Subject: Re: [PATCH] Security: Validate response address, possibly related to CVE-2008-1447

Re: [PATCH] Security: Validate response address, possibly related to CVE-2008-1447

From: Yang Tse <yangsita_at_gmail.com>
Date: Tue, 26 Aug 2008 05:11:20 +0200

2008/8/25, Brad House wrote:

> > Verify if what I've just committed is actually what you intended.
> >
>
> I just reviewed the patch you committed:
> http://cool.haxx.se/cvs.cgi/curl/ares/ares_process.c.diff?r1=1.65&r2=1.66
>
> It's effect on systems which _do_ support recvfrom() is what I intended,
> but it doesn't do anything for systems which do not support recvfrom().

Updated now:
http://cool.haxx.se/cvs.cgi/curl/ares/ares_process.c.diff?r1=1.65&r2=1.67

-- 
-=[Yang]=-
Received on 2008-08-26