[PATCH] Fix buffer overflows with "long" messages in syslog()

Nick Withers nick.withers at anu.edu.au
Mon Jan 20 02:07:46 UTC 2014


Hi all,

The attached patch replaces some unsafe buffer operations in syslog()
which would cause stack buffer overflow when the syslog message length
(including Facility and Level encoding) would exceed 199 characters.

(There's still the implicit assumption that *printf() won't error and
return -1)
-- 
Nick Withers

Embedded Systems Programmer
Department of Nuclear Physics, Research School of Physics and Engineering
The Australian National University (CRICOS: 00120C)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: syslog_no_sprintf.patch
Type: text/x-patch
Size: 2067 bytes
Desc: not available
URL: <http://lists.rtems.org/pipermail/devel/attachments/20140120/4e408c9c/attachment.bin>


More information about the devel mailing list