Fix for buffer overflow in command-line arguments to dnsquery(1) which

will be appearing in 8.2.3 Approved by: Paul A Vixie <vixie@mibh.net>
author: kris <kris@FreeBSD.org> 2000-08-23 09:25:05 +0000
committer: kris <kris@FreeBSD.org> 2000-08-23 09:25:05 +0000
commit: 0cde5af39957d47be39dccb2c23851221c739115 (patch)
tree: 06477d6141be33d185a45b3969b3677a4427492b /contrib
parent: 3f83b2963e3f1302f6507d3968aa3bfc93d7472d (diff)
download: FreeBSD-src-0cde5af39957d47be39dccb2c23851221c739115.zip
FreeBSD-src-0cde5af39957d47be39dccb2c23851221c739115.tar.gz
1 files changed, 12 insertions, 2 deletions
diff --git a/contrib/bind/bin/dnsquery/dnsquery.c b/contrib/bind/bin/dnsquery/dnsquery.c
index 218c8a8..31d5d62 100644
--- a/contrib/bind/bin/dnsquery/dnsquery.c
+++ b/contrib/bind/bin/dnsquery/dnsquery.c
@@ -80,7 +80,12 @@ main(int argc, char *argv[]) {
 		case 'p' :	res.retrans = atoi(optarg);
 				break;
 
-		case 'h' :	strcpy(name, optarg);
+		case 'h' :	if (strlen(optarg) >= sizeof(name)) {
+					fprintf(stderr,
+						"Domain name too long (%s)\n", optarg);
+					exit(-1);
+				} else
+					strcpy(name, optarg);
 				break;
 
 		case 'c' : {
@@ -158,7 +163,12 @@ main(int argc, char *argv[]) {
 		}
 	}
 	if (optind < argc)
-		strcpy(name, argv[optind]);
+		if (strlen(argv[optind]) >= sizeof(name)) {
+			fprintf(stderr,
+				"Domain name too long (%s)\n", argv[optind]);
+			exit(-1);
+		} else
+			strcpy(name, argv[optind]);
 
 	len = sizeof(answer);
author	kris <kris@FreeBSD.org>	2000-08-23 09:25:05 +0000
committer	kris <kris@FreeBSD.org>	2000-08-23 09:25:05 +0000
commit	0cde5af39957d47be39dccb2c23851221c739115 (patch)
tree	06477d6141be33d185a45b3969b3677a4427492b /contrib
parent	3f83b2963e3f1302f6507d3968aa3bfc93d7472d (diff)
download	FreeBSD-src-0cde5af39957d47be39dccb2c23851221c739115.zip FreeBSD-src-0cde5af39957d47be39dccb2c23851221c739115.tar.gz