lantiq: add Linux 5.4 support as testing kernel version
[openwrt/staging/mkresin.git] / package / network / services / ppp / patches / 700-radius-Prevent-buffer-overflow-in-rc_mksid.patch
1 From 858976b1fc3107f1261aae337831959b511b83c2 Mon Sep 17 00:00:00 2001
2 From: Paul Mackerras <paulus@ozlabs.org>
3 Date: Sat, 4 Jan 2020 12:01:32 +1100
4 Subject: [PATCH] radius: Prevent buffer overflow in rc_mksid()
5
6 On some systems getpid() can return a value greater than 65535.
7 Increase the size of buf[] to allow for this, and use slprintf()
8 to make sure we never overflow it.
9
10 Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
11 ---
12 pppd/plugins/radius/util.c | 4 ++--
13 1 file changed, 2 insertions(+), 2 deletions(-)
14
15 diff --git a/pppd/plugins/radius/util.c b/pppd/plugins/radius/util.c
16 index 6f976a712951..740131e8377c 100644
17 --- a/pppd/plugins/radius/util.c
18 +++ b/pppd/plugins/radius/util.c
19 @@ -73,9 +73,9 @@ void rc_mdelay(int msecs)
20 char *
21 rc_mksid (void)
22 {
23 - static char buf[15];
24 + static char buf[32];
25 static unsigned short int cnt = 0;
26 - sprintf (buf, "%08lX%04X%02hX",
27 + slprintf(buf, sizeof(buf), "%08lX%04X%02hX",
28 (unsigned long int) time (NULL),
29 (unsigned int) getpid (),
30 cnt & 0xFF);