Module Name: src
Committed By: snj
Date: Sat Dec 31 20:52:16 UTC 2011
Modified Files:
src/lib/libtelnet [netbsd-4-0]: encrypt.c
Log Message:
Pull up following revision(s) (requested by christos in ticket #1440):
lib/libtelnet/encrypt.c: revision 1.15
Avoid buffer overflow, reported by Colin Percival at FreeBSD
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.13.14.1 src/lib/libtelnet/encrypt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libtelnet/encrypt.c
diff -u src/lib/libtelnet/encrypt.c:1.13 src/lib/libtelnet/encrypt.c:1.13.14.1
--- src/lib/libtelnet/encrypt.c:1.13 Sun Feb 6 05:53:07 2005
+++ src/lib/libtelnet/encrypt.c Sat Dec 31 20:52:16 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: encrypt.c,v 1.13 2005/02/06 05:53:07 perry Exp $ */
+/* $NetBSD: encrypt.c,v 1.13.14.1 2011/12/31 20:52:16 snj Exp $ */
/*-
* Copyright (c) 1991, 1993
@@ -33,7 +33,7 @@
#if 0
static char sccsid[] = "@(#)encrypt.c 8.2 (Berkeley) 5/30/95";
#else
-__RCSID("$NetBSD: encrypt.c,v 1.13 2005/02/06 05:53:07 perry Exp $");
+__RCSID("$NetBSD: encrypt.c,v 1.13.14.1 2011/12/31 20:52:16 snj Exp $");
#endif /* not lint */
/*
@@ -767,6 +767,8 @@ encrypt_keyid(kp, keyid, len)
if (ep->keyid)
(void)(*ep->keyid)(dir, kp->keyid, &kp->keylen);
+ } else if (len > sizeof(kp->keyid)) {
+ return;
} else if ((len != kp->keylen) ||
(memcmp(keyid, kp->keyid, len) != 0)) {
/*
