Fix buffer overflow in __pmDecodeNameReq routine
authorNathan Scott <nathans@redhat.com>
Mon, 13 Aug 2012 01:28:43 +0000 (11:28 +1000)
committerNathan Scott <nathans@redhat.com>
Mon, 13 Aug 2012 01:28:43 +0000 (11:28 +1000)
commitbfb3ab8c6b3d75b1a6580feee76a7d0925a3633c
treef139db50f3ef728d15ba0633709d436fe5c293d5
parentb441980d53be1835b25f0cd6bcc0062da82032dd
Fix buffer overflow in __pmDecodeNameReq routine

DecodeNameReq does not check the namelen field against the PDU size.
This can lead to a crash.

Original report and fixes reviewed by Florian Weimer of the Red Hat
Security team.  Red Hat bugzilla bug #841180.

Security advisory CVE-2012-3418.
src/libpcp/src/p_pmns.c