SSHGuard / Patches / #5 buffer overflow fix

#5 buffer overflow fix

Status: accepted

Owner: Mij

Labels: None

Priority: 5

Updated: 2015-03-01

Created: 2009-06-17

Creator: T.J. Jones

Private: No

small fix to prevent buffer overflow in the pidfilename received from cmdline

Discussion

T.J. Jones - 2009-06-17

patch for sshguard_procauth.c

procauth.patch

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

T.J. Jones - 2009-06-17

if sshguard is setuid and attacker has access to the box, root can be gained using crafted input.
Changes:
Changed the size of pidfilename array to FILENAME_MAX and then check to make sure the length of the supplied filename is within this limit. If not the error is logged and application terminates.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mij - 2009-07-14

assigned_to: nobody --> mijio

status: open --> closed-fixed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mij - 2009-07-14

integrated

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Kevin Zheng - 2015-03-01

Status: closed-fixed --> accepted
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.