bk: 589f58574daOkdmCkyXNpBeidQfotw
+---
+* [Sec 3377] NTP-01-002 Buffer Overflow in ntpq when fetching reslist
+ (Pentest report 01.2017) <perlinger@ntp.org
+
---
(4.2.8p9-win) 2017/02/01 Released by Harlan Stenn <stenn@ntp.org>
if (NULL == val) {
row.flagstr[0] = '\0';
comprende = TRUE;
- } else {
- len = strlen(val);
+ } else if ((len = strlen(val)) < sizeof(row.flagstr)) {
memcpy(row.flagstr, val, len);
row.flagstr[len] = '\0';
comprende = TRUE;
+ } else {
+ /* no flags, and still !comprende */
+ row.flagstr[0] = '\0';
}
}
break;
projects / thirdparty / ntp.git / commitdiff
