Blame SOURCES/iproute2-3.10.0-xfrm-state-overflow.patch
|
 |
5ebd6f |
From 7887635f629c5a73be5e2db0a1a8a221e8b16077 Mon Sep 17 00:00:00 2001
|
|
|
5ebd6f |
From: =?UTF-8?q?Petr=20=C5=A0abata?= <contyk@redhat.com>
|
|
|
5ebd6f |
Date: Wed, 17 Jul 2013 15:29:54 +0200
|
|
|
5ebd6f |
Subject: [PATCH] Avoid overflow segfault with FORTIFY_SOURCE
|
|
|
5ebd6f |
MIME-Version: 1.0
|
|
|
5ebd6f |
Content-Type: text/plain; charset=UTF-8
|
|
|
5ebd6f |
Content-Transfer-Encoding: 8bit
|
|
|
5ebd6f |
|
|
|
5ebd6f |
Signed-off-by: Petr Ĺ abata <contyk@redhat.com>
|
|
|
5ebd6f |
---
|
|
|
5ebd6f |
ip/xfrm_state.c | 6 +++++-
|
|
|
5ebd6f |
1 file changed, 5 insertions(+), 1 deletion(-)
|
|
|
5ebd6f |
|
|
|
5ebd6f |
diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
|
|
|
5ebd6f |
index 389942c..160ab32 100644
|
|
|
5ebd6f |
--- a/ip/xfrm_state.c
|
|
|
5ebd6f |
+++ b/ip/xfrm_state.c
|
|
|
5ebd6f |
@@ -157,12 +157,16 @@ static int xfrm_algo_parse(struct xfrm_algo *alg, enum xfrm_attr_type_t type,
|
|
|
5ebd6f |
buf[j] = val;
|
|
|
5ebd6f |
}
|
|
|
5ebd6f |
} else {
|
|
|
5ebd6f |
+ int i;
|
|
|
5ebd6f |
len = slen;
|
|
|
5ebd6f |
if (len > 0) {
|
|
|
5ebd6f |
if (len > max)
|
|
|
5ebd6f |
invarg("ALGO-KEYMAT value makes buffer overflow\n", key);
|
|
|
5ebd6f |
|
|
|
5ebd6f |
- strncpy(buf, key, len);
|
|
|
5ebd6f |
+ for (i = 0 ; i < len && key[i] != '\0'; i++)
|
|
|
5ebd6f |
+ buf[i] = key[i];
|
|
|
5ebd6f |
+ for ( ; i < len; i++)
|
|
|
5ebd6f |
+ buf[i] = '\0';
|
|
|
5ebd6f |
}
|
|
|
5ebd6f |
}
|
|
|
5ebd6f |
|
|
|
5ebd6f |
--
|
|
|
5ebd6f |
1.8.3.1
|
|
|
5ebd6f |
|