------------------------------------------------------------ revno: 12435 revision-id: squid3@treenet.co.nz-20130102033431-hg65sqdl80pmfnnn parent: squid3@treenet.co.nz-20130102002010-izh8ycomj5ifps3r author: Thomas Hozza committer: Amos Jeffries branch nick: 3.3 timestamp: Tue 2013-01-01 20:34:31 -0700 message: Make sure copied strings are properly terminated in snmplib and wccp2 ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: squid3@treenet.co.nz-20130102033431-hg65sqdl80pmfnnn # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # testament_sha1: 45afd5a163127691efd607f9d84762d85f72c649 # timestamp: 2013-01-02 03:38:34 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # base_revision_id: squid3@treenet.co.nz-20130102002010-\ # izh8ycomj5ifps3r # # Begin patch === modified file 'snmplib/parse.c' --- snmplib/parse.c 2012-12-30 07:31:50 +0000 +++ snmplib/parse.c 2013-01-02 03:34:31 +0000 @@ -1008,6 +1008,7 @@ return NULL; } strncpy(name, token, 64); + name[63] = '\0'; type = get_token(fp, token); if (type == OBJTYPE) { if (root == NULL) { === modified file 'src/wccp2.cc' --- src/wccp2.cc 2012-11-29 10:26:58 +0000 +++ src/wccp2.cc 2013-01-02 03:34:31 +0000 @@ -584,6 +584,7 @@ /* The password field, for the MD5 hash, needs to be 8 bytes and NUL padded. */ memset(pwd, 0, sizeof(pwd)); strncpy(pwd, password, sizeof(pwd)); + pwd[sizeof(pwd) - 1] = '\0'; ws = (struct wccp2_security_md5_t *) ptr; assert(ntohs(ws->security_type) == WCCP2_SECURITY_INFO); @@ -651,6 +652,7 @@ /* The password field, for the MD5 hash, needs to be 8 bytes and NUL padded. */ memset(pwd, 0, sizeof(pwd)); strncpy(pwd, srv->wccp_password, sizeof(pwd)); + pwd[sizeof(pwd) - 1] = '\0'; /* Take a copy of the challenge: we need to NUL it before comparing */ memcpy(md5_challenge, ws->security_implementation, 16);