bareos: bareos-18.2 66c3f31f

Author Committer Branch Timestamp Parent
arogge arogge bareos-18.2 2020-04-29 14:20 bareos-18.2 2a0a0e2e Pending
Affected Issues  0001210: Security vulnerability results in heap overflow in director when doing a Verify job against a file daemon.
Changeset dir: avoid heap-overflow during verify job

Fixes 0001210: Security vulnerability results in heap overflow in director
             when doing a Verify job against a file daemon.

Previously the code did not check that the target buffer that scanf()
wrote into was big enough to fit the data.
This patch now resizes the buffer to the size of the message buffer that
is being parsed ensuring that there is no heap overflow anymore.

(backport of 86c6fa479a21a1464366babb74e6cf33770ed7ae)
mod - core/src/dird/fd_cmds.cc Diff File