[ntp:security] [Bug 3379] NTP-01-004 NTP: Potential Overflows in ctl_put() functions (Pentest report 01.2017)

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Thu Mar 23 09:32:34 UTC 2017


http://bugs.ntp.org/show_bug.cgi?id=3379

Miroslav Lichvar <mlichvar at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mlichvar at redhat.com

--- Comment #5 from Miroslav Lichvar <mlichvar at redhat.com> 2017-03-23 09:32:34 UTC ---
I was looking at the patch that was included to fix this issue and I was
wondering if ctl_putstr() should really assert that the data fit in the buffer.
Some system variables can be changed by the user (e.g. host and cert with
autokey) and could theoretically be larger than the buffer. Before this change,
the string was silently truncated, but now ntpd will crash due to the
assertion.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list