isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix a non-exploitable buffer overflow in the word splitting code. This

Browse Source 
should really be rewritten.
This commit is contained in:
Todd C. Miller
2001-04-13 01:41:57 +00:00
parent c70104020b
commit 9dd02e2fb9
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
logging.c
View File

@@ -139,7 +139,8 @@ do_syslog(pri, msg)
/*
* Log the full line, breaking into multiple syslog(3) calls if necessary
*/
for (p = msg, count = 0; count < strlen(msg) / MAXSYSLOGLEN + 1; count++) {
for (p = msg, count = 0; *p && count < strlen(msg) / MAXSYSLOGLEN + 1;
count++) {
if (strlen(p) > MAXSYSLOGLEN) {
/*
* Break up the line into what will fit on one syslog(3) line
@@ -162,7 +163,7 @@ do_syslog(pri, msg)
*tmp = save; /* restore saved character */
/* Eliminate leading whitespace */
for (p = tmp; *p != ' '; p++)
for (p = tmp; *p != ' ' && *p !='\0'; p++)
;
} else {
if (count == 0)