Module Name: src Committed By: riz Date: Tue Apr 5 06:23:25 UTC 2011
Modified Files: src/lib/libc/net [netbsd-5-1]: getservbyname_r.c getservbyport_r.c Log Message: Apply patch (requested by christos in ticket #1593): lib/libc/net/getservbyname_r.c patch lib/libc/net/getservbyport_r.c patch Protect against stack smashes (from Maksymilian Arciemowicz) To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.6.28.1 src/lib/libc/net/getservbyname_r.c \ src/lib/libc/net/getservbyport_r.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/lib/libc/net/getservbyname_r.c diff -u src/lib/libc/net/getservbyname_r.c:1.6 src/lib/libc/net/getservbyname_r.c:1.6.28.1 --- src/lib/libc/net/getservbyname_r.c:1.6 Wed Mar 21 02:35:39 2007 +++ src/lib/libc/net/getservbyname_r.c Tue Apr 5 06:23:25 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: getservbyname_r.c,v 1.6 2007/03/21 02:35:39 christos Exp $ */ +/* $NetBSD: getservbyname_r.c,v 1.6.28.1 2011/04/05 06:23:25 riz Exp $ */ /* * Copyright (c) 1983, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)getservbyname.c 8.1 (Berkeley) 6/4/93"; #else -__RCSID("$NetBSD: getservbyname_r.c,v 1.6 2007/03/21 02:35:39 christos Exp $"); +__RCSID("$NetBSD: getservbyname_r.c,v 1.6.28.1 2011/04/05 06:23:25 riz Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -70,6 +70,8 @@ key.size = snprintf(buf, sizeof(buf), "\376%s/%s", name, proto); key.size++; + if (key.size > sizeof(buf)) + return NULL; if ((*db->get)(db, &key, &data, 0) != 0) return NULL; Index: src/lib/libc/net/getservbyport_r.c diff -u src/lib/libc/net/getservbyport_r.c:1.6 src/lib/libc/net/getservbyport_r.c:1.6.28.1 --- src/lib/libc/net/getservbyport_r.c:1.6 Wed Mar 21 02:35:39 2007 +++ src/lib/libc/net/getservbyport_r.c Tue Apr 5 06:23:25 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: getservbyport_r.c,v 1.6 2007/03/21 02:35:39 christos Exp $ */ +/* $NetBSD: getservbyport_r.c,v 1.6.28.1 2011/04/05 06:23:25 riz Exp $ */ /* * Copyright (c) 1983, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)getservbyport.c 8.1 (Berkeley) 6/4/93"; #else -__RCSID("$NetBSD: getservbyport_r.c,v 1.6 2007/03/21 02:35:39 christos Exp $"); +__RCSID("$NetBSD: getservbyport_r.c,v 1.6.28.1 2011/04/05 06:23:25 riz Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -71,6 +71,8 @@ key.size = snprintf(buf, sizeof(buf), "\377%d/%s", port, proto); key.size++; + if (key.size > sizeof(buf)) + return NULL; if ((*db->get)(db, &key, &data, 0) != 0) return NULL;