diff options
| -rw-r--r-- | FREEBSD-upgrade | 3 | ||||
| -rw-r--r-- | libparse/clk_rawdcf.c | 4 |
2 files changed, 5 insertions, 2 deletions
diff --git a/FREEBSD-upgrade b/FREEBSD-upgrade index a2f7d84e368a..e1e18995e73d 100644 --- a/FREEBSD-upgrade +++ b/FREEBSD-upgrade @@ -48,3 +48,6 @@ branch for unsigned char/int fixes and removal of a DoS. Documentation in /usr/share/doc/ntp is generated from the HTML files with lynx (without the GIF files of course). + +One patch needs to be applied after that to close two buffer overflows. See +bin/92839 for details. diff --git a/libparse/clk_rawdcf.c b/libparse/clk_rawdcf.c index 3ef36c43ea37..3465e8dfbad1 100644 --- a/libparse/clk_rawdcf.c +++ b/libparse/clk_rawdcf.c @@ -229,7 +229,7 @@ convert_rawdcf( unsigned char *c = dcfprm->zerobits; int i; - parseprintf(DD_RAWDCF,("parse: convert_rawdcf: \"%s\"\n", buffer)); + parseprintf(DD_RAWDCF,("parse: convert_rawdcf: \"%.*s\"\n", size, buffer)); if (size < 57) { @@ -320,7 +320,7 @@ convert_rawdcf( * bad format - not for us */ #ifndef PARSEKERNEL - msyslog(LOG_ERR, "parse: convert_rawdcf: parity check FAILED for \"%s\"\n", buffer); + msyslog(LOG_ERR, "parse: convert_rawdcf: parity check FAILED for \"%.*s\"\n", size, buffer); #endif return CVT_FAIL|CVT_BADFMT; } |