Blame SOURCES/ntp-4.2.6p5-cve-2015-7852.patch

2b78f7
diff -up ntp-4.2.6p5/ntpq/ntpq.c.cve-2015-7852 ntp-4.2.6p5/ntpq/ntpq.c
2b78f7
--- ntp-4.2.6p5/ntpq/ntpq.c.cve-2015-7852	2015-10-21 19:38:34.008129649 +0200
2b78f7
+++ ntp-4.2.6p5/ntpq/ntpq.c	2015-10-21 19:39:40.207742621 +0200
2b78f7
@@ -3449,12 +3449,17 @@ cookedprint(
2b78f7
 			char bv[401];
2b78f7
 			int len;
2b78f7
 
2b78f7
+			/* TALOS-CAN-0063: avoid buffer overrun */
2b78f7
 			atoascii(name, MAXVARLEN, bn, sizeof(bn));
2b78f7
-			atoascii(value, MAXVARLEN, bv, sizeof(bv));
2b78f7
 			if (output_raw != '*') {
2b78f7
+				atoascii(value, MAXVALLEN,
2b78f7
+					 bv, sizeof(bv) - 1);
2b78f7
 				len = strlen(bv);
2b78f7
 				bv[len] = output_raw;
2b78f7
 				bv[len+1] = '\0';
2b78f7
+			} else {
2b78f7
+				atoascii(value, MAXVALLEN,
2b78f7
+					 bv, sizeof(bv));
2b78f7
 			}
2b78f7
 			output(fp, bn, bv);
2b78f7
 		}