From owner-freebsd-bugs Thu Oct 29 11:10:07 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA04397 for freebsd-bugs-outgoing; Thu, 29 Oct 1998 11:10:07 -0800 (PST) (envelope-from owner-freebsd-bugs@FreeBSD.ORG) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA04332 for ; Thu, 29 Oct 1998 11:10:02 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.8/8.8.5) id LAA14082; Thu, 29 Oct 1998 11:10:00 -0800 (PST) Date: Thu, 29 Oct 1998 11:10:00 -0800 (PST) Message-Id: <199810291910.LAA14082@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.ORG From: Archie Cobbs Subject: Re: bin/8176: Buffer overflow in function called by getpwnam() Reply-To: Archie Cobbs Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR bin/8176; it has been noted by GNATS. From: Archie Cobbs To: freebsd-gnats-submit@freebsd.org Cc: Subject: Re: bin/8176: Buffer overflow in function called by getpwnam() Date: Thu, 29 Oct 1998 11:09:32 -0800 (PST) Here's a patch that fixes the bug. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com Index: getpwent.c =================================================================== RCS file: /cvs/freebsd/src/lib/libc/gen/getpwent.c,v retrieving revision 1.44 diff -u -r1.44 getpwent.c --- getpwent.c 1998/02/01 06:16:08 1.44 +++ getpwent.c 1998/10/29 19:09:06 @@ -145,8 +145,8 @@ return((struct passwd *)NULL); bf[0] = _PW_KEYBYNAME; - len = strlen(name); - bcopy(name, bf + 1, MIN(len, UT_NAMESIZE)); + len = MIN(strlen(name), UT_NAMESIZE); + bcopy(name, bf + 1, len); key.data = (u_char *)bf; key.size = len + 1; rval = __hashpw(&key); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message