d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/contrib
History
brooks bf0e2ca510 Fix a stack overflow in mount_smbfs when hostname is too long. 
The local hostname was blindly copied into the to the nn_name array.
When the hostname exceeded 16 bytes, it would overflow.  Truncate the
hostname to 15 bytes plus a 0 terminator which is the "workstation name"
suffix.

Use defensive strlcpy() when filling nn_name in all cases.

PR:		228354
Reported by:	donald.buchholz@intel.com
Reviewed by:	jpaetzel,  ian (prior version)
Discussed with:	Security Officer (gtetlow)
MFC after:	3 days
Security:	Stack overflow with the hostname.
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D15936
2018-06-25 16:42:49 +00:00
..
amd
Fix amq -i timestamp segmentation violation.
2018-06-19 01:33:03 +00:00
apr
apr-util
atf
binutils
Add deprecation notice to objdump man page
2018-06-15 17:03:49 +00:00
blacklist
blacklist: Fix minor memory leak in configuration parsing error case
2018-03-20 00:16:24 +00:00
bmake
Merge bmake-20180512
2018-05-19 00:26:00 +00:00
bsnmp
Don't put multiple names on a single .Nm line. This fixes apropos(1)
2018-04-17 09:05:46 +00:00
byacc
bzip2
com_err
compiler-rt
Do not include float interfaces when using libsa.
2018-02-23 04:04:25 +00:00
cortex-strings
dialog
diff
dma
Convert cap_enter() < 0 && errno != ENOSYS to caph_enter() < 0.
2018-06-19 23:43:14 +00:00
dtc
ee
elftoolchain
Add DW_LANG_* definitions from DWARF 4 and 5.
2018-06-09 14:50:38 +00:00
expat
file
Revert last change to file/magic/Magdir/elf, it misidentifies most shared
2018-05-20 22:07:44 +00:00
flex
gcc
gcclibs
gdb
gdtoa
gperf
hyperv/tools
ipfilter
jemalloc
Update jemalloc to version 5.1.0.
2018-05-11 00:32:31 +00:00
ldns
Upgrade LDNS to 1.7.0.
2018-05-12 12:00:18 +00:00
ldns-host
less
libarchive
libbegemot
libc-pwcache
libc-vis
libc++
libcxxrt
libdivsufsort
libexecinfo
libgnuregex
libpcap
Re-apply r190640.
2018-05-31 09:11:21 +00:00
libstdc++
libucl
libxo
Import libxo-0.9.0:
2018-05-23 01:20:31 +00:00
llvm
o Implement unw_getcontext()
2018-06-19 14:46:59 +00:00
lua
When the LUA_FLOAT_TYPE != LUA_FLOAT_INT64, we can't reference float
2018-02-23 04:04:18 +00:00
mdocml
mknod
mtree
ncurses
netbsd-tests
netbsd-tests: bsdgrep(1): Add a test for -m, too
2018-06-07 18:53:39 +00:00
netcat
ngatm
ntp
MFV r330102: ntp 4.2.8p11
2018-02-28 07:59:55 +00:00
nvi
ofed
Fix false positive on failure
2018-06-17 07:08:47 +00:00
one-true-awk
openbsm
praudit(1): return 0 on success
2018-06-17 17:10:35 +00:00
opencsd/decoder
Import OpenCSD -- an ARM CoreSight(tm) Trace Decode Library.
2018-04-04 12:55:31 +00:00
openpam
openresolv
opie
pam_modules/pam_passwdqc
pf
Re-apply r190640.
2018-05-31 09:11:21 +00:00
pjdfstest
pnpinfo
processor-trace
Import Intel Processor Trace decoder library from
2018-03-19 18:59:15 +00:00
sendmail
Don't declare union semun in userspace unless _WANT_SEMUN is defined.
2018-03-02 22:32:53 +00:00
serf
smbfs
Fix a stack overflow in mount_smbfs when hostname is too long.
2018-06-25 16:42:49 +00:00
sqlite3
Update private sqlite from sqlite3-3.20.0 to sqlite3-3.23.1
2018-05-08 04:51:15 +00:00
subversion
Update svn-1.9.7 to 1.10.0.
2018-05-08 04:52:52 +00:00
tcp_wrappers
tcpdump
MFV r333668:
2018-05-29 10:29:04 +00:00
tcsh
telnet
telnetd(8): Fix dereference of uninitialized value 'IF'
2018-03-16 20:59:56 +00:00
tnftp
traceroute
tzcode
tzdata
Import tzdata 2018e
2018-05-04 10:17:27 +00:00
unbound
Rename all Unbound binaries and man pages from unbound* to local-unbound*.
2018-05-12 17:10:36 +00:00
unvis
vis
wpa
Re-apply r190640.
2018-05-31 09:11:21 +00:00
xz
MFV r333779: xz 5.2.4.
2018-05-18 06:10:16 +00:00
zlib