jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-18 23:10:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

do-bounds-checking-in-psetvolumestatus-20010315

Browse Source 
Previously it was possible to overflow the variables used to construct a
SetVolumeStatus call
This commit is contained in:
Nickolai Zeldovich 2001-03-16 03:35:07 +00:00 committed by Derrick Brashear
parent 4b85432743
commit 54b7292a44
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/afs/afs_pioctl.c
View File

@ -1502,10 +1502,16 @@ static PSetVolumeStatus(avc, afun, areq, ain, aout, ainSize, aoutSize)
cp = ain; cp = ain;
bcopy(cp, (char *)&volstat, sizeof(AFSFetchVolumeStatus)); bcopy(cp, (char *)&volstat, sizeof(AFSFetchVolumeStatus));
cp += sizeof(AFSFetchVolumeStatus); cp += sizeof(AFSFetchVolumeStatus);
if (strlen(cp) >= sizeof(volName))
return E2BIG;
strcpy(volName, cp); strcpy(volName, cp);
cp += strlen(volName)+1; cp += strlen(volName)+1;
if (strlen(cp) >= sizeof(offLineMsg))
return E2BIG;
strcpy(offLineMsg, cp); strcpy(offLineMsg, cp);
cp += strlen(offLineMsg)+1; cp += strlen(offLineMsg)+1;
if (strlen(cp) >= sizeof(motd))
return E2BIG;
strcpy(motd, cp); strcpy(motd, cp);
storeStat.Mask = 0; storeStat.Mask = 0;
if (volstat.MinQuota != -1) { if (volstat.MinQuota != -1) {