On Thu, May 31, 2012 at 8:09 AM, Mirko Vogt <mi...@openwrt.org> wrote: > The project isn't really maintained anymore, but it's definitely worth a > try getting a fix upstream. > The patch applies and is working, however I wonder whether it creates a > memleak, since strdup is called which allocates memory which doesn't get > free'ed again. >
Since Im the OpenWRT "maintainer" I can get it commit, but, honestly it should be really resolved upstream, so Ill contact the author, and see if 1) hell fix it, 2) if not if he wants to release the project to me in its entirety to continue the effort. > On 05/31/2012 11:33 AM, John Crispin wrote: >> On 31/05/12 11:23, Moritz Warning wrote: >>> Sorry, I wasn't very specific; nodogsplash exits rather than crashing. >>> It uses a safe_strdup call that exits in this case. >>> >> >> That still makes it a remote DoS exploit :-) >> _______________________________________________ >> openwrt-devel mailing list >> openwrt-devel@lists.openwrt.org >> https://lists.openwrt.org/mailman/listinfo/openwrt-devel > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
