ahill/shadow
1
0
Fork 0
mirror of https://github.com/shadow-maint/shadow.git synced 2026-01-26 14:03:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

port: fix OVERRUN (CWE-119)

Browse Source 
```
shadow-4.15.0/lib/port.c:154:2: alias: Assigning: "port.pt_names" = "ttys". "port.pt_names" now points to element 0 of "ttys" (which consists of 65 8-byte elements).
shadow-4.15.0/lib/port.c:155:2: cond_const: Checking "j < 64" implies that "j" is 64 on the false branch.
shadow-4.15.0/lib/port.c:175:2: overrun-local: Overrunning array of 65 8-byte elements at element index 65 (byte offset 527) by dereferencing pointer "port.pt_names + (j + 1)".
173|           *cp = '\0';
174|           cp++;
175|->         port.pt_names[j + 1] = NULL;
176|
177|           /*
```

Resolves: https://issues.redhat.com/browse/RHEL-35383

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Alejandro Colomar <alx@kernel.org>
This commit is contained in:
Iker Pedrosa 2024-05-15 12:25:51 +02:00 committed by Alejandro Colomar
parent 0066743c49
commit 4c16416ebc
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/port.c
View File

@ -168,7 +168,7 @@ again:
}
*cp = '\0';
cp++;
port.pt_names[j + 1] = NULL;
port.pt_names[j] = NULL;
/*
* Get the list of user names. It is the second colon