Module Name: src Committed By: snj Date: Sat Dec 31 20:03:28 UTC 2011
Modified Files: src/lib/libtelnet [netbsd-5-0]: encrypt.c Log Message: Pull up following revision(s) (requested by christos in ticket #1704): lib/libtelnet/encrypt.c: revision 1.15 Avoid buffer overflow, reported by Colin Percival at FreeBSD To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.14.22.1 src/lib/libtelnet/encrypt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/lib/libtelnet/encrypt.c diff -u src/lib/libtelnet/encrypt.c:1.14 src/lib/libtelnet/encrypt.c:1.14.22.1 --- src/lib/libtelnet/encrypt.c:1.14 Wed Jan 17 23:24:22 2007 +++ src/lib/libtelnet/encrypt.c Sat Dec 31 20:03:27 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: encrypt.c,v 1.14 2007/01/17 23:24:22 hubertf Exp $ */ +/* $NetBSD: encrypt.c,v 1.14.22.1 2011/12/31 20:03:27 snj Exp $ */ /*- * Copyright (c) 1991, 1993 @@ -33,7 +33,7 @@ #if 0 static char sccsid[] = "@(#)encrypt.c 8.2 (Berkeley) 5/30/95"; #else -__RCSID("$NetBSD: encrypt.c,v 1.14 2007/01/17 23:24:22 hubertf Exp $"); +__RCSID("$NetBSD: encrypt.c,v 1.14.22.1 2011/12/31 20:03:27 snj Exp $"); #endif /* not lint */ /* @@ -765,6 +765,8 @@ encrypt_keyid(kp, keyid, len) if (ep->keyid) (void)(*ep->keyid)(dir, kp->keyid, &kp->keylen); + } else if (len > sizeof(kp->keyid)) { + return; } else if ((len != kp->keylen) || (memcmp(keyid, kp->keyid, len) != 0)) { /*