thanks for the patch, I've applied this.  I guess this doesn't have 
any security impact since at worst it's just going to crash - is that 
what it did for you?

Regards, Joe

More information about the neon mailing list