From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat, 10 Nov 2012 22:09:31 +0000 (+0100)
Subject: Fix potential buffer overflow reading the PID file.
X-Git-Tag: release-1.1pre4~30
X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=b355476e917f377abb6434657933fcf4ffe6870a

Fix potential buffer overflow reading the PID file.

Found by cppcheck.
---

diff --git a/src/tincctl.c b/src/tincctl.c
index 2de89e81..344aa97d 100644
--- a/src/tincctl.c
+++ b/src/tincctl.c
@@ -57,7 +57,7 @@ static char *name = NULL;
 static char *identname = NULL;          /* program name for syslog */
 static char *pidfilename = NULL;        /* pid file location */
 static char *confdir = NULL;
-static char controlcookie[1024];
+static char controlcookie[1025];
 char *netname = NULL;
 char *confbase = NULL;
 static char *tinc_conf = NULL;
@@ -708,8 +708,8 @@ static bool connect_tincd(bool verbose) {
 		return false;
 	}
 
-	char host[128];
-	char port[128];
+	char host[129];
+	char port[129];
 
 	if(fscanf(f, "%20d %1024s %128s port %128s", &pid, controlcookie, host, port) != 4) {
 		if(verbose)