Permalink
Browse files

Prevent a potential buffer overflow reading the tube name.

  • Loading branch information...
1 parent 350de57 commit 6f7117832b6543e2f046b7a3b6088eb2a3c88f2b Phil Ross committed with Oct 15, 2009
Showing with 4 additions and 0 deletions.
  1. +4 −0 binlog.c
View
@@ -173,6 +173,10 @@ binlog_read_log_file(binlog b, job binlog_jobs)
}
while (read(b->fd, &namelen, sizeof(size_t)) == sizeof(size_t)) {
+ if (namelen >= MAX_TUBE_NAME_LEN) {
+ return binlog_warn(b, "namelen %d exceeds maximum of %d", namelen, MAX_TUBE_NAME_LEN - 1);
+ }
+
if (namelen > 0) {
r = read(b->fd, tubename, namelen);
if (r == -1) return twarn("read()");

0 comments on commit 6f71178

Please sign in to comment.