1. clamav-devel
  2. Commit 9e24136909f6cd8eb26addeb5fc35e294cd6734f
Browse code

cid 10566 edge case: string not null terminated

Steve Morgan authored on 2013/02/16 01:14:28
Showing 1 changed files
sigtool/sigtool.c
History View file @ 9e24136
... ... 
@@ -1,5 +1,5 @@
1 1 
 /*
2 
- *  Copyright (C) 2007 - 2008 Sourcefire, Inc.
2 
+ *  Copyright (C) 2007 - 2013 Sourcefire, Inc.
3 3 
  *  Copyright (C) 2002 - 2007 Tomasz Kojm <tkojm@clamav.net>
4 4 
  *  CDIFF code (C) 2006 Sensory Networks, Inc.
5 5 
  *  Author: Tomasz Kojm <tkojm@clamav.net>
... ... 
@@ -365,7 +365,7 @@ static char *getdsig(const char *host, const char *user, const unsigned char *da
365 365 
     memset(pass, 0, sizeof(pass));
366 366 
     memset(buff, 0, sizeof(buff));
367 367
368 
-    if((bread = recv(sockd, buff, sizeof(buff), 0)) > 0) {
368 
+    if((bread = recv(sockd, buff, sizeof(buff)-1, 0)) > 0) {
369 369 
 	if(!strstr(buff, "Signature:")) {
370 370 
 	    mprintf("!getdsig: Error generating digital signature\n");
371 371 
 	    mprintf("!getdsig: Answer from remote server: %s\n", buff);