Module Name: src Committed By: snj Date: Sat Dec 31 20:52:16 UTC 2011
Modified Files: src/lib/libtelnet [netbsd-4-0]: encrypt.c Log Message: Pull up following revision(s) (requested by christos in ticket #1440): lib/libtelnet/encrypt.c: revision 1.15 Avoid buffer overflow, reported by Colin Percival at FreeBSD To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.13.14.1 src/lib/libtelnet/encrypt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/lib/libtelnet/encrypt.c diff -u src/lib/libtelnet/encrypt.c:1.13 src/lib/libtelnet/encrypt.c:1.13.14.1 --- src/lib/libtelnet/encrypt.c:1.13 Sun Feb 6 05:53:07 2005 +++ src/lib/libtelnet/encrypt.c Sat Dec 31 20:52:16 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: encrypt.c,v 1.13 2005/02/06 05:53:07 perry Exp $ */ +/* $NetBSD: encrypt.c,v 1.13.14.1 2011/12/31 20:52:16 snj Exp $ */ /*- * Copyright (c) 1991, 1993 @@ -33,7 +33,7 @@ #if 0 static char sccsid[] = "@(#)encrypt.c 8.2 (Berkeley) 5/30/95"; #else -__RCSID("$NetBSD: encrypt.c,v 1.13 2005/02/06 05:53:07 perry Exp $"); +__RCSID("$NetBSD: encrypt.c,v 1.13.14.1 2011/12/31 20:52:16 snj Exp $"); #endif /* not lint */ /* @@ -767,6 +767,8 @@ encrypt_keyid(kp, keyid, len) if (ep->keyid) (void)(*ep->keyid)(dir, kp->keyid, &kp->keylen); + } else if (len > sizeof(kp->keyid)) { + return; } else if ((len != kp->keylen) || (memcmp(keyid, kp->keyid, len) != 0)) { /*