20 lines
838 B
Diff
20 lines
838 B
Diff
diff -up cups-1.4.2/backend/network.c.negative-snmp-string-length cups-1.4.2/backend/network.c
|
|
--- cups-1.4.2/backend/network.c.negative-snmp-string-length 2009-08-31 19:45:43.000000000 +0100
|
|
+++ cups-1.4.2/backend/network.c 2009-12-08 11:03:05.728413423 +0000
|
|
@@ -170,9 +170,13 @@ backendNetworkSideCB(
|
|
|
|
case CUPS_ASN1_BIT_STRING :
|
|
case CUPS_ASN1_OCTET_STRING :
|
|
- i = (int)(sizeof(data) - (dataptr - data));
|
|
- if (packet.object_value.string.num_bytes < i)
|
|
+ if (packet.object_value.string.num_bytes < 0)
|
|
+ i = 0;
|
|
+ else if (packet.object_value.string.num_bytes <
|
|
+ (sizeof(data) - (dataptr - data)))
|
|
i = packet.object_value.string.num_bytes;
|
|
+ else
|
|
+ i = (int)(sizeof(data) - (dataptr - data));
|
|
|
|
memcpy(dataptr, packet.object_value.string.bytes, i);
|
|
|