From ef0f3c32888165c1a39b078f23ce7e1fc57fec66 Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Wed, 15 Jun 2016 15:56:38 -0400 Subject: [PATCH] getcert: fix a potential out-of-bounds In getcert, fix a potential out-of-bounds write while gathering parameters to send to the daemon as part of an "add_request" API request, present since 20a6536febf0815d0b3d301133820a46fdd6ef21. --- src/getcert.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/getcert.c b/src/getcert.c index cfa36fb1a7ea16c9c9bacc8f40360efa594b7830..c84273a9bfc8730422f18ade87ce174fbbc44634 100644 --- a/src/getcert.c +++ b/src/getcert.c @@ -1499,8 +1499,8 @@ add_basic_request(enum cm_tdbus_type bus, char *id, { DBusMessage *req, *rep; int i; - struct cm_tdbusm_dict param[25]; - const struct cm_tdbusm_dict *params[26]; + struct cm_tdbusm_dict param[26]; + const struct cm_tdbusm_dict *params[27]; dbus_bool_t b; const char *capath; char *p; @@ -1738,8 +1738,8 @@ set_tracking(const char *argv0, const char *category, enum cm_tdbus_type bus = CM_DBUS_DEFAULT_BUS; DBusMessage *req, *rep; const char *request, *capath; - struct cm_tdbusm_dict param[25]; - const struct cm_tdbusm_dict *params[26]; + struct cm_tdbusm_dict param[26]; + const struct cm_tdbusm_dict *params[27]; char *nss_scheme, *dbdir = NULL, *token = NULL, *nickname = NULL; char **anchor_dbs = NULL, **anchor_files = NULL; char *id = NULL, *new_id = NULL, *new_request; -- 2.9.0