From owner-svn-src-all@FreeBSD.ORG  Fri Mar 12 13:56:06 2010
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 88E9D106564A;
	Fri, 12 Mar 2010 13:56:06 +0000 (UTC)
	(envelope-from oliver.pntr@gmail.com)
Received: from mail-bw0-f216.google.com (mail-bw0-f216.google.com
	[209.85.218.216])
	by mx1.freebsd.org (Postfix) with ESMTP id 69AB08FC20;
	Fri, 12 Mar 2010 13:56:05 +0000 (UTC)
Received: by bwz8 with SMTP id 8so1046272bwz.3
	for <multiple recipients>; Fri, 12 Mar 2010 05:56:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:date:message-id:subject:from:to:cc:content-type;
	bh=Y3ETfVT6fqT607Y8chRsoLImJo4yjBum+BpIsrHJhb8=;
	b=w8xfhdlYKsKtd9xa0k7YTqleUXIvKuHMEU9xUjThQihLQIxpG3SL2Od9mY0b5GQqtM
	rU5OoLaYAlFBq4REcgrdiYvlRf40KAYxZaBMHd2pyAn4KNPY44YoTX5IexUBez4YzuGW
	HAKgjvoCS92siAJjCgLj2Pmmw579CE5DTLwE0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=J2eqDo0D+Y+c02KxLRRltjKtrrq38OhDomNv30B20lcczROD7NwLog+jUNJVMJv0Qt
	XdFC2kGKiFy1ICiEuoea7xW/rZqubi4JgX+L8LZUP9A+leFb92kAa314tPsH3b9rgxhz
	C/BKtbfZ18OaXOfHc/34TAWNj6Qzo+5v45QPI=
MIME-Version: 1.0
Received: by 10.204.129.218 with SMTP id p26mr291659bks.145.1268402164052; 
	Fri, 12 Mar 2010 05:56:04 -0800 (PST)
In-Reply-To: <201003120656.o2C6uqQD022867@svn.freebsd.org>
References: <201003120656.o2C6uqQD022867@svn.freebsd.org>
Date: Fri, 12 Mar 2010 14:56:03 +0100
Message-ID: <6101e8c41003120556x64c73cfav9e2fc48c89de7490@mail.gmail.com>
From: Oliver Pinter <oliver.pntr@gmail.com>
To: Jaakko Heinonen <jh@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org,
	src-committers@freebsd.org, svn-src-stable-8@freebsd.org
Subject: Re: svn commit: r205070 - stable/8/lib/libc/stdio
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
	user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
	<mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
	<mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Mar 2010 13:56:06 -0000

this commit for 7-STABLE?

On 3/12/10, Jaakko Heinonen <jh@freebsd.org> wrote:
> Author: jh
> Date: Fri Mar 12 06:56:51 2010
> New Revision: 205070
> URL: http://svn.freebsd.org/changeset/base/205070
>
> Log:
>   MFC r204447:
>
>   In _gettemp(), check that the length of the path doesn't exceed
>   MAXPATHLEN. Otherwise the path name (or part of it) may not fit to
>   carrybuf causing a buffer overflow.
>
>   PR:		bin/140228
>
> Modified:
>   stable/8/lib/libc/stdio/mktemp.c
> Directory Properties:
>   stable/8/lib/libc/   (props changed)
>   stable/8/lib/libc/stdtime/   (props changed)
>
> Modified: stable/8/lib/libc/stdio/mktemp.c
> ==============================================================================
> --- stable/8/lib/libc/stdio/mktemp.c	Fri Mar 12 06:31:19 2010	(r205069)
> +++ stable/8/lib/libc/stdio/mktemp.c	Fri Mar 12 06:56:51 2010	(r205070)
> @@ -116,6 +116,10 @@ _gettemp(path, doopen, domkdir, slen)
>
>  	for (trv = path; *trv != '\0'; ++trv)
>  		;
> +	if (trv - path >= MAXPATHLEN) {
> +		errno = ENAMETOOLONG;
> +		return (0);
> +	}
>  	trv -= slen;
>  	suffp = trv;
>  	--trv;
> _______________________________________________
> svn-src-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/svn-src-stable
> To unsubscribe, send any mail to "svn-src-stable-unsubscribe@freebsd.org"
>