diff options
| author | roberto <roberto@FreeBSD.org> | 2009-04-19 23:34:52 +0000 |
|---|---|---|
| committer | roberto <roberto@FreeBSD.org> | 2009-04-19 23:34:52 +0000 |
| commit | c5461d7d838ecf010f9a551e548b1330f2201aaa (patch) | |
| tree | f8c47f9402e462cefdcf0cc827fee1fa1acebc26 | |
| parent | 78484b68cc4129fd85da402997e48b3a4c4dc1c4 (diff) | |
| download | FreeBSD-src-c5461d7d838ecf010f9a551e548b1330f2201aaa.zip FreeBSD-src-c5461d7d838ecf010f9a551e548b1330f2201aaa.tar.gz | |
Prevent a buffer overflow in ntpq. Patch taken from the PR database
after being committed to the official ntp tree and present in 4.2.4p7-rc2.
It will be MFH to the upcoming 7.2 pending re approval.
Obtained from: https://support.ntp.org/bugs/show_bug.cgi?id=1144
MFC after: 3 days
Security: http://www.securityfocus.com/bid/34481
CVE-2009-0159
| -rw-r--r-- | ntpq/ntpq.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ntpq/ntpq.c b/ntpq/ntpq.c index 9137940..4835d7e 100644 --- a/ntpq/ntpq.c +++ b/ntpq/ntpq.c @@ -3185,9 +3185,9 @@ cookedprint( if (!decodeuint(value, &uval)) output_raw = '?'; else { - char b[10]; + char b[12]; - (void) sprintf(b, "%03lo", uval); + (void) snprintf(b, sizeof(b), "%03lo", uval); output(fp, name, b); } break; |
