Date: Thu, 25 Mar 2010 20:02:54 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/contrib/cpio/lib rtapelib.c Message-ID: <201003252003.o2PK3EDK075722@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
delphij 2010-03-25 20:02:54 UTC
FreeBSD src repository
Modified files:
contrib/cpio/lib rtapelib.c
Log:
SVN rev 205654 on 2010-03-25 20:02:54Z by delphij
The rmt client in GNU cpio could have a heap overflow when a malicious
remote tape service returns deliberately crafted packets containing
more data than requested.
Fix this by checking the returned amount of data and bail out when it
is more than what we requested.
PR: gnu/145010
Submitted by: naddy
Reviewed by: imp
MFC after: immediately
Security: CVE-2010-0624
Revision Changes Path
1.3 +2 -1 src/contrib/cpio/lib/rtapelib.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201003252003.o2PK3EDK075722>