Hello, The attached patch fixes a memory corruption issue while parsing syslogd’s configuration file.
Thanks, Ludo’.
>From 7a7d8547dc2681f7bc97360a61c943c21590e491 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <[email protected]> Date: Wed, 1 Apr 2015 21:59:47 +0200 Subject: [PATCH] syslogd: Fix possible memory corruption while reading configuration file. --- ChangeLog | 7 +++++++ src/syslogd.c | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index f93388a..247209f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2015-04-01 Ludovic Courtès <[email protected]> + + * src/syslogd.c (load_conffile): Use 'bcopy' instead of 'strcpy' + since the two regions may overlap. + Reported by Alex Kost <[email protected]> + at <http://lists.gnu.org/archive/html/guix-devel/2015-03/msg00780.html>. + 2015-03-31 Alfred M. Szmidt <[email protected]> * doc/inetutils.texi: Re-order chapters. diff --git a/src/syslogd.c b/src/syslogd.c index c1280e9..dd99dda 100644 --- a/src/syslogd.c +++ b/src/syslogd.c @@ -1989,7 +1989,7 @@ load_conffile (const char *filename, struct filed **nextp) if (*p == '\0' || *p == '#') continue; - strcpy (cline, p); + bcopy (p, cline, strlen (p) + 1); /* Cut the trailing spaces. */ for (p = strchr (cline, '\0'); isspace (*--p);) -- 2.2.1
