Re: svn commit: r349896 - head/contrib/telnet/telnet

Thu, 11 Jul 2019 08:06:05 -0700 

On Thu, Jul 11, 2019 at 01:02:15AM -0700, Enji Cooper wrote:
> 
> > On Jul 10, 2019, at 3:36 PM, Philip Paeps <phi...@freebsd.org> wrote:
> > 
> > Author: philip
> > Date: Wed Jul 10 22:36:14 2019
> > New Revision: 349896
> > URL: https://svnweb.freebsd.org/changeset/base/349896
> > 
> > Log:
> >  telnet: fix minor style violation
> > 
> >  While here also fix a very unlikely NULL pointer dereference.
> > 
> >  Submitted by:      Shawn Webb <shawn.w...@hardenedbsd.org>
> > 
> > Modified:
> >  head/contrib/telnet/telnet/commands.c
> > 
> > Modified: head/contrib/telnet/telnet/commands.c
> > ==============================================================================
> > --- head/contrib/telnet/telnet/commands.c   Wed Jul 10 22:23:59 2019        
> > (r349895)
> > +++ head/contrib/telnet/telnet/commands.c   Wed Jul 10 22:36:14 2019        
> > (r349896)
> > @@ -45,6 +45,7 @@ __FBSDID("$FreeBSD$");
> > #include <sys/socket.h>
> > #include <netinet/in.h>
> > 
> > +#include <assert.h>
> > #include <ctype.h>
> > #include <err.h>
> > #include <errno.h>
> > @@ -1654,11 +1655,13 @@ env_init(void)
> >             || (strncmp((char *)ep->value, "unix:", 5) == 0))) {
> >             char hbuf[256+1];
> >             char *cp2 = strchr((char *)ep->value, ':');
> > +                size_t buflen;
> > 
> >             gethostname(hbuf, sizeof(hbuf));
> >             hbuf[sizeof(hbuf)-1] = '\0';
> > -                unsigned int buflen = strlen(hbuf) + strlen(cp2) + 1;
> > +           buflen = strlen(hbuf) + strlen(cp2) + 1;
> >             cp = (char *)malloc(sizeof(char)*buflen);
> > +           assert(cp != NULL);
> 
> This will unfortunately still segfault if assert is compiled out of the 
> system as a no-op (-DNDEBUG).
> 
> I genuinely think using asprintf instead is the way to go, as Eitan and 
> Warner brought up, since it reduces complexity in the program.

https://gist.github.com/d49121a3e9a14b93868360edf32673f1

Thanks,

-- 
Shawn Webb
Cofounder / Security Engineer
HardenedBSD

Tor-ified Signal:    +1 443-546-8752
Tor+XMPP+OTR:        latt...@is.a.hacker.sx
GPG Key ID:          0xFF2E67A277F8E1FA
GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9  3633 C85B 0AF8 AB23 0FB2

Attachment: signature.asc
Description: PGP signature

Reply via email to