diff options
| author | Jonathan Gray <jsg@cvs.openbsd.org> | 2014-11-20 05:51:22 +0000 |
|---|---|---|
| committer | Jonathan Gray <jsg@cvs.openbsd.org> | 2014-11-20 05:51:22 +0000 |
| commit | 2eaa981b579a68f8adabaad74640807821ddd131 (patch) | |
| tree | b12cf2076861693c4d14b3a5130ee1ff2dca4fc8 /sbin/iked/parse.y | |
| parent | 6a369f972afd1add899318b0d0d9d2b2877778e0 (diff) | |
Don't allow embedded nul characters in strings.
Fixes a pfctl crash with an anchor name containing
an embedded nul found with the afl fuzzer.
pfctl parse.y patch from and ok deraadt@
Diffstat (limited to 'sbin/iked/parse.y')
| -rw-r--r-- | sbin/iked/parse.y | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y index 0e44806d310..6a2c570518d 100644 --- a/sbin/iked/parse.y +++ b/sbin/iked/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.41 2014/11/14 03:22:47 doug Exp $ */ +/* $OpenBSD: parse.y,v 1.42 2014/11/20 05:51:20 jsg Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -1296,6 +1296,9 @@ top: } else if (c == quotec) { *p = '\0'; break; + } else if (c == '\0') { + yyerror("syntax error"); + return (findeol()); } if (p + 1 >= buf + sizeof(buf) - 1) { yyerror("string too long"); |