projects
/
freeradius.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
0824dd5
)
log: Check message buffer length to avoid overflow
author
Nikolai Kondrashov
<Nikolai.Kondrashov@redhat.com>
Tue, 3 Feb 2015 11:10:52 +0000
(12:10 +0100)
committer
Nikolai Kondrashov
<Nikolai.Kondrashov@redhat.com>
Tue, 3 Feb 2015 11:10:52 +0000
(12:10 +0100)
Check that adding strlcpy result to the message length didn't exceed
size of the message buffer to avoid underflow in calculating remaining
size and overflowing the buffer.
src/main/log.c
patch
|
blob
|
history
diff --git
a/src/main/log.c
b/src/main/log.c
index
7470897
..
16d3faf
100644
(file)
--- a/
src/main/log.c
+++ b/
src/main/log.c
@@
-311,6
+311,8
@@
void radlog_request(int lvl, int priority, REQUEST *request, const char *msg, ..
if (len < sizeof(buffer)) {
len += strlcpy(buffer + len, fr_int2str(levels, (lvl & ~L_CONS), ": "), sizeof(buffer) - len);
+ if (len >= sizeof(buffer))
+ len = sizeof(buffer) - 1;
}
}