Prevent buffer overflow with large ID strings

Brought to you by: audetjm, blaism, carolh, ferlandm, and 5 others

#350 Prevent buffer overflow with large ID strings

Milestone: None

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2014-12-20

Created: 2010-05-21

Creator: Jean Delvare

Private: No

When IPMI records have ID strings larger than 16 bytes, we have to make sure we only read 16 bytes, because the structures used only have room for that many bytes, and so does the desc buffer.

Note: I made the changes minimal because I am not familiar with the code. But I am really curious why the structures only reserve only 16 bytes for id_string when the IPMI specification says the maximum valid length is 30.

Discussion

Jean Delvare - 2010-05-21

Proposed fix

ipmitool-prevent-desc-buffer-overflow.patch

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Zdenek Styblik - 2014-12-20

Ticket moved from /p/ipmitool/patches/40/

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Prevent buffer overflow with large ID strings

Group

Searches

Help

#350 Prevent buffer overflow with large ID strings

Discussion