On Fri, Feb 12, 2016 at 11:28:22PM +, Michael Savage wrote:
> I've added a comment and replaced memcpy with strlcpy as suggested.
Commited, Thanks
bluhm
I've added a comment and replaced memcpy with strlcpy as suggested.
> Nitpick, but I'd probably slightly prefer parse_priority.
Me too, but it gets called by printline/printsys so I copied that. If
anyone has stronger feelings about it I'll change it to whatever.
> Looking at the old code again,
Michael Savage wrote:
> Here's a patch with less fragile parsing code.
Comments inline.
> Index: syslogd.c
> ===
> RCS file: /cvs/src/usr.sbin/syslogd/syslogd.c,v
> retrieving revision 1.177
> diff -u -p -r1.177 syslogd.c
> --- syslo
Here's a patch with less fragile parsing code.
Mike
Index: syslogd.c
===
RCS file: /cvs/src/usr.sbin/syslogd/syslogd.c,v
retrieving revision 1.177
diff -u -p -r1.177 syslogd.c
--- syslogd.c 20 Jul 2015 19:49:33 - 1.177
+++
Michael Savage wrote:
> I found an integer overflow in syslogd which can be triggered by
> compiling and running:
>
> #include
> #include
> #include
>
> int main( int argc, char ** argv ) {
> const char * msg = "<> hello";
&g
I found an integer overflow in syslogd which can be triggered by
compiling and running:
#include
#include
#include
int main( int argc, char ** argv ) {
const char * msg = "<> hello";
return sendsyslog( msg, strlen( msg ) );
}
The problematic code
