j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Fix potential buffer overflow reading the PID file.

Browse source 
Found by cppcheck.
This commit is contained in:
Guus Sliepen 2012-11-10 23:09:31 +01:00
parent edc08b73a9
commit b355476e91
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/tincctl.c
View file

@ -57,7 +57,7 @@ static char *name = NULL;
static char *identname = NULL; /* program name for syslog */
static char *pidfilename = NULL; /* pid file location */
static char *confdir = NULL;
static char controlcookie[1024];
static char controlcookie[1025];
char *netname = NULL;
char *confbase = NULL;
static char *tinc_conf = NULL;
@ -708,8 +708,8 @@ static bool connect_tincd(bool verbose) {
return false;
}
char host[128];
char port[128];
char host[129];
char port[129];
if(fscanf(f, "%20d %1024s %128s port %128s", &pid, controlcookie, host, port) != 4) {
if(verbose)