OpenAFS Master Repository branch, openafs-stable-1_6_x, updated. openafs-stable-1_6_8-11-g1351548
Gerrit Code Review
gerrit@openafs.org
Tue, 3 Jun 2014 12:17:47 -0400
The following commit has been merged in the openafs-stable-1_6_x branch:
commit 13515489cbfd138d221d54bdedc4bf44ff24778e
Author: Simon Wilkinson <sxw@your-file-system.com>
Date: Tue Feb 26 22:27:25 2013 +0000
auth: Fix buffer overflow in afsconf_Open
If we fallback to the .AFSCONF file in the user's homedirectory,
the results of getenv("HOME") are copied into a fixed length string,
without checking for overflows.
Instead of risking this, just use asprintf to dynamically construct
a string, and free it when we are done.
Caught by coverity (#985905)
Reviewed-on: http://gerrit.openafs.org/9292
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 41d9ea697bf5e81e5003ad7b208788223c25536b)
Change-Id: I5b8664328dd0d397cbe459ff1e7667e63afc31e2
Reviewed-on: http://gerrit.openafs.org/11019
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
src/auth/cellconfig.c | 12 ++++++++++--
1 files changed, 10 insertions(+), 2 deletions(-)
--
OpenAFS Master Repository