Re: CVS commit: src/lib/libc/net

To: source-changes-d%NetBSD.org@localhost
Subject: Re: CVS commit: src/lib/libc/net
From: David Holland <dholland-sourcechanges%netbsd.org@localhost>
Date: Wed, 7 Dec 2016 02:27:52 +0000

On Tue, Dec 06, 2016 at 01:41:03PM -0500, Christos Zoulas wrote:
 > Module Name:	src
 > Committed By:	christos
 > Date:		Tue Dec  6 18:41:03 UTC 2016
 > 
 > Modified Files:
 > 	src/lib/libc/net: linkaddr.c
 > 
 > Log Message:
 > Fix buffer copy without checking the size of input:
 > https://www.kb.cert.org/vuls/id/548487

Doesn't this need 

-               if (out >= obuf + sizeof(obuf)) \
+               if (out >= obuf + sizeof(obuf) - 1) \

to avoid having the null terminator off the end?

-- 
David A. Holland
dholland%netbsd.org@localhost

Prev by Date: Re: CVS commit: src/tests/kernel
Next by Date: Re: CVS commit: src/tests/kernel
Previous by Thread: Re: CVS commit: src/tests/kernel
Next by Thread: Re: CVS commit: src
Indexes:

Home | Main Index | Thread Index | Old Index