FreeBSD Bugzilla – Attachment 206714 Details for
Bug 239976
Integer Overflow: ping(8) option "-s", bypass the invalid packet size check
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed patch
ping.c.patch (text/plain), 476 bytes, created by
Neeraj
on 2019-08-19 23:00:08 UTC
(
hide
)
Description:
proposed patch
Filename:
MIME Type:
Creator:
Neeraj
Created:
2019-08-19 23:00:08 UTC
Size:
476 bytes
patch
obsolete
>=================================================================== >--- sbin/ping/ping.c (revision 351236) >+++ sbin/ping/ping.c (working copy) >@@ -473,7 +473,7 @@ > break; > case 's': /* size of packet to send */ > ltmp = strtol(optarg, &ep, 0); >- if (*ep || ep == optarg || ltmp < 0) >+ if (*ep || ep == optarg || ltmp > (long)INT_MAX || ltmp < 0) > errx(EX_USAGE, "invalid packet size: `%s'", > optarg); > if (uid != 0 && ltmp > DEFDATALEN) {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=206714">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 239976
: 206714