|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: exploit code targeting OpenSSL and Mod_SSL ?
From: Arne Ansper (arne
ats.cyber.ee)
Date: Wed Apr 16 2003 - 04:12:27 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> There are also a number of calloc() overflow errors out there that
> affect openssl. Goto http://www.securitytracker.com and search on
> calloc() or openssl and you'll get a good list
Where do you find calloc() used in OpenSSL? OpenSSL does all memory
allocations via OPENSSL_malloc and OPENSSL_realloc wrapper functions that
use malloc and realloc by default. I just grepped OpenSSL source and did
not find a single occurence of calloc.
Arne
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]