freebsd-skq/lib/libutil
Brooks Davis 72f0a13e60 Correct an out of bounds read with HN_AUTOSCALE and very large numbers.
The maximum scale is 6 (K, M, G, T, P, E) (B is 0).

Overly large explict scales were checked correctly, but for sufficently
large numbers HN_AUTOSCALE would get to 7 resulting in an out of bounds
read.

Found with humanize_number_test and CHERI bounds checking.

Reviewed by:	emaste
Obtained from:	CheriBSD
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D10376
2017-04-13 15:49:32 +00:00
..
tests Increase WARNS for libutil tests 2017-03-11 00:09:54 +00:00
_secure_path.3
_secure_path.c
auth.c
expand_number.3
expand_number.c
flopen.3
flopen.c Remove a death threat from the FreeBSD sources 2016-12-01 02:21:36 +00:00
fparseln.3
fparseln.c
gr_util.c Use malloc()ed buffers instead of stack buffers in gr_copy() and pw_copy(). 2016-11-28 21:00:19 +00:00
hexdump.3 Document sbuf_hexdump(9) in just sbuf(9) 2017-03-21 19:10:07 +00:00
hexdump.c Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
humanize_number.3
humanize_number.c Correct an out of bounds read with HN_AUTOSCALE and very large numbers. 2017-04-13 15:49:32 +00:00
kinfo_getallproc.3 Add <sys/user.h> to the SYNOPSIS of the kinfo_get*() functions since these 2015-05-27 17:51:06 +00:00
kinfo_getallproc.c lib/libutil/kinfo_*: style cleanup 2017-01-09 00:47:23 +00:00
kinfo_getfile.3 Add <sys/user.h> to the SYNOPSIS of the kinfo_get*() functions since these 2015-05-27 17:51:06 +00:00
kinfo_getfile.c lib/libutil/kinfo_*: style cleanup 2017-01-09 00:47:23 +00:00
kinfo_getproc.3 Add <sys/user.h> to the SYNOPSIS of the kinfo_get*() functions since these 2015-05-27 17:51:06 +00:00
kinfo_getproc.c lib/libutil/kinfo_*: style cleanup 2017-01-09 00:47:23 +00:00
kinfo_getvmmap.3 Add <sys/user.h> to the SYNOPSIS of the kinfo_get*() functions since these 2015-05-27 17:51:06 +00:00
kinfo_getvmmap.c lib/libutil/kinfo_*: style cleanup 2017-01-09 00:47:23 +00:00
kinfo_getvmobject.3 Export a list of VM objects in the system via a sysctl. The list can be 2015-05-27 18:11:05 +00:00
kinfo_getvmobject.c Export a list of VM objects in the system via a sysctl. The list can be 2015-05-27 18:11:05 +00:00
kld.3
kld.c
libutil.h revert r283969,283970 not needed anymore after r283981 2015-06-04 08:00:11 +00:00
login_auth.3
login_auth.c libutil: minor spelling fixes. 2016-05-18 15:25:45 +00:00
login_cap.3
login_cap.c libutil: minor spelling fixes. 2016-05-18 15:25:45 +00:00
login_cap.h
login_class.3 Fix handling of umtxp resource limit in sh(1)/ulimit(1), limits(1), add 2016-03-12 14:54:34 +00:00
login_class.c Fix handling of umtxp resource limit in sh(1)/ulimit(1), limits(1), add 2016-03-12 14:54:34 +00:00
login_crypt.c
login_ok.3
login_ok.c
login_times.3
login_times.c
login_tty.3
login_tty.c Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
login.conf.5 Fix handling of umtxp resource limit in sh(1)/ulimit(1), limits(1), add 2016-03-12 14:54:34 +00:00
Makefile Correct MLINKS for sbuf_hexdump(9) 2017-03-03 06:31:47 +00:00
Makefile.depend META MODE: Prefer INSTALL=tools/install.sh to lessen the need for xinstall.host. 2015-11-25 19:10:28 +00:00
pidfile.3 libutil: minor spelling fixes. 2016-05-18 15:25:45 +00:00
pidfile.c libutil: minor spelling fixes. 2016-05-18 15:25:45 +00:00
property.3
property.c
pty.3 Correct posix_openpt reference in pty(3) 2015-11-06 12:02:24 +00:00
pty.c Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
pw_util.3 Bump .Dd due to changes made in r285050 and r285053 2015-07-02 19:41:08 +00:00
pw_util.c Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
quotafile.3
quotafile.c Use strlcpy() instead of strncpy() to ensure that qf->fsname is NUL 2016-05-13 00:26:14 +00:00
realhostname_sa.3
realhostname.3
realhostname.c
stub.c
trimdomain.3
trimdomain.c
uucplock.3
uucplock.c Renumber copyright clause 4 2017-02-28 23:42:47 +00:00