Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
253,632 Commits 606 Branches 0 Tags 3.1 GiB
C 85.3%
Roff 7.2%
Assembly 3.1%
Shell 1.7%
Makefile 1.2%
Other 0.9%
Go to file
christos 73776b1cca From FreeBSD: 
netsmb: Fix buggy/racy smb_strdupin()

smb_strdupin() tried to roll a copyin() based strlen to allocate a buffer
and then blindly copyin that size.  Of course, a malicious user program
could simultaneously manipulate the buffer, resulting in a non-terminated
string being copied.

Later assumptions in the code rely upon the string being nul-terminated.

Just use copyinstr() and drop the racy sizing.

PR:		222687
Reported by:	Meng Xu <meng.xu AT gatech.edu>
Security:	possible local DoS
Sponsored by:	Dell EMC Isilon
 		2017-10-03 15:27:10 +00:00
bin Include time.h for time(2). Sort. 2017-10-02 21:55:35 +00:00
common * aarch64/memset.S didn't work! fixed some bugs. 2017-08-29 15:00:23 +00:00
compat Don't mix abis in any CRUNCHEDPROG 2017-01-05 21:28:42 +00:00
crypto Use getpwuid_r instead of getpwuid, so that we don't trash getpw*() internal 2017-09-08 15:29:43 +00:00
dist/pf
distrib add t_list test. 2017-10-02 13:01:11 +00:00
doc belatedly update ACPICA 2017-09-25 23:19:31 +00:00
etc update for xkeyboard-config 2.21. 2017-08-29 07:53:54 +00:00
external Remove debugging log statement 2017-09-28 02:32:51 +00:00
extsrc
games Include time.h for time. Drop sys/types.h and expect basic working 2017-10-02 22:03:10 +00:00
include Add missing strfmon_l. Noticed by Bruno Haible. Add test case. 2017-08-16 13:53:19 +00:00
lib PR/52578: Benjamin M. Schwartz: sync the internal copy of res_nquery for 2017-09-29 00:04:33 +00:00
libexec make this compile. 2017-10-02 22:14:32 +00:00
regress Don't test call gates, they are not supported anymore. 2017-08-30 15:46:19 +00:00
rescue Remove MKCRYPTO option. 2017-05-21 15:28:36 +00:00
sbin clarify that alignment is the number of bytes to align to. 2017-10-03 06:55:04 +00:00
share Wording improvements for previous from maxv. 2017-10-02 12:55:10 +00:00
sys From FreeBSD: 2017-10-03 15:27:10 +00:00
tests Update recently-added test to adapt to new signature of LIST_MOVE() 2017-10-02 05:14:29 +00:00
tools Be consistent with our header. 2017-10-03 10:28:30 +00:00
usr.bin unistd.h for close. 2017-10-02 21:53:55 +00:00
usr.sbin Print ACPI_HEST_GHES_ASSIST flag (ACPI 6.2). 2017-09-28 06:55:08 +00:00
BUILDING regen 2017-05-21 15:30:20 +00:00
Makefile don't descend into gnu 2017-04-11 14:04:15 +00:00
Makefile.inc
UPDATING note GMP 6.1.2 release and the build issues that may occur. 2017-08-22 10:04:44 +00:00
build.sh Simplify. 2017-10-03 11:02:36 +00:00