4c886b7923
9dd9b68c4c44f0d9102eb85ee2fa36a8b7f638e3)
- Stop gssd from ignoring the machine credential caches (commit
46d439b17f22216ce8f9257a982c6ade5d1c5931)
- Fixed typo in the nfsstat command line arugments. (commit
acf95d32a44fd8357c24e8a04ec53fc6900bfc58)
- Added test to stop buffer overflow in idmapd (commit
bcd0fcaf0966c546da5043be700587f73174ae25)
29 lines
846 B
Diff
29 lines
846 B
Diff
commit bcd0fcaf0966c546da5043be700587f73174ae25
|
|
Author: NeilBrown <neilb@suse.de>
|
|
Date: Tue Feb 26 13:57:39 2008 -0500
|
|
|
|
If validateascii is passed a string containing only non-zero 7bit
|
|
values, then the loop with exit with i == len, and the following
|
|
test will access beyond the end of the array.
|
|
|
|
So add an extra test to fix this.
|
|
|
|
Found by Marcus Meissner <meissner@novell.com>.
|
|
|
|
Signed-off-by: NeilBrown <neilb@suse.de>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
|
|
index 355c6e1..6b5971c 100644
|
|
--- a/utils/idmapd/idmapd.c
|
|
+++ b/utils/idmapd/idmapd.c
|
|
@@ -848,7 +848,7 @@ validateascii(char *string, u_int32_t len)
|
|
return (-1);
|
|
}
|
|
|
|
- if (string[i] != '\0')
|
|
+ if ((i >= len) || string[i] != '\0')
|
|
return (-1);
|
|
|
|
return (i + 1);
|