aboutsummaryrefslogtreecommitdiffstats
path: root/dhcpcd-hooks
diff options
context:
space:
mode:
authorErik Kline <ek@google.com>2014-11-15 04:24:40 +0900
committerWolfgang Wiedmeyer <wolfgit@wiedmeyer.de>2015-12-06 18:33:41 +0100
commit2cd4f01b29e9e7bd2554cb9fe5ad2dd762d89874 (patch)
tree3f516c3d8cac227cc837dc995d86b81e179fe138 /dhcpcd-hooks
parentf90995451089db8e5d4a72641e74cf2e5c35074f (diff)
downloadexternal_dhcpcd-master.zip
external_dhcpcd-master.tar.gz
external_dhcpcd-master.tar.bz2
Fun with buffer overrruns.HEADmaster
In get_option(): don't read past the end of the option buffer. Also add a small unittest to verify sane behaviour for the above. The dhcpcd code is not easily refactored into a library, nor is it entirely possible to include some header files directly since some structures use C++ reserved keywords ("new") for variable names. In print_option(): use of snprintf() returns the length that /would/ have been written. Add checks that the output buffer is not overrun when printing. This fixes CVE-2014-7912 and CVE-2014-7913 Bug: 18356137 Bug: 18356135 Change-Id: I0f907b8a952208749226ba034a416d773e068f8a Tested-by: Moritz Bandemer <replicant@posteo.mx>
Diffstat (limited to 'dhcpcd-hooks')
0 files changed, 0 insertions, 0 deletions