41 lines
1.1 KiB
Diff
41 lines
1.1 KiB
Diff
autofs-5.1.8 - fix loop under run in cache_get_offset_parent()
|
|
|
|
From: Frank Sorenson <sorenson@redhat.com>
|
|
|
|
To avoid reading memory outside of the the string
|
|
allocated for parent, tail needs to stop when it
|
|
reaches or passes parent, even if it doesn't
|
|
actually equal parent.
|
|
|
|
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
|
|
---
|
|
CHANGELOG | 1 +
|
|
lib/cache.c | 2 +-
|
|
2 files changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/CHANGELOG b/CHANGELOG
|
|
index aaf20cd6..b4b064ff 100644
|
|
--- a/CHANGELOG
|
|
+++ b/CHANGELOG
|
|
@@ -6,6 +6,7 @@
|
|
- fix fix root offset error handling.
|
|
- fix nonstrict fail handling of last offset mount.
|
|
- dont fail on duplicate offset entry tree add.
|
|
+- fix loop under run in cache_get_offset_parent().
|
|
|
|
19/10/2021 autofs-5.1.8
|
|
- add xdr_exports().
|
|
diff --git a/lib/cache.c b/lib/cache.c
|
|
index 66dda5d9..8aed28ea 100644
|
|
--- a/lib/cache.c
|
|
+++ b/lib/cache.c
|
|
@@ -710,7 +710,7 @@ struct mapent *cache_get_offset_parent(struct mapent_cache *mc, const char *key)
|
|
*tail = 0;
|
|
|
|
tail--;
|
|
- if (tail == parent)
|
|
+ if (tail <= parent)
|
|
break;
|
|
|
|
me = cache_lookup_distinct(mc, parent);
|