libutil: avoid an out-of-bounds read in trimdomain(3)
Needs ReviewPublic
Actions

Authored by kevans on Fri, Jan 9, 5:00 PM.

Details

Reviewers

brooks
jrtc27
olce

Group Reviewers

Klara

Summary

memchr(3) will happily believe we've passed in a valid object, but
hostsize could easily exceed the bounds of fullhost. Clamp it down to
the string size to be safe and avoid UB.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 69766
Build 66649: arc lint + arc unit

Event Timeline

kevans created this revision.Fri, Jan 9, 5:00 PM

Herald added a reviewer: olce. · View Herald TranscriptFri, Jan 9, 5:00 PM

Herald added a subscriber: imp. · View Herald Transcript

kevans requested review of this revision.Fri, Jan 9, 5:00 PM

Harbormaster completed remote builds in B69766: Diff 169405.Fri, Jan 9, 5:00 PM

kevans added a parent revision: D54622: libutil: take a size_t in trimdomain().Fri, Jan 9, 5:00 PM

Revision Contents
Changeset List

Path

Size

lib/

libutil/

tests/

trimdomain_test.c

4 lines

trimdomain.c

6 lines

Diff 169405

View Options

lib/libutil/tests/trimdomain_test.c