https://bugzilla.balabit.com/show_bug.cgi?id=254 --- Comment #1 from Balazs Scheidler <bazsi@balabit.hu> 2013-10-09 15:51:44 --- This patch should solve this (now on 3.5 master) @Algernon, can you please backport this to 3.4 when you have a chance? Thanks $ git show commit f8401c1f87622c3220f8822b46bef53ead51da44 Author: Balazs Scheidler <bazsi@balabit.hu> Date: Wed Oct 9 15:49:22 2013 +0200 db-parser: fixed @STRING@ parser when ran at the end of the message When @STRING@ was used right at the end of the message, it stepped outside its input buffer and adding memory garbage to the parsed value. This could only happen if: - the parsing parameter specifies characters in addition to isalnum() - the characters after the input buffer are either alphanumeric are within the characters specified as terminating characters or NUL Reported-by: Evan Rempel <erempel@uvic.ca> Signed-off-by: Balazs Scheidler <bazsi@balabit.hu> diff --git a/modules/dbparser/radix.c b/modules/dbparser/radix.c index ce065a3..5885f90 100644 --- a/modules/dbparser/radix.c +++ b/modules/dbparser/radix.c @@ -41,7 +41,7 @@ r_parser_string(guint8 *str, gint *len, const gchar *param, gpointer state, RPar { *len = 0; - while (g_ascii_isalnum(str[*len]) || (param && strchr(param, str[*len]))) + while (str[*len] && (g_ascii_isalnum(str[*len]) || (param && strchr(param, str[*len])))) (*len)++; if (*len > 0) -- Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.