On Mon, 16 May 2011, David Stuart wrote:
> I think for a first pass I'm going to put this particular issue aside.. but
> I could see how it might result in a buffer overflow exploit so probably it
> should be fixed long term.
It shouldn't result in an overflow if the code just checks the lengths and
doesn't copy more than what fits in the target bufffer. Then the only thing we
risk then is that some day in some unforseen situation it doesn't work as
supposed.
As for the exact limit, I think we should unify the code to use the same
define all over.
-- / daniel.haxx.seReceived on 2011-05-16