Module Name: src
Committed By: agc
Date: Sun May 16 06:21:14 UTC 2010
Modified Files:
src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c
Log Message:
Avoid a possible overwrite of a value in the (key, value) array, in
the event that a reference to the value is passed to the
netpgp_setvar() function as the new value. Problem noted, cause
detected, and most of the fix contributed by, Anon Ymous. Thanks!
To generate a diff of this commit:
cvs rdiff -u -r1.48 -r1.49 \
src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.48 src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.49
--- src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.48 Sat May 8 04:17:45 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Sun May 16 06:21:14 2010
@@ -34,7 +34,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: netpgp.c,v 1.48 2010/05/08 04:17:45 agc Exp $");
+__RCSID("$NetBSD: netpgp.c,v 1.49 2010/05/16 06:21:14 agc Exp $");
#endif
#include <sys/types.h>
@@ -1274,8 +1274,11 @@
int
netpgp_setvar(netpgp_t *netpgp, const char *name, const char *value)
{
- int i;
+ char *newval;
+ int i;
+ /* protect against the case where 'value' is netpgp->value[i] */
+ newval = netpgp_strdup(value);
if ((i = findvar(netpgp, name)) < 0) {
/* add the element to the array */
if (size_arrays(netpgp, netpgp->size + 15)) {
@@ -1290,11 +1293,12 @@
}
/* sanity checks for range of values */
if (strcmp(name, "hash") == 0 || strcmp(name, "algorithm") == 0) {
- if (__ops_str_to_hash_alg(value) == OPS_HASH_UNKNOWN) {
+ if (__ops_str_to_hash_alg(newval) == OPS_HASH_UNKNOWN) {
+ free(newval);
return 0;
}
}
- netpgp->value[i] = netpgp_strdup(value);
+ netpgp->value[i] = newval;
return 1;
}
