dropbear: make buf_getstring fail fast

author Konstantin Demin <rockdrilla@gmail.com>

Tue, 16 Oct 2018 13:31:44 +0000 (16:31 +0300)

committer Hans Dedecker <dedeckeh@gmail.com>

Thu, 8 Nov 2018 10:07:05 +0000 (11:07 +0100)
author Konstantin Demin <rockdrilla@gmail.com>
Tue, 16 Oct 2018 13:31:44 +0000 (16:31 +0300)
committer Hans Dedecker <dedeckeh@gmail.com>
Thu, 8 Nov 2018 10:07:05 +0000 (11:07 +0100)
diff --git a/package/network/services/dropbear/patches/013-make-buf_getstring-fail-fast.patch b/package/network/services/dropbear/patches/013-make-buf_getstring-fail-fast.patch

new file mode 100644 (file)

index 0000000..7e51fd0
--- /dev/null
+++ b/package/network/services/dropbear/patches/013-make-buf_getstring-fail-fast.patch
@@ -0,0 +1,21 @@
+--- a/buffer.c
++++ b/buffer.c
+@@ -209,6 +209,7 @@ char* buf_getstring(buffer* buf, unsigne
+ 
+       unsigned int len;
+       char* ret;
++      void* src = NULL;
+       len = buf_getint(buf);
+       if (len > MAX_STRING_LEN) {
+               dropbear_exit("String too long");
+@@ -217,8 +218,9 @@ char* buf_getstring(buffer* buf, unsigne
+       if (retlen != NULL) {
+               *retlen = len;
+       }
++      src = buf_getptr(buf, len);
+       ret = m_malloc(len+1);
+-      memcpy(ret, buf_getptr(buf, len), len);
++      memcpy(ret, src, len);
+       buf_incrpos(buf, len);
+       ret[len] = '\0';
+
author	Konstantin Demin <rockdrilla@gmail.com>
	Tue, 16 Oct 2018 13:31:44 +0000 (16:31 +0300)
committer	Hans Dedecker <dedeckeh@gmail.com>
	Thu, 8 Nov 2018 10:07:05 +0000 (11:07 +0100)