Duncan, RE: (uid_long < 0) Unsigned long will never be less than zero.
RE: (errno != 0) Technically errno is not set unless the return value indicates an error, so errno could be non-zero from the last time any error occurred. Just delete both of these conditions, and use ULONG_MAX as indicated by the strtoul man page. Andy -----Original Message----- From: Duncan Idaho [mailto:dune.id...@gmail.com] Sent: Friday, May 04, 2012 2:16 AM To: ipmitool-devel@lists.sourceforge.net Subject: Re: [Ipmitool-devel] PATCH - # ipmitool sunoem sshkey; buffer overflow/input validation - ID: 3411421 On Sun, Apr 29, 2012 at 5:36 PM, Duncan Idaho <dune.id...@gmail.com> wrote: > Hello folks, > > attached is patch to handle input validation in 'lib/ipmi_sunoem.c'. > Looking at the source, one can expected more of these. > > What the patch does: > * long lines(= lines longer than 80chars) > * validate input in 'lib/ipmi_sunoem.c' > * "code bumming" - some conditions seemed to be redundant > * 'sunoem sshkey' would accept undefined actions and would exit with 0 > if such case would happen > > Thanks for comments. > > Once approved, I'll create proper patch and attach it to the > ticket(ID: 3411421) at SF.net. > > Regards, > --Duncan Since there were no comments, final patch is attached. Couple issues were addressed since previous version. http://sourceforge.net/tracker/?func=detail&aid=3411421&group_id=95200&a tid=610550 --Duncan ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Ipmitool-devel mailing list Ipmitool-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
