Date: Sat, 11 Oct 2014 20:46:07 +0000 (UTC) From: Hiroki Sato <hrs@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r272961 - head/usr.sbin/rtsold Message-ID: <201410112046.s9BKk7Hq078819@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: hrs Date: Sat Oct 11 20:46:06 2014 New Revision: 272961 URL: https://svnweb.freebsd.org/changeset/base/272961 Log: Fix buffer overrun. MFC after: 1 day Modified: head/usr.sbin/rtsold/rtsol.c Modified: head/usr.sbin/rtsold/rtsol.c ============================================================================== --- head/usr.sbin/rtsold/rtsol.c Sat Oct 11 20:35:36 2014 (r272960) +++ head/usr.sbin/rtsold/rtsol.c Sat Oct 11 20:46:06 2014 (r272961) @@ -933,7 +933,8 @@ dname_labeldec(char *dst, size_t dlen, c dst_origin = dst; memset(dst, '\0', dlen); while (src && (len = (uint8_t)(*src++) & 0x3f) && - (src + len) <= src_last) { + (src + len) <= src_last && + (dst - dst_origin < (ssize_t)dlen)) { if (dst != dst_origin) *dst++ = '.'; warnmsg(LOG_DEBUG, __func__, "labellen = %zd", len);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410112046.s9BKk7Hq078819>