dovecot-2.2: Fixed off-by-one buffer overflows (practically non-...
dovecot at dovecot.org
dovecot at dovecot.org
Wed Sep 4 21:24:02 EEST 2013
details: http://hg.dovecot.org/dovecot-2.2/rev/72028f670746
changeset: 16707:72028f670746
user: Timo Sirainen <tss at iki.fi>
date: Wed Sep 04 21:23:33 2013 +0300
description:
Fixed off-by-one buffer overflows (practically non-exploitable).
Found by Coverity scan.
diffstat:
src/doveadm/doveadm-master.c | 2 +-
src/master/main.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diffs (33 lines):
diff -r 108a8158c1a9 -r 72028f670746 src/doveadm/doveadm-master.c
--- a/src/doveadm/doveadm-master.c Mon Sep 02 17:44:39 2013 +0300
+++ b/src/doveadm/doveadm-master.c Wed Sep 04 21:23:33 2013 +0300
@@ -23,7 +23,7 @@
i_fatal("open(%s) failed: %m", path);
}
- ret = read(fd, buf, sizeof(buf));
+ ret = read(fd, buf, sizeof(buf)-1);
if (ret <= 0) {
if (ret == 0)
i_error("Empty PID file in %s", path);
diff -r 108a8158c1a9 -r 72028f670746 src/master/main.c
--- a/src/master/main.c Mon Sep 02 17:44:39 2013 +0300
+++ b/src/master/main.c Wed Sep 04 21:23:33 2013 +0300
@@ -201,7 +201,7 @@
if (fd == -1)
return;
- ret = read(fd, buf, sizeof(buf));
+ ret = read(fd, buf, sizeof(buf)-1);
if (ret < 0)
i_error("read(%s) failed: %m", path);
else {
@@ -231,7 +231,7 @@
i_fatal("open(%s) failed: %m", path);
}
- ret = read(fd, buf, sizeof(buf));
+ ret = read(fd, buf, sizeof(buf)-1);
if (ret <= 0) {
if (ret == 0)
i_error("Empty PID file in %s, overriding", path);
More information about the dovecot-cvs
mailing list