[ntp:security] [Bug 2937] nextvar() missing length check

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Sun Oct 11 07:36:11 UTC 2015


http://bugs.ntp.org/show_bug.cgi?id=2937

Juergen Perlinger <perlinger at ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|IN_PROGRESS                 |READY

--- Comment #1 from Juergen Perlinger <perlinger at ntp.org> 2015-10-11 07:36:11 UTC ---
The repo is in

  psp.ntp.org:~perlinger/ntp-stable-2937

Funny enough, the value buffer had a proper guard against buffer overrun and
'nextvar()' returned zero in that case. I modeled the name buffer size check
along that line.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list