Fix buffer overflow vulnerability. Bump version to 2.0.2.

2003-05-11 14:36:26 +00:00
parent ca0915e32c
commit 5516366d00
4 changed files with 14 additions and 1 deletions
--- a/4
+++ b/4
@@ -1,3 +1,7 @@
+2003-05-11  Andrew Sobala  <aes@gnome.org>
+
+	* configure.in: release 2.0.2
+
 2003-05-10  Danilo Šegan  <dsegan@gmx.net>

 	* configure.in: Added "sr" and "sr@Latn" to ALL_LINGUAS.
--- a/configure.in
+++ b/configure.in
@@ -8,7 +8,7 @@ AC_CANONICAL_SYSTEM

 LIBGTOP_MAJOR_VERSION=2
 LIBGTOP_MINOR_VERSION=0
-LIBGTOP_MICRO_VERSION=1
+LIBGTOP_MICRO_VERSION=2
 LIBGTOP_VERSION=$LIBGTOP_MAJOR_VERSION.$LIBGTOP_MINOR_VERSION.$LIBGTOP_MICRO_VERSION
 AM_INIT_AUTOMAKE(libgtop, $LIBGTOP_VERSION)
 LIBGTOP_INTERFACE_AGE=1
--- a/src/daemon/ChangeLog
+++ b/src/daemon/ChangeLog
@@ -1,3 +1,7 @@
+2003-05-11  Andrew Sobala  <aes@gnome.org>
+
+	* gnuserv.c: (permitted): fix buffer overflow vulnerability
+
 2001-02-14  Martin Baulig  <baulig@suse.de>

 	* Makefile.am (libgtop_server_LDADD): Removed @LIBSUPPORT@.
--- a/src/daemon/gnuserv.c
+++ b/src/daemon/gnuserv.c
@@ -199,6 +199,11 @@ permitted (u_long host_addr, int fd)
 	    return FALSE;

 	auth_data_len = atoi (buf);
+	
+	if (auth_data_len < 1 || auth_data_len > sizeof(buf)) {
+	    syslog_message(LOG_WARNING, "Invalid data length supplied by client");
+	    return FALSE;
+	}

 	if (timed_read (fd, buf, auth_data_len, AUTH_TIMEOUT, 0) != auth_data_len)
 	    return FALSE;