[Git][NTPsec/ntpsec][master] 2 commits: Fix CID 434864

[Hal Murray (@hal.murray)]

Hal Murray pushed to branch master at NTPsec / ntpsec


Commits:
21a754a6 by Hal Murray at 2023-02-11T13:44:02-08:00
Fix CID 434864

- - - - -
6393f2c8 by Hal Murray at 2023-02-11T13:44:02-08:00
Another try at CID 85317

There was a coverity[weak_crypto] in there.
I think coverity[DC.WEAK_CRYPTO] might work.

- - - - -


2 changed files:

- libntp/numtoa.c
- ntpd/ntp_control.c


Changes:

=====================================
libntp/numtoa.c
=====================================
@@ -40,9 +40,8 @@ refid_str(
 	}
 	tlen = strlen(text);
 	if (0 == tlen) {
-	  strlcat(text, "?", sizeof(text));
+	  strlcat(text, "?", LIB_BUFLENGTH);
 	}
-	text[tlen] = '\0';
 
 	return text;
 }


=====================================
ntpd/ntp_control.c
=====================================
@@ -2626,7 +2626,7 @@ send_mru_entry(
 
 	remaining = COUNTOF(sent);
 	ZERO(sent);
-	/* coverity[weak_crypto] */
+	/* coverity[DC.WEAK_CRYPTO] */
 	noise = (uint32_t)random();
 	while (remaining > 0) {
 #ifdef USE_RANDOMIZE_RESPONSES



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/b9343e8d857eac33174d50dcb6c3aee213fe45a7...6393f2c8b4a755c2808a1b295a7063c229c9286d

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/b9343e8d857eac33174d50dcb6c3aee213fe45a7...6393f2c8b4a755c2808a1b295a7063c229c9286d
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20230211/14ab90b8/attachment-0001.htm>