From: Juergen Perlinger <perlinger@ntp.org>
Date: Fri, 20 Nov 2015 01:57:37 +0000 (+0100)
Subject: [Bug 2969] Seg fault from ntpq/mrulist when looking at server with lots of clients
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=22ea7a6e8b7e200784575c71766980715957eabd;p=thirdparty%2Fntp.git

[Bug 2969] Seg fault from ntpq/mrulist when looking at server with lots of clients

bk: 564e7e11PQSPK2SaqU2EvAMnCD-B1Q
---

diff --git a/ChangeLog b/ChangeLog
index c532cb187..532e51ab0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,6 +17,8 @@
   - make sure SOCKET values are not truncated (win32-specific)
   - format string fixes
 * [Bug 2965] Local clock didn't work since 4.2.8p4.  Martin Burnicki.
+* [Bug 2969]  Seg fault from ntpq/mrulist when looking at server with
+              lots of clients. perlinger@ntp.org
 * Unity cleanup for FreeBSD-6.4.  Harlan Stenn.
 * Unity test cleanup.  Harlan Stenn.
 ---
diff --git a/lib/isc/sockaddr.c b/lib/isc/sockaddr.c
index eb0451b9d..c6932d48f 100644
--- a/lib/isc/sockaddr.c
+++ b/lib/isc/sockaddr.c
@@ -134,7 +134,7 @@ isc_sockaddr_totext(const isc_sockaddr_t *sockaddr, isc_buffer_t *target) {
 		break;
 #ifdef ISC_PLAFORM_HAVESYSUNH
 	case AF_UNIX:
-		plen = strlen(sockaddr->type.sunix.sun_path);
+		plen = (unsigned int)strlen(sockaddr->type.sunix.sun_path);
 		if (plen >= isc_buffer_availablelength(target))
 			return (ISC_R_NOSPACE);
 
diff --git a/ntpq/ntpq-subs.c b/ntpq/ntpq-subs.c
index 3ce9c1cc2..b81dc379c 100644
--- a/ntpq/ntpq-subs.c
+++ b/ntpq/ntpq-subs.c
@@ -2865,7 +2865,7 @@ collect_mru_list(
 				 ri, sptoa(&recent->addr), ri,
 				 recent->last.l_ui, recent->last.l_uf);
 			chars = strlen(buf);
-			if (REQ_ROOM - chars < 1)
+			if (REQ_ROOM <= chars)
 				break;
 			memcpy(req, buf, chars + 1);
 			req += chars;