Annotation of /trunk/traceroute/patches/traceroute-1.4.a.12-secfix.patch
Parent Directory | Revision Log
Revision 210 -
(hide annotations)
(download)
Thu May 24 09:45:22 2007 UTC (17 years, 4 months ago) by niro
File size: 1151 byte(s)
Thu May 24 09:45:22 2007 UTC (17 years, 4 months ago) by niro
File size: 1151 byte(s)
-security fix
1 | niro | 210 | Ripped from Fedora. |
2 | |||
3 | --- traceroute-1.4a5/traceroute.c.secfix Fri Jun 13 05:30:27 1997 | ||
4 | +++ traceroute-1.4a5/traceroute.c Tue Dec 16 12:14:32 1997 | ||
5 | @@ -368,6 +368,10 @@ | ||
6 | break; | ||
7 | |||
8 | case 'g': | ||
9 | + if (strlen(optarg) >= MAXHOSTNAMELEN) { | ||
10 | + Fprintf(stderr, "%s: Nice Try !\n", prog); | ||
11 | + exit(-1); | ||
12 | + } | ||
13 | if (lsrr >= NGATEWAYS) { | ||
14 | Fprintf(stderr, | ||
15 | "%s: No more than %d gateways\n", | ||
16 | @@ -380,6 +384,11 @@ | ||
17 | |||
18 | case 'i': | ||
19 | device = optarg; | ||
20 | + if (strlen(device) >= 16) { /* that is the IFNAMSIZ | ||
21 | + * from kernel headers */ | ||
22 | + Fprintf(stderr, "%s: Nice try !\n", prog); | ||
23 | + exit(-1); | ||
24 | + } | ||
25 | break; | ||
26 | |||
27 | case 'I': | ||
28 | @@ -412,6 +421,10 @@ | ||
29 | * probe (e.g., on a multi-homed host). | ||
30 | */ | ||
31 | source = optarg; | ||
32 | + if (strlen(source) >= MAXHOSTNAMELEN) { | ||
33 | + Fprintf(stderr, "%s: Nice Try !\n", prog); | ||
34 | + exit(-1); | ||
35 | + } | ||
36 | break; | ||
37 | |||
38 | case 't': | ||
39 | @@ -470,6 +483,10 @@ | ||
40 | |||
41 | case 1: | ||
42 | hostname = argv[optind]; | ||
43 | + if (strlen(hostname) >= MAXHOSTNAMELEN) { | ||
44 | + Fprintf(stderr, "%s: Nice try !\n", prog); | ||
45 | + exit(-1); | ||
46 | + } | ||
47 | hi = gethostinfo(hostname); | ||
48 | setsin(to, hi->addrs[0]); | ||
49 | if (hi->n > 1) |