Fix string overflow
ClosedPublic
Actions

Authored by trasz on Aug 31 2020, 1:54 PM.

Details

Reviewers

Commits

rS365040: Fix string overflow that could occur during redirection due to passing

Summary

Fix string overflow that could occur during redirection by passing
the right length to strlcpy(3). It looks like it could overflow
into the next field, isc_user, which is properly long to accomodate
for it; I don't think it could cause any harm other than breaking
the connection.

Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

trasz created this revision.Aug 31 2020, 1:54 PM

Herald added a subscriber: imp. · View Herald TranscriptAug 31 2020, 1:54 PM

trasz requested review of this revision.Aug 31 2020, 1:54 PM

Harbormaster completed remote builds in B33251: Diff 76397.Aug 31 2020, 1:54 PM

trasz added a reviewer: mav.Aug 31 2020, 2:09 PM

trasz edited the summary of this revision. (Show Details)Aug 31 2020, 2:23 PM

mav accepted this revision.Aug 31 2020, 2:29 PM

This revision is now accepted and ready to land.Aug 31 2020, 2:29 PM

allanjude added a subscriber: siderop1_netapp.com.Aug 31 2020, 3:13 PM

Closed by commit rS365040: Fix string overflow that could occur during redirection due to passing (authored by trasz). · Explain WhySep 1 2020, 2:52 PM

This revision was automatically updated to reflect the committed changes.

trasz added a commit: rS365040: Fix string overflow that could occur during redirection due to passing.

Revision Contents
Changeset List

Path

Size

head/

usr.sbin/

iscsid/

2 lines

Diff 76484

View Options

head/usr.sbin/iscsid/login.c

	Show All 31 Lines

	#include <machine/elf.h>			#include <machine/elf.h>
	#include <sys/types.h>			#include <sys/types.h>
	#include <sys/queue.h>			#include <sys/queue.h>

	#include <elf-hints.h>			#include <elf-hints.h>
	#include <link.h>			#include <link.h>
	#include <stdarg.h>			#include <stdarg.h>
				#include <stdbool.h>
	#include <setjmp.h>			#include <setjmp.h>
	#include <stddef.h>			#include <stddef.h>

	#include "rtld_lock.h"			#include "rtld_lock.h"
	#include "rtld_machdep.h"			#include "rtld_machdep.h"

	#define NEW(type) ((type *) xmalloc(sizeof(type)))			#define NEW(type) ((type *) xmalloc(sizeof(type)))
	#define CNEW(type) ((type *) xcalloc(1, sizeof(type)))			#define CNEW(type) ((type *) xcalloc(1, sizeof(type)))

	/* We might as well do booleans like C++. */
	typedef unsigned char bool;
	#define false 0
	#define true 1

	extern size_t tls_last_offset;			extern size_t tls_last_offset;
	extern size_t tls_last_size;			extern size_t tls_last_size;
	extern size_t tls_static_space;			extern size_t tls_static_space;
	extern Elf_Addr tls_dtv_generation;			extern Elf_Addr tls_dtv_generation;
	extern int tls_max_index;			extern int tls_max_index;

	extern int npagesizes;			extern int npagesizes;
	▲ Show 20 Lines • Show All 363 Lines • Show Last 20 Lines

Fix string overflowClosedPublicActions