[Midnightbsd-cvs] [MidnightBSD/src] 9617b9: Fix a potential memory overflow in cron.
Lucas Holt
noreply at github.com
Mon May 29 16:18:15 EDT 2023
Branch: refs/heads/master
Home: https://github.com/MidnightBSD/src
Commit: 9617b9e20af41c60fb7ba8eff94ad2ec03caeb45
https://github.com/MidnightBSD/src/commit/9617b9e20af41c60fb7ba8eff94ad2ec03caeb45
Author: Lucas Holt <luke at foolishgames.com>
Date: 2023-05-29 (Mon, 29 May 2023)
Changed paths:
M usr.sbin/cron/lib/entry.c
Log Message:
-----------
Fix a potential memory overflow in cron.
bit_nset is used to set bits [start, stop], which the stop position
is included, so we should pass `bitstring size - 1` as the stop,
or it will potentially overflow. It is ok with the month and dom,
because their allocted byte was not fully used, but for dow and
hour, they use 8 bits and 24bits, the following statement will
write the next byte.
bit_nset(e->hour, 0, (LAST_HOUR-FIRST_HOUR+1));
bit_nset(e->dow, 0, (LAST_DOW-FIRST_DOW+1));
See https://github.com/vixie/cron/pull/14/commits/fac29ab04ba02f4b4923c9d2c2e4ce111f60d252
More information about the Midnightbsd-cvs
mailing list