pfctl: fix out-of-bounds access
If pfctl is called with "pfctl -a ''" we read outside of the anchoropt buffer. Check that the buffer is sufficiently long to avoid that. Maintain the existing (and desired, because it's used as such in /etc/periodic/security/520.pfdenied) behaviour of treating "-a ''" as a request for the root anchor (or no anchor specified). PR: 264128 Reviewed by: kp
This commit is contained in:
parent
d94358e29d
commit
2986638550
@ -2864,7 +2864,7 @@ main(int argc, char *argv[])
|
||||
if (anchoropt != NULL) {
|
||||
int len = strlen(anchoropt);
|
||||
|
||||
if (anchoropt[len - 1] == '*') {
|
||||
if (len >= 1 && anchoropt[len - 1] == '*') {
|
||||
if (len >= 2 && anchoropt[len - 2] == '/')
|
||||
anchoropt[len - 2] = '\0';
|
||||
else
|
||||
|
Loading…
Reference in New Issue
Block a user