Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/dist/smbfs/lib/smb nb_name_len does not increase size when n...
details: https://anonhg.NetBSD.org/src/rev/c53c552ddac7
branches: trunk
changeset: 325272:c53c552ddac7
user: stacktic <stacktic%NetBSD.org@localhost>
date: Sun Dec 15 21:48:55 2013 +0000
description:
nb_name_len does not increase size when nn_scope contains only a \0,
do the same on nb_name_encode to avoid a buffer overflow
diffstat:
dist/smbfs/lib/smb/nb_name.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diffs (21 lines):
diff -r 8e1749897253 -r c53c552ddac7 dist/smbfs/lib/smb/nb_name.c
--- a/dist/smbfs/lib/smb/nb_name.c Sun Dec 15 21:45:07 2013 +0000
+++ b/dist/smbfs/lib/smb/nb_name.c Sun Dec 15 21:48:55 2013 +0000
@@ -33,7 +33,7 @@
*/
#include <sys/cdefs.h>
-__RCSID("$NetBSD: nb_name.c,v 1.6 2013/12/15 21:45:07 stacktic Exp $");
+__RCSID("$NetBSD: nb_name.c,v 1.7 2013/12/15 21:48:55 stacktic Exp $");
#include <sys/param.h>
#include <sys/socket.h>
@@ -183,7 +183,7 @@
cp += 2;
}
*cp = 0;
- if (np->nn_scope == NULL)
+ if (np->nn_scope == NULL || *np->nn_scope == 0)
return nb_encname_len(dst);
plen = cp++;
lblen = 0;
Home |
Main Index |
Thread Index |
Old Index