1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-16 10:20:30 +00:00
freebsd/contrib
Brooks Davis ccbbd187b1 Fix a stack overflow in mount_smbfs when hostname is too long.
The local hostname was blindly copied into the to the nn_name array.
When the hostname exceeded 16 bytes, it would overflow.  Truncate the
hostname to 15 bytes plus a 0 terminator which is the "workstation name"
suffix.

Use defensive strlcpy() when filling nn_name in all cases.

PR:		228354
Reported by:	donald.buchholz@intel.com
Reviewed by:	jpaetzel,  ian (prior version)
Discussed with:	Security Officer (gtetlow)
MFC after:	3 days
Security:	Stack overflow with the hostname.
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D15936
2018-06-25 16:42:49 +00:00
..
amd Fix amq -i timestamp segmentation violation. 2018-06-19 01:33:03 +00:00
apr
apr-util
atf
binutils Add deprecation notice to objdump man page 2018-06-15 17:03:49 +00:00
blacklist blacklist: Fix minor memory leak in configuration parsing error case 2018-03-20 00:16:24 +00:00
bmake Merge bmake-20180512 2018-05-19 00:26:00 +00:00
bsnmp Don't put multiple names on a single .Nm line. This fixes apropos(1) 2018-04-17 09:05:46 +00:00
byacc
bzip2
com_err
compiler-rt Do not include float interfaces when using libsa. 2018-02-23 04:04:25 +00:00
cortex-strings
dialog
diff
dma Convert cap_enter() < 0 && errno != ENOSYS to caph_enter() < 0. 2018-06-19 23:43:14 +00:00
dtc
ee
elftoolchain Add DW_LANG_* definitions from DWARF 4 and 5. 2018-06-09 14:50:38 +00:00
expat
file Revert last change to file/magic/Magdir/elf, it misidentifies most shared 2018-05-20 22:07:44 +00:00
flex
gcc Use a workaround to compile the crt init functions correctly with clang. 2018-02-06 17:01:10 +00:00
gcclibs
gdb Commit forgotten change in gdb allowing to use libedit 2018-02-06 12:17:03 +00:00
gdtoa
gperf
hyperv/tools
ipfilter
jemalloc Update jemalloc to version 5.1.0. 2018-05-11 00:32:31 +00:00
ldns Upgrade LDNS to 1.7.0. 2018-05-12 12:00:18 +00:00
ldns-host
less MFV r329552: less v530. 2018-02-19 05:10:22 +00:00
libarchive MFV r328323,328324: 2018-01-24 14:24:17 +00:00
libbegemot
libc-pwcache
libc-vis
libc++ Pull in r321963 from upstream libc++ trunk (by me): 2018-01-07 18:33:19 +00:00
libcxxrt
libdivsufsort
libexecinfo
libgnuregex
libpcap Re-apply r190640. 2018-05-31 09:11:21 +00:00
libstdc++
libucl
libxo Import libxo-0.9.0: 2018-05-23 01:20:31 +00:00
llvm o Implement unw_getcontext() 2018-06-19 14:46:59 +00:00
lua When the LUA_FLOAT_TYPE != LUA_FLOAT_INT64, we can't reference float 2018-02-23 04:04:18 +00:00
mdocml
mknod
mtree
ncurses
netbsd-tests netbsd-tests: bsdgrep(1): Add a test for -m, too 2018-06-07 18:53:39 +00:00
netcat
ngatm
ntp MFV r330102: ntp 4.2.8p11 2018-02-28 07:59:55 +00:00
nvi
ofed Fix false positive on failure 2018-06-17 07:08:47 +00:00
one-true-awk
openbsm praudit(1): return 0 on success 2018-06-17 17:10:35 +00:00
opencsd/decoder Import OpenCSD -- an ARM CoreSight(tm) Trace Decode Library. 2018-04-04 12:55:31 +00:00
openpam
openresolv
opie Revert r328492: 2018-01-28 03:16:54 +00:00
pam_modules/pam_passwdqc
pf Re-apply r190640. 2018-05-31 09:11:21 +00:00
pjdfstest
pnpinfo
processor-trace Import Intel Processor Trace decoder library from 2018-03-19 18:59:15 +00:00
sendmail Don't declare union semun in userspace unless _WANT_SEMUN is defined. 2018-03-02 22:32:53 +00:00
serf
smbfs Fix a stack overflow in mount_smbfs when hostname is too long. 2018-06-25 16:42:49 +00:00
sqlite3 Update private sqlite from sqlite3-3.20.0 to sqlite3-3.23.1 2018-05-08 04:51:15 +00:00
subversion Update svn-1.9.7 to 1.10.0. 2018-05-08 04:52:52 +00:00
tcp_wrappers
tcpdump MFV r333668: 2018-05-29 10:29:04 +00:00
tcsh
telnet telnetd(8): Fix dereference of uninitialized value 'IF' 2018-03-16 20:59:56 +00:00
tnftp ftp(1): Use closefrom() instead of individual close()s. 2018-01-29 01:05:57 +00:00
traceroute When using SCTP for sending probe packets, use INIT chunks for payloads 2018-01-27 19:23:42 +00:00
tzcode
tzdata Import tzdata 2018e 2018-05-04 10:17:27 +00:00
unbound Rename all Unbound binaries and man pages from unbound* to local-unbound*. 2018-05-12 17:10:36 +00:00
unvis
vis
wpa Re-apply r190640. 2018-05-31 09:11:21 +00:00
xz MFV r333779: xz 5.2.4. 2018-05-18 06:10:16 +00:00
zlib