From 9888254d2b0b1d4ca3fa8a66508f070c21019212 Mon Sep 17 00:00:00 2001 From: reyk Date: Sun, 20 Apr 2014 16:13:36 +0000 Subject: [PATCH] Check strlcpy of the script path names for overflow and use the size of the destination buffer instead of the source buffer as the argument. --- usr.sbin/relayd/check_script.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/usr.sbin/relayd/check_script.c b/usr.sbin/relayd/check_script.c index bc8e9c5d613..49dc2981e2e 100644 --- a/usr.sbin/relayd/check_script.c +++ b/usr.sbin/relayd/check_script.c @@ -1,4 +1,4 @@ -/* $OpenBSD: check_script.c,v 1.14 2011/05/26 14:48:20 reyk Exp $ */ +/* $OpenBSD: check_script.c,v 1.15 2014/04/20 16:13:36 reyk Exp $ */ /* * Copyright (c) 2007, 2008 Reyk Floeter @@ -54,8 +54,11 @@ check_script(struct relayd *env, struct host *host) host->flags &= ~(F_CHECK_SENT|F_CHECK_DONE); scr.host = host->conf.id; - strlcpy(scr.name, host->conf.name, sizeof(host->conf.name)); - strlcpy(scr.path, table->conf.path, sizeof(table->conf.path)); + if ((strlcpy(scr.name, host->conf.name,sizeof(scr.name)) >= + sizeof(scr.name)) || + (strlcpy(scr.path, table->conf.path, sizeof(scr.path)) >= + sizeof(scr.path))) + fatalx("invalid script path"); memcpy(&scr.timeout, &table->conf.timeout, sizeof(scr.timeout)); proc_compose_imsg(env->sc_ps, PROC_PARENT, 0, IMSG_SCRIPT, -- 2.20.1