| commit | 42ad8c2c4805b825317b8944df1c3cf1c2c3c2cc | |
| author | Martin Schwenke <martin@meltin.net> | |
| Tue, 9 Jun 2020 01:52:50 +0000 (9 11:52 +1000) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Mon, 6 Jul 2020 09:50:31 +0000 (6 09:50 +0000) | ||
| tree | 560c1a450fe2920c69ceee103d685efe19f584b9 | treesnapshot (tar.gz zip) |
| parent | 79f5d88663ba8e106f3c04e420478afc499afbee | commitdiff |
util: Simplify input validation
It appears that snprintf(3) is being used for input validation.
However, this seems like overkill because it causes szPath to be
copied an extra time. The mostly likely protections being sought
here, according to https://cwe.mitre.org/data/definitions/20.html,
look to be DoS attacks involving CPU and memory usage. A simpler
check that uses strnlen(3) can mitigate against both of these and is
simpler.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Bjoern Jacke <bjacke@samba.org>
(cherry picked from commit 922bce2668994dd2a5988c17060f977e9bb0c229)
It appears that snprintf(3) is being used for input validation.
However, this seems like overkill because it causes szPath to be
copied an extra time. The mostly likely protections being sought
here, according to https://cwe.mitre.org/data/definitions/20.html,
look to be DoS attacks involving CPU and memory usage. A simpler
check that uses strnlen(3) can mitigate against both of these and is
simpler.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Bjoern Jacke <bjacke@samba.org>
(cherry picked from commit 922bce2668994dd2a5988c17060f977e9bb0c229)
| lib/util/util_paths.c | diffblobblamehistory |