be more strict in check_option(). - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	stevesk <stevesk@openbsd.org>	2010-03-25 18:37:36 +0000
committer	stevesk <stevesk@openbsd.org>	2010-03-25 18:37:36 +0000
commit	37c64922428701ed8b0aa86cdc2f3ecfe5219a05 (patch)
tree	7f4d41dc0eef81b2be6f1904694c50384120cba0 /gnu/lib/libreadline/input.c
parent	s/parititon/partition/ in error message (diff)
download	wireguard-openbsd-37c64922428701ed8b0aa86cdc2f3ecfe5219a05.tar.xz wireguard-openbsd-37c64922428701ed8b0aa86cdc2f3ecfe5219a05.zip

be more strict in check_option().

ISC dhclient had a buffer overflow: http://www.kb.cert.org/vuls/id/410676 and while our dhclient is not vulnerable to that, it got us looking at how the subnet mask option is handled. this limits specific ip address options to length 4 in conformance with RFC 2132. discussion started by william@ and with input from krw@ ok krw@

Diffstat (limited to 'gnu/lib/libreadline/input.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: