From: Michael Rash <mbr@cipherdyne.org>
Date: Sun, 2 Sep 2012 03:37:03 +0000 (-0400)
Subject: fixed potential buffer overflow discovered by Fernando Arnaboldi of IOActive
X-Git-Tag: fwknop-2.0.3~9
X-Git-Url: http://www.cipherdyne.com/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff_plain;h=86b403dadb90c30deb51b3530e8ebbb791531615

fixed potential buffer overflow discovered by Fernando Arnaboldi of IOActive
---

diff --git a/server/access.c b/server/access.c
index 280e702..5778c01 100644
--- a/server/access.c
+++ b/server/access.c
@@ -501,6 +501,12 @@ expand_acc_string_list(acc_string_list_t **stlist, char *stlist_str)
             while(isspace(*start))
                 start++;
 
+            if(((ndx-start)+1) >= 1024)
+            {
+                fprintf(stderr, "Fatal str->list too long");
+                exit(EXIT_FAILURE);
+            }
+
             strlcpy(buf, start, (ndx-start)+1);
             add_string_list_ent(stlist, buf);
             start = ndx+1;
@@ -512,6 +518,12 @@ expand_acc_string_list(acc_string_list_t **stlist, char *stlist_str)
     while(isspace(*start))
         start++;
 
+    if(((ndx-start)+1) >= 1024)
+    {
+        fprintf(stderr, "Fatal str->list too long");
+        exit(EXIT_FAILURE);
+    }
+
     strlcpy(buf, start, (ndx-start)+1);
 
     add_string_list_ent(stlist, buf);