From 6d6844d3db7a60700aba1a03b565183435faab20 Mon Sep 17 00:00:00 2001 From: cperciva Date: Fri, 23 Dec 2011 15:00:37 +0000 Subject: Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06] Add an API for alerting internal libc routines to the presence of "unsafe" paths post-chroot, and use it in ftpd. [11:07] Fix a buffer overflow in telnetd. [11:08] Make pam_ssh ignore unpassphrased keys unless the "nullok" option is specified. [11:09] Add sanity checking of service names in pam_start. [11:10] Approved by: so (cperciva) Approved by: re (bz) Security: FreeBSD-SA-11:06.bind Security: FreeBSD-SA-11:07.chroot Security: FreeBSD-SA-11:08.telnetd Security: FreeBSD-SA-11:09.pam_ssh Security: FreeBSD-SA-11:10.pam --- contrib/telnet/libtelnet/encrypt.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'contrib/telnet') diff --git a/contrib/telnet/libtelnet/encrypt.c b/contrib/telnet/libtelnet/encrypt.c index 8bdf672..f8e9194 100644 --- a/contrib/telnet/libtelnet/encrypt.c +++ b/contrib/telnet/libtelnet/encrypt.c @@ -721,6 +721,9 @@ encrypt_keyid(struct key_info *kp, unsigned char *keyid, int len) int dir = kp->dir; int ret = 0; + if (len > MAXKEYLEN) + len = MAXKEYLEN; + if (!(ep = (*kp->getcrypt)(*kp->modep))) { if (len == 0) return; -- cgit v1.1