[PATCH] s4/rpc_server/dnsserver/dnsdata.c: fix out-of-bound buffer access

Aurélien Aptel aaptel at suse.com
Fri Mar 4 12:32:09 UTC 2016

On Fri, 4 Mar 2016 12:23:27 +0100 Aurélien Aptel <aaptel at suse.com>
> The attached patch simply removes the memcpy() call. Another
> (non-)solution would be to copy sizeof(dnsp->data) bytes but I don't
> think it's right, as I said earlier.

Hm. I guess we should also remove the memcpy() in the other direction in
the default case of the dns_to_dnsp_copy() and set an error flag of
some sort in both cases and handle it in at the caller location. This
probably needs more work.

Aurélien Aptel / SUSE Labs Samba Team
GPG: 1839 CB5F 9F5B FB9B AA97  8C99 03C8 A49B 521B D5D3
SUSE Linux GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160304/42b46331/attachment.sig>

More information about the samba-technical mailing list