Module Name: src
Committed By: christos
Date: Mon May 13 17:58:50 UTC 2013
Modified Files:
src/sbin/disklabel: main.c
Log Message:
CVE 1020935: Prevent overflow
To generate a diff of this commit:
cvs rdiff -u -r1.32 -r1.33 src/sbin/disklabel/main.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sbin/disklabel/main.c
diff -u src/sbin/disklabel/main.c:1.32 src/sbin/disklabel/main.c:1.33
--- src/sbin/disklabel/main.c:1.32 Sun May 5 11:59:42 2013
+++ src/sbin/disklabel/main.c Mon May 13 13:58:50 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.32 2013/05/05 15:59:42 skrll Exp $ */
+/* $NetBSD: main.c,v 1.33 2013/05/13 17:58:50 christos Exp $ */
/*
* Copyright (c) 2006 The NetBSD Foundation, Inc.
@@ -76,7 +76,7 @@ __COPYRIGHT("@(#) Copyright (c) 1987, 19
static char sccsid[] = "@(#)disklabel.c 8.4 (Berkeley) 5/4/95";
/* from static char sccsid[] = "@(#)disklabel.c 1.2 (Symmetric) 11/28/85"; */
#else
-__RCSID("$NetBSD: main.c,v 1.32 2013/05/05 15:59:42 skrll Exp $");
+__RCSID("$NetBSD: main.c,v 1.33 2013/05/13 17:58:50 christos Exp $");
#endif
#endif /* not lint */
@@ -1835,6 +1835,12 @@ getasciilabel(FILE *f, struct disklabel
errors++;
continue;
}
+ if (part >= __arraycount(lp->d_partitions)) {
+ warnx("line %d: partition id %s, >= %zu", lineno,
+ cp, __arraycount(lp->d_partitions));
+ errors++;
+ continue;
+ }
pp = &lp->d_partitions[part];
NXTXNUM(pp->p_size);
