bareos: master 86c6fa47
| Author | Committer | Branch | Timestamp | Parent | |
|---|---|---|---|---|---|
| arogge | arogge | master | 2020-04-29 14:20 | master 5dc82cc0 | Pending |
| Affected Issues | 0001210: Security vulnerability results in heap overflow in director when doing a Verify job against a file daemon. | ||||
| Changeset | dir: avoid heap-overflow during verify job Fixes 0001210: Security vulnerability results in heap overflow in director when doing a Verify job against a file daemon. Previously the code did not check that the target buffer that scanf() wrote into was big enough to fit the data. This patch now resizes the buffer to the size of the message buffer that is being parsed ensuring that there is no heap overflow anymore. |
||||
| mod - core/src/dird/fd_cmds.cc | Diff File | ||||
