From: Timo Sirainen <tss@iki.fi>
Date: Sun, 24 Nov 2013 18:41:42 +0000 (+0200)
Subject: Data stack has now an extra NULL pointer padding before its actual data starts.
X-Git-Tag: 2.2.9~9
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=263df40da710e873103597f64c1733827d19c442;p=thirdparty%2Fdovecot%2Fcore.git

Data stack has now an extra NULL pointer padding before its actual data starts.
This is just an extra safety measure against buffer overflows.
Patch by Jann Horn.
---

diff --git a/src/lib/data-stack.c b/src/lib/data-stack.c
index 79e3130a57..e9a89edcd5 100644
--- a/src/lib/data-stack.c
+++ b/src/lib/data-stack.c
@@ -32,6 +32,9 @@ struct stack_block {
 	struct stack_block *next;
 
 	size_t size, left, lowwater;
+	/* always NULL and here just in case something accesses
+	   the memory in front of an allocated area */
+	char *nullpad;
 	/* unsigned char data[]; */
 };
 
@@ -299,6 +302,7 @@ static struct stack_block *mem_block_alloc(size_t min_size)
 	block->left = 0;
 	block->lowwater = block->size;
 	block->next = NULL;
+	block->nullpad = NULL;
 
 #ifdef DEBUG
 	memset(STACK_BLOCK_DATA(block), CLEAR_CHR, alloc_size);