Date: Tue, 29 Dec 2020 16:43:02 GMT From: Kyle Evans <kevans@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 929eb23231d5 - stable/12 - Lift scope of buf[] to make it extend to a potential access via *basename Message-ID: <202012291643.0BTGh2Wo045926@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/12 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=929eb23231d5e5b19b57b7a514c7ff99d79967dc commit 929eb23231d5e5b19b57b7a514c7ff99d79967dc Author: Stefan Eßer <se@FreeBSD.org> AuthorDate: 2020-12-10 09:31:05 +0000 Commit: Kyle Evans <kevans@FreeBSD.org> CommitDate: 2020-12-29 16:37:32 +0000 Lift scope of buf[] to make it extend to a potential access via *basename It can be assumed that the contents of the buffer was still allocated and valid at the point of the out-of-scope access, so there was no security issue in practice. (cherry picked from commit 7483b9e4dcfb4c444f8b5d54117fb6c8c48c20e9) --- usr.sbin/crunch/crunchgen/crunched_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/crunch/crunchgen/crunched_main.c b/usr.sbin/crunch/crunchgen/crunched_main.c index 5ce4416a137f..45f61baae23e 100644 --- a/usr.sbin/crunch/crunchgen/crunched_main.c +++ b/usr.sbin/crunch/crunchgen/crunched_main.c @@ -114,6 +114,7 @@ main(int argc, char **argv, char **envp) { struct stub *ep = NULL; const char *basename = NULL; + char buf[MAXPATHLEN]; /* * Look at __progname first (this will be set if the crunched binary is @@ -141,7 +142,6 @@ main(int argc, char **argv, char **envp) * try AT_EXECPATH to get the actual binary that was executed. */ if (ep == NULL) { - char buf[MAXPATHLEN]; int error = elf_aux_info(AT_EXECPATH, &buf, sizeof(buf)); if (error == 0) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202012291643.0BTGh2Wo045926>