Stanislav Sedov 6760b335c6 - Prevent buffer overflow in IPFilter's load_http function used to load ... ipfilter tables via http by the user-level ippool utility. Previously the 1024-byte buffer used to store a http request coudld easily overflow if the length of the hostname part of the url passes exceeded 496 bytes. [1] - Use snprintf to prevent possieble buffer overflows in future. [2] - Do not try to close the descriptor twice on failure. [2] Reported by: Maksymilian Arciemowicz <cxib@securityreason.com> [1] Obtained from: NetBSD CVS [2] MFC after: 2 weeks		2009-05-29 16:24:23 +00:00
..
addicmp.c
addipopt.c
alist_free.c
alist_new.c
bcopywrap.c
binprint.c
buildopts.c
checkrev.c
count4bits.c
count6bits.c
debug.c
facpri.c
facpri.h
fill6bits.c
flags.c
gethost.c
getifname.c
getnattype.c
getport.c
getportproto.c
getproto.c
getsumd.c
hostname.c
icmpcode.c
inet_addr.c
initparse.c
ionames.c
ipf_dotuning.c
ipft_ef.c
ipft_hx.c
ipft_pc.c
ipft_sn.c
ipft_td.c
ipft_tx.c
ipoptsec.c
kmem.c
kmem.h
kmemcpywrap.c
kvatoname.c
load_file.c
load_hash.c
load_hashnode.c
load_http.c	- Prevent buffer overflow in IPFilter's load_http function used to load	2009-05-29 16:24:23 +00:00
load_pool.c
load_poolnode.c
load_url.c
Makefile
mutex_emul.c
nametokva.c
nat_setgroupmap.c
ntomask.c
optname.c
optprint.c
optprintv6.c
optvalue.c
portname.c
print_toif.c
printactivenat.c
printaps.c
printbuf.c
printfr.c
printfraginfo.c
printhash_live.c
printhash.c
printhashdata.c
printhashnode.c
printhostmap.c
printhostmask.c
printifname.c
printip.c
printlog.c
printmask.c
printnat.c
printpacket6.c
printpacket.c
printpool_live.c
printpool.c
printpooldata.c
printpoolnode.c
printportcmp.c
printproto.c
printsbuf.c
printstate.c
printtqtable.c
printtunable.c
remove_hash.c
remove_hashnode.c
remove_pool.c
remove_poolnode.c
resetlexer.c
rwlock_emul.c
tcp_flags.c
tcpflags.c
tcpoptnames.c
v6ionames.c
v6optvalue.c
var.c
verbose.c