Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
cifs-utils
0016-CVE-2022-27239-mount.cifs-fix-length-check...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0016-CVE-2022-27239-mount.cifs-fix-length-check-for-ip-op.patch of Package cifs-utils
From 06d09c2143a6f9e74858bb33e036025215595e73 Mon Sep 17 00:00:00 2001 From: Jeffrey Bencteux <jbe@improsec.com> Date: Thu, 17 Mar 2022 12:58:52 -0400 Subject: [PATCH] CVE-2022-27239: mount.cifs: fix length check for ip option parsing Previous check was true whatever the length of the input string was, leading to a buffer overflow in the subsequent strcpy call. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15025 Signed-off-by: Jeffrey Bencteux <jbe@improsec.com> Reviewed-by: David Disseldorp <ddiss@suse.de> --- mount.cifs.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mount.cifs.c b/mount.cifs.c index 84274c98ddf5..3a6b449cc10c 100644 --- a/mount.cifs.c +++ b/mount.cifs.c @@ -926,9 +926,10 @@ parse_options(const char *data, struct parsed_mount_info *parsed_info) if (!value || !*value) { fprintf(stderr, "target ip address argument missing\n"); - } else if (strnlen(value, MAX_ADDRESS_LEN) <= + } else if (strnlen(value, MAX_ADDRESS_LEN) < MAX_ADDRESS_LEN) { - strcpy(parsed_info->addrlist, value); + strlcpy(parsed_info->addrlist, value, + MAX_ADDRESS_LEN); if (parsed_info->verboseflag) fprintf(stderr, "ip address %s override specified\n", -- 2.35.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor