[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-inetutils] [PATCH] tftpd: Avoid triggering buffer overflow detectio
|
From: |
Mike Gilbert |
|
Subject: |
[bug-inetutils] [PATCH] tftpd: Avoid triggering buffer overflow detection in glibc's strcpy. |
|
Date: |
Sat, 30 Dec 2017 16:15:47 -0500 |
---
ChangeLog | 6 ++++++
src/tftpd.c | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/ChangeLog b/ChangeLog
index ea93a846..32b23d0c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2017-12-30 Mike Gilbert <address@hidden>
+
+ tftpd: Avoid triggering buffer overflow detection in glibc's strcpy.
+
+ * src/tftpd.c (nak): Use memcpy to populate tp->th_msg.
+
2017-07-10 Omer Anson <address@hidden> (tiny change)
* src/hostname.c (parse_file): Free name and allocate one extra
diff --git a/src/tftpd.c b/src/tftpd.c
index 0f2e958e..ff931db0 100644
--- a/src/tftpd.c
+++ b/src/tftpd.c
@@ -864,8 +864,8 @@ nak (int error)
pe->e_msg = strerror (error - 100);
tp->th_code = EUNDEF; /* set 'undef' errorcode */
}
- strcpy (tp->th_msg, pe->e_msg);
length = strlen (pe->e_msg);
+ memcpy (tp->th_msg, pe->e_msg, length);
tp->th_msg[length] = '\0';
length += 5;
if (sendto (peer, buf, length, 0, (struct sockaddr *) &from, fromlen) !=
length)
--
2.16.0.rc0
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug-inetutils] [PATCH] tftpd: Avoid triggering buffer overflow detection in glibc's strcpy.,
Mike Gilbert <=