diff options
| author | Damien Miller <djm@mindrot.org> | 2010-02-12 07:35:08 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2010-02-12 07:35:08 +1100 |
| commit | 17751bcab25681d341442fdc2386a30a6bea345e (patch) | |
| tree | 95324d17124e072d255424307687168cb45d3d55 | |
| parent | 1d2bfc41180087391303145f1bec9f4f4f7cd8fb (diff) | |
- djm@cvs.openbsd.org 2010/02/02 22:49:34
[bufaux.c]
make buffer_get_string_ret() really non-fatal in all cases (it was
using buffer_get_int(), which could fatal() on buffer empty);
ok markus dtucker
| -rw-r--r-- | ChangeLog | 8 | ||||
| -rw-r--r-- | bufaux.c | 7 |
2 files changed, 13 insertions, 2 deletions
| @@ -1,3 +1,11 @@ | |||
| 1 | 20100212 | ||
| 2 | - (djm) OpenBSD CVS Sync | ||
| 3 | - djm@cvs.openbsd.org 2010/02/02 22:49:34 | ||
| 4 | [bufaux.c] | ||
| 5 | make buffer_get_string_ret() really non-fatal in all cases (it was | ||
| 6 | using buffer_get_int(), which could fatal() on buffer empty); | ||
| 7 | ok markus dtucker | ||
| 8 | |||
| 1 | 20100210 | 9 | 20100210 |
| 2 | - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for | 10 | - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for |
| 3 | getseuserbyname; patch from calebcase AT gmail.com via | 11 | getseuserbyname; patch from calebcase AT gmail.com via |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bufaux.c,v 1.47 2010/01/12 01:36:08 djm Exp $ */ | 1 | /* $OpenBSD: bufaux.c,v 1.48 2010/02/02 22:49:34 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -166,7 +166,10 @@ buffer_get_string_ret(Buffer *buffer, u_int *length_ptr) | |||
| 166 | u_int len; | 166 | u_int len; |
| 167 | 167 | ||
| 168 | /* Get the length. */ | 168 | /* Get the length. */ |
| 169 | len = buffer_get_int(buffer); | 169 | if (buffer_get_int_ret(&len, buffer) != 0) { |
| 170 | error("buffer_get_string_ret: cannot extract length"); | ||
| 171 | return (NULL); | ||
| 172 | } | ||
| 170 | if (len > 256 * 1024) { | 173 | if (len > 256 * 1024) { |
| 171 | error("buffer_get_string_ret: bad string length %u", len); | 174 | error("buffer_get_string_ret: bad string length %u", len); |
| 172 | return (NULL); | 175 | return (NULL); |