4798ffa9e1
Approved by: roberto, delphij Security: VuXML: 0d0f3050-1f69-11e5-9ba9-d050996490d0 Security: http://bugs.ntp.org/show_bug.cgi?id=2853 Security: https://www.kb.cert.org/vuls/id/668167 Security: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi
36 lines
690 B
C
36 lines
690 B
C
#include <config.h>
|
|
|
|
#if HAVE_UNISTD_H
|
|
# include <unistd.h>
|
|
#endif
|
|
|
|
|
|
/* Bug 2853 */
|
|
/* evaluate the length of the command sequence. This breaks at the first
|
|
* char that is not >= SPACE and <= 127 after trimming from the right.
|
|
*/
|
|
size_t
|
|
remoteconfig_cmdlength(
|
|
const char *src_buf,
|
|
const char *src_end
|
|
)
|
|
{
|
|
const char *scan;
|
|
unsigned char ch;
|
|
|
|
/* trim whitespace & garbage from the right */
|
|
while (src_end != src_buf) {
|
|
ch = src_end[-1];
|
|
if (ch > ' ' && ch < 128)
|
|
break;
|
|
--src_end;
|
|
}
|
|
/* now do a forward scan */
|
|
for (scan = src_buf; scan != src_end; ++scan) {
|
|
ch = scan[0];
|
|
if ((ch < ' ' || ch >= 128) && ch != '\t')
|
|
break;
|
|
}
|
|
return (size_t)(scan - src_buf);
|
|
}
|