fix base64.c "overrun"
Oliver Pinter
oliver.pinter at hardenedbsd.org
Mon Nov 24 17:20:06 UTC 2014
On Mon, Nov 24, 2014 at 5:50 PM, Ed Maste <emaste at freebsd.org> wrote:
> On 22 November 2014 at 17:09, Ted Unangst <tedu at tedunangst.com> wrote:
>> From inspection, it appears FreeBSD's libc base64.c will sometimes
>> erroneously fail to decode a base64 string into a precisely sized
>> buffer. The overflow check is a little too greedy. The same bug was
>> fixed in OpenBSD; it would be helpful if FreeBSD adopted the fix as
>> well. :)
>>
>> http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/net/base64.c.diff?r1=1.6&r2=1.7
>
> Thanks for the heads-up Ted, I'll take care of getting the fix in.
Hi Ed!
Check this: https://github.com/HardenedBSD/hardenedBSD/issues/68
https://github.com/HardenedBSD/hardenedBSD/commit/d6e5388b831b190a0ff39898d354ab68b9b6a965
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
More information about the freebsd-hackers
mailing list