]> CyberLeo.Net >> Repos - FreeBSD/stable/8.git/commit
projects / FreeBSD / stable / 8.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0918c69) | patch
MFC r205654:
authordelphij <delphij@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Thu, 25 Mar 2010 20:07:30 +0000 (20:07 +0000)
committerdelphij <delphij@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
Thu, 25 Mar 2010 20:07:30 +0000 (20:07 +0000)
commit3b23dd3afb6b6f02c06644a5b028a94d18ba2eba
treeb911f88739cbeed6c5b809e827435345b433fadctree | snapshot
parent0918c6990b21652cd59a4b8e55604d64cfb0cd76commit | diff
MFC r205654:

The rmt client in GNU cpio could have a heap overflow when a malicious
remote tape service returns deliberately crafted packets containing
more data than requested.

Fix this by checking the returned amount of data and bail out when it
is more than what we requested.

PR: gnu/145010
Submitted by: naddy
Reviewed by: imp
Security: CVE-2010-0624

git-svn-id: svn://svn.freebsd.org/base/stable/8@205655 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
contrib/cpio/lib/rtapelib.c diff | blob | history
8-STABLE