security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

avoid buffer strncpy-induced buffer overrun

Browse Source 
* dirmngr/crlcache.c (open_dir): Ensure that both this_update
and next_update member strings are NUL-terminated.
This commit is contained in:
Jim Meyering 2012-04-25 17:42:53 +02:00 committed by Werner Koch
parent 6e3882785a
commit 20c9ac4df3
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
dirmngr/crlcache.c
View File

@ -587,8 +587,14 @@ open_dir (crl_cache_t *r_cache)
case 2: entry->issuer_hash = p; break;
case 3: entry->issuer = unpercent_string (p); break;
case 4: entry->url = unpercent_string (p); break;
case 5: strncpy (entry->this_update, p, 15); break;
case 6: strncpy (entry->next_update, p, 15); break;
case 5:
strncpy (entry->this_update, p, 15);
entry->this_update[15] = 0;
break;
case 6:
strncpy (entry->next_update, p, 15);
entry->next_update[15] = 0;
break;
case 7: entry->dbfile_hash = p; break;
case 8: if (*p) entry->crl_number = p; break;
case 9: