HomeFreeBSD

MFC r335641:

Description

MFC r335641:

Fix a stack overflow in mount_smbfs when hostname is too long.

The local hostname was blindly copied into the to the nn_name array.
When the hostname exceeded 16 bytes, it would overflow. Truncate the
hostname to 15 bytes plus a 0 terminator which is the "workstation name"
suffix.

Use defensive strlcpy() when filling nn_name in all cases.

PR: 228354
Reported by: donald.buchholz@intel.com
Reviewed by: jpaetzel, ian (prior version)
Discussed with: Security Officer (gtetlow)
Security: Stack overflow with the hostname.
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15936

Details

Provenance
brooksAuthored on
Reviewer
jpaetzel
Differential Revision
D15936: Fix a stack overflow in mount_smbfs when hostname is too long.
Parents
rS335773: Revert preference to be an int.
Branches
Unknown
Tags
Unknown