On Sat, Sep 27, 2014 at 8:10 PM, Jay Ashworth <jra@baylink.com> wrote:
I haven't an example case, but it is theoretically possible.
Qmail-smtpd has a buffer overflow vulnerability related to integer overflow which can only be reached when compiled on a 64-bit platform. x86_64 did not exist when the code was originally written. If memory serves, the author never acknowledged the vulnerability and declined to pay bounty or fix the bug stating that nobody allows gigabytes of RAM per smtp process. However.... you see, there you have a lingering bug that can be exposed under the right environment.... (Year 2030... computers have Petabytes of RAM... why would you seriously limit any one process to less than a terabyte....?) -> http://www.guninski.com/where_do_you_want_billg_to_go_today_4.html
Cheers, -- jra -- -JH