Blame SOURCES/ntp-4.2.6p5-cve-2015-7852.patch

063937
diff -up ntp-4.2.6p5/ntpq/ntpq.c.cve-2015-7852 ntp-4.2.6p5/ntpq/ntpq.c
063937
--- ntp-4.2.6p5/ntpq/ntpq.c.cve-2015-7852	2015-10-21 19:38:34.008129649 +0200
063937
+++ ntp-4.2.6p5/ntpq/ntpq.c	2015-10-21 19:39:40.207742621 +0200
063937
@@ -3449,12 +3449,17 @@ cookedprint(
063937
 			char bv[401];
063937
 			int len;
063937
 
063937
+			/* TALOS-CAN-0063: avoid buffer overrun */
063937
 			atoascii(name, MAXVARLEN, bn, sizeof(bn));
063937
-			atoascii(value, MAXVARLEN, bv, sizeof(bv));
063937
 			if (output_raw != '*') {
063937
+				atoascii(value, MAXVALLEN,
063937
+					 bv, sizeof(bv) - 1);
063937
 				len = strlen(bv);
063937
 				bv[len] = output_raw;
063937
 				bv[len+1] = '\0';
063937
+			} else {
063937
+				atoascii(value, MAXVALLEN,
063937
+					 bv, sizeof(bv));
063937
 			}
063937
 			output(fp, bn, bv);
063937
 		}