about summary refs log tree commit diff
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2004-10-25 03:16:46 +0000
committerUlrich Drepper <drepper@redhat.com>2004-10-25 03:16:46 +0000
commitfaf4346213f508c24ccc489187e637c6548d26d9 (patch)
treeef59c6a0f0eb116be1a620e9ba5343178f656e43
parent78d8d2117bcb9b5926a2af189bdf4bced4deb982 (diff)
downloadglibc-faf4346213f508c24ccc489187e637c6548d26d9.tar.gz
glibc-faf4346213f508c24ccc489187e637c6548d26d9.tar.xz
glibc-faf4346213f508c24ccc489187e637c6548d26d9.zip
Update.
	* nis/nis_addmember.c (nis_addmember): Add assert to check buffer
	bounds.
-rw-r--r--ChangeLog3
-rw-r--r--nis/nis_addmember.c5
2 files changed, 7 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 1366284ef1..2fc75d753b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2004-10-24  Ulrich Drepper  <drepper@redhat.com>
 
+	* nis/nis_addmember.c (nis_addmember): Add assert to check buffer
+	bounds.
+
 	* resolv/nss_dns/dns-host.c: Avoid using PLTs.
 	* include/libc-symbols.h: Define hidden attribute macros for
 	libnss_nisplus and libutil.
diff --git a/nis/nis_addmember.c b/nis/nis_addmember.c
index e7e429c4fd..bbe1c23977 100644
--- a/nis/nis_addmember.c
+++ b/nis/nis_addmember.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 1997, 1998, 1999 Free Software Foundation, Inc.
+/* Copyright (c) 1997, 1998, 1999, 2004 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1997.
 
@@ -17,6 +17,7 @@
    Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
    02111-1307 USA.  */
 
+#include <assert.h>
 #include <string.h>
 #include <rpcsvc/nis.h>
 
@@ -71,6 +72,8 @@ nis_addmember (const_nis_name member, const_nis_name group)
 	}
       ++NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_len;
 
+      /* Check the buffer bounds are not exceeded.  */
+      assert (strlen (NIS_RES_OBJECT(res)->zo_name) + 1 < grouplen + 14);
       cp = stpcpy (buf, NIS_RES_OBJECT(res)->zo_name);
       *cp++ = '.';
       strncpy (cp, NIS_RES_OBJECT (res)->zo_domain, NIS_MAXNAMELEN);