svn commit: r272961 - head/usr.sbin/rtsold
Hiroki Sato
hrs at FreeBSD.org
Sat Oct 11 20:46:07 UTC 2014
Author: hrs
Date: Sat Oct 11 20:46:06 2014
New Revision: 272961
URL: https://svnweb.freebsd.org/changeset/base/272961
Log:
Fix buffer overrun.
MFC after: 1 day
Modified:
head/usr.sbin/rtsold/rtsol.c
Modified: head/usr.sbin/rtsold/rtsol.c
==============================================================================
--- head/usr.sbin/rtsold/rtsol.c Sat Oct 11 20:35:36 2014 (r272960)
+++ head/usr.sbin/rtsold/rtsol.c Sat Oct 11 20:46:06 2014 (r272961)
@@ -933,7 +933,8 @@ dname_labeldec(char *dst, size_t dlen, c
dst_origin = dst;
memset(dst, '\0', dlen);
while (src && (len = (uint8_t)(*src++) & 0x3f) &&
- (src + len) <= src_last) {
+ (src + len) <= src_last &&
+ (dst - dst_origin < (ssize_t)dlen)) {
if (dst != dst_origin)
*dst++ = '.';
warnmsg(LOG_DEBUG, __func__, "labellen = %zd", len);
More information about the svn-src-all
mailing list