Module Name: src Committed By: christos Date: Mon May 13 17:58:50 UTC 2013
Modified Files: src/sbin/disklabel: main.c Log Message: CVE 1020935: Prevent overflow To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/sbin/disklabel/main.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sbin/disklabel/main.c diff -u src/sbin/disklabel/main.c:1.32 src/sbin/disklabel/main.c:1.33 --- src/sbin/disklabel/main.c:1.32 Sun May 5 11:59:42 2013 +++ src/sbin/disklabel/main.c Mon May 13 13:58:50 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: main.c,v 1.32 2013/05/05 15:59:42 skrll Exp $ */ +/* $NetBSD: main.c,v 1.33 2013/05/13 17:58:50 christos Exp $ */ /* * Copyright (c) 2006 The NetBSD Foundation, Inc. @@ -76,7 +76,7 @@ __COPYRIGHT("@(#) Copyright (c) 1987, 19 static char sccsid[] = "@(#)disklabel.c 8.4 (Berkeley) 5/4/95"; /* from static char sccsid[] = "@(#)disklabel.c 1.2 (Symmetric) 11/28/85"; */ #else -__RCSID("$NetBSD: main.c,v 1.32 2013/05/05 15:59:42 skrll Exp $"); +__RCSID("$NetBSD: main.c,v 1.33 2013/05/13 17:58:50 christos Exp $"); #endif #endif /* not lint */ @@ -1835,6 +1835,12 @@ getasciilabel(FILE *f, struct disklabel errors++; continue; } + if (part >= __arraycount(lp->d_partitions)) { + warnx("line %d: partition id %s, >= %zu", lineno, + cp, __arraycount(lp->d_partitions)); + errors++; + continue; + } pp = &lp->d_partitions[part]; NXTXNUM(pp->p_size);