[Git][NTPsec/ntpsec][master] ntp_control: Check for another potential buffer overrun.
Gary E. Miller
gitlab at mg.gitlab.com
Mon Oct 22 21:14:15 UTC 2018
Gary E. Miller pushed to branch master at NTPsec / ntpsec
Commits:
f9a8c039 by Gary E. Miller at 2018-10-22T21:13:29Z
ntp_control: Check for another potential buffer overrun.
count can be larger than the size of 'data'.
- - - - -
1 changed file:
- ntpd/ntp_control.c
Changes:
=====================================
ntpd/ntp_control.c
=====================================
@@ -887,6 +887,12 @@ process_control(
* Set up translate pointers
*/
reqpt = (char *)pkt->data;
+ if (CTL_MAX_DATA_LEN < req_count) {
+ /* count too big */
+ ctl_error(CERR_BADFMT);
+ numctlbadpkts++;
+ return;
+ }
reqend = reqpt + req_count;
/*
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/f9a8c03974079082025f67308deb8b670b0e7597
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/f9a8c03974079082025f67308deb8b670b0e7597
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20181022/27f388a6/attachment.html>
More information about the vc
mailing list