From 5474a5db40922f27d3ca02c12b857b19d40e124f Mon Sep 17 00:00:00 2001 From: tobias Date: Thu, 16 Jan 2014 21:41:22 +0000 Subject: [PATCH] Avoid size_t overflow while reading /etc/resolv.conf.tail. ok krw --- sbin/dhclient/dhclient.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index 0b5768d40ea..684d19c5ea4 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhclient.c,v 1.281 2013/12/30 03:36:17 krw Exp $ */ +/* $OpenBSD: dhclient.c,v 1.282 2014/01/16 21:41:22 tobias Exp $ */ /* * Copyright 2004 Henning Brauer @@ -59,6 +59,7 @@ #include #include +#include #include #include #include @@ -494,7 +495,7 @@ main(int argc, char *argv[]) error("Cannot stat /etc/resolv.conf.tail: %s", strerror(errno)); } else { - if (sb.st_size > 0) { + if (sb.st_size > 0 && sb.st_size < SIZE_MAX) { config->resolv_tail = calloc(1, sb.st_size + 1); if (config->resolv_tail == NULL) { error("no memory for resolv.conf.tail " -- 2.20.1