diff options
author | Ollivier Robert <roberto@FreeBSD.org> | 2009-04-20 09:59:08 +0000 |
---|---|---|
committer | Ollivier Robert <roberto@FreeBSD.org> | 2009-04-20 09:59:08 +0000 |
commit | 0963cc7dac321263e6f595192d7e75b40e6a889e (patch) | |
tree | c02563594d9600bd6ed3da510d0aaf22dd72c985 /contrib | |
parent | f2e491c9c5eab52ba6a4482f87e914d49ef58bd4 (diff) | |
parent | 8c0610b9602c2bdb6f856c0808ad655599ad68f6 (diff) | |
download | src-0963cc7dac321263e6f595192d7e75b40e6a889e.tar.gz src-0963cc7dac321263e6f595192d7e75b40e6a889e.zip |
Merge r191298 into HEAD.
Prevent a buffer overflow in ntpq. Patch taken from the PR database
after being committed to the official ntp tree and present in 4.2.4p7-rc2.
It will be MFH to the upcoming 7.2 pending re approval.
Obtained from: https://support.ntp.org/bugs/show_bug.cgi?id=1144
MFC after: 3 days
Security: http://www.securityfocus.com/bid/34481
CVE-2009-0159
Notes
Notes:
svn path=/head/; revision=191302
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/ntp/ntpq/ntpq.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/contrib/ntp/ntpq/ntpq.c b/contrib/ntp/ntpq/ntpq.c index 91379408ff7c..4835d7e3546f 100644 --- a/contrib/ntp/ntpq/ntpq.c +++ b/contrib/ntp/ntpq/ntpq.c @@ -3185,9 +3185,9 @@ cookedprint( if (!decodeuint(value, &uval)) output_raw = '?'; else { - char b[10]; + char b[12]; - (void) sprintf(b, "%03lo", uval); + (void) snprintf(b, sizeof(b), "%03lo", uval); output(fp, name, b); } break; |