external/cde
1
0
Fork 0
mirror of git://git.code.sf.net/p/cdesktopenv/code synced 2025-03-09 15:50:02 +00:00
Code Issues Releases Wiki Activity

tt_isam_record.C: fix CERT VU#387387

Browse source
This commit is contained in:
Jon Trulson 2012-05-26 18:28:02 -06:00
parent 3231696f03
commit e820f21540
1 changed files with 14 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

15
cde/lib/tt/bin/ttdbserverd/tt_isam_record.C
View file

@ -139,7 +139,20 @@ _Tt_string _Tt_isam_record::getBytes (int start, int length) const
void _Tt_isam_record::setBytes (int start, const _Tt_string &value)
{
(void)memcpy((char *)buffer+start, (char *)value, value.len());
// JET - CERT vulnerability: VU#387387 - value is user supplied.
// Geez.
int bavail = (maxLength - start);
int bcp = 0;
if (bavail <= 0)
return;
if (bavail > length)
bcp = length;
else
bcp = bavail;
(void)memcpy((char *)buffer+start, (char *)value, bcp);
}
void _Tt_isam_record::setBytes (int start,