tt_isam_record.C: fix CERT VU#387387 part 2

2025-02-13 19:52:20 +00:00 · 2012-05-26 18:29:26 -06:00 · 2012-05-26 18:29:26 -06:00 · 95e6fd42cc
commit 95e6fd42cc
parent e820f21540
1 changed files with 14 additions and 1 deletions
--- a/cde/lib/tt/bin/ttdbserverd/tt_isam_record.C
+++ b/cde/lib/tt/bin/ttdbserverd/tt_isam_record.C
@ -159,5 +159,18 @@ void _Tt_isam_record::setBytes (int               start,
 				int               length,
 				const _Tt_string &value)
 {
-  (void)memcpy((char *)buffer+start, (char *)value, length);
+  // JET - CERT vulnerability: VU#387387 - value is user supplied.
+  // Geez.
+  int bavail = (maxLength - start);
+  int bcp = 0;
+
+  if (bavail <= 0)
+    return;
+
+  if (bavail > length)
+    bcp = length;
+  else
+    bcp = bavail;
+
+  (void)memcpy((char *)buffer+start, (char *)value, bcp);
 }