Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/lib/libc/gen PR/46279: Dr. W. Stukenbrock: Off-by-one in buf...
details: https://anonhg.NetBSD.org/src/rev/8851e38aaa26
branches: trunk
changeset: 778485:8851e38aaa26
user: christos <christos%NetBSD.org@localhost>
date: Thu Mar 29 14:43:58 2012 +0000
description:
PR/46279: Dr. W. Stukenbrock: Off-by-one in buffer length check and make sure
that the password fits in the supplied buffer.
diffstat:
lib/libc/gen/getpwent.c | 14 +++++++++-----
1 files changed, 9 insertions(+), 5 deletions(-)
diffs (44 lines):
diff -r 0c336dc18bb3 -r 8851e38aaa26 lib/libc/gen/getpwent.c
--- a/lib/libc/gen/getpwent.c Thu Mar 29 14:27:33 2012 +0000
+++ b/lib/libc/gen/getpwent.c Thu Mar 29 14:43:58 2012 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: getpwent.c,v 1.78 2012/03/29 13:05:10 christos Exp $ */
+/* $NetBSD: getpwent.c,v 1.79 2012/03/29 14:43:58 christos Exp $ */
/*-
* Copyright (c) 1997-2000, 2004-2005 The NetBSD Foundation, Inc.
@@ -88,7 +88,7 @@
#if 0
static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95";
#else
-__RCSID("$NetBSD: getpwent.c,v 1.78 2012/03/29 13:05:10 christos Exp $");
+__RCSID("$NetBSD: getpwent.c,v 1.79 2012/03/29 14:43:58 christos Exp $");
#endif
#endif /* LIBC_SCCS and not lint */
@@ -1230,7 +1230,7 @@
_DIAGASSERT(buf != NULL);
_DIAGASSERT(state != NULL);
- elen = strlen(entry);
+ elen = strlen(entry) + 1;
if (elen >= buflen)
return 0;
if (! _pw_parse(entry, pw, buf, buflen,
@@ -1248,10 +1248,14 @@
char *bp, *ep;
/* skip name to get password */
ep = data;
- if ((bp = strsep(&ep, ":")) != NULL &&
+ if (strsep(&ep, ":") != NULL &&
(bp = strsep(&ep, ":")) != NULL) {
/* store new pw_passwd after entry */
- strlcpy(buf + elen, bp, buflen - elen);
+ if (strlcpy(buf + elen, bp, buflen - elen) >=
+ buflen - elen) {
+ free(data);
+ return 0;
+ }
pw->pw_passwd = &buf[elen];
}
free(data);
Home |
Main Index |
Thread Index |
Old Index