Fix CVE-2011-4862 Buffer overflow in libtelnet/encrypt.c in telnetd

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862 http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc http://security.freebsd.org/patches/SA-11:08/telnetd.patch
2011-12-28 17:50:30 -06:00
parent 5ca056969a
commit 7d7624f7f7
1 changed files with 3 additions and 0 deletions
--- a/appl/telnet/libtelnet/encrypt.c
+++ b/appl/telnet/libtelnet/encrypt.c
@@ -736,6 +736,9 @@ encrypt_keyid(struct key_info *kp, unsigned char *keyid, int len)
    int dir = kp->dir;
    int ret = 0;

+    if (len > MAXKEYLEN)
+	len = MAXKEYLEN;
+
    if (!(ep = (*kp->getcrypt)(*kp->modep))) {
 	if (len == 0)
 	    return;