On Thu, Nov 27, 2014 at 01:29:48PM -0700, Todd C. Miller wrote: > I think it would be better for decode() to just return -1 in this > case.
The validation looks a bit like a magic number there, but this could prevent issues of other decode()-users, too... So yeah, I think that is worth it: Index: syslogd.c =================================================================== RCS file: /cvs/src/usr.sbin/syslogd/syslogd.c,v retrieving revision 1.131 diff -u -p -r1.131 syslogd.c --- syslogd.c 26 Nov 2014 18:34:52 -0000 1.131 +++ syslogd.c 27 Nov 2014 20:46:47 -0000 @@ -1762,10 +1762,15 @@ int decode(const char *name, const CODE *codetab) { const CODE *c; + int val; char *p, buf[40]; - if (isdigit((unsigned char)*name)) - return (atoi(name)); + if (isdigit((unsigned char)*name)) { + val = atoi(name); + if ((val >> 3) > LOG_NFACILITIES) + return (-1); + return (val); + } for (p = buf; *name && p < &buf[sizeof(buf) - 1]; p++, name++) { if (isupper((unsigned char)*name))