Module Name: src Committed By: snj Date: Sat Apr 18 00:26:31 UTC 2009
Modified Files: src/dist/ntp/ntpq [netbsd-3-0]: ntpq.c Log Message: Pull up following revision(s) (requested by christos in ticket #2009): dist/ntp/ntpq/ntpq.c: revision 1.12 Fix: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0159 Using: https://support.ntp.org/bugs/show_bug.cgi?id=1144 To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.6.10.1 src/dist/ntp/ntpq/ntpq.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/dist/ntp/ntpq/ntpq.c diff -u src/dist/ntp/ntpq/ntpq.c:1.6 src/dist/ntp/ntpq/ntpq.c:1.6.10.1 --- src/dist/ntp/ntpq/ntpq.c:1.6 Thu Dec 4 16:23:38 2003 +++ src/dist/ntp/ntpq/ntpq.c Sat Apr 18 00:26:31 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: ntpq.c,v 1.6 2003/12/04 16:23:38 drochner Exp $ */ +/* $NetBSD: ntpq.c,v 1.6.10.1 2009/04/18 00:26:31 snj Exp $ */ /* * ntpq - query an NTP server using mode 6 commands @@ -3122,9 +3122,10 @@ if (!decodeuint(value, &uval)) output_raw = '?'; else { - char b[10]; + char b[12]; - (void) sprintf(b, "%03lo", uval); + (void) snprintf(b, sizeof(b), "%03lo", + uval); output(fp, name, b); } break;