Arjun Shankar ddf542da94 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780) ...

__vsyslog_internal calculated a buffer size by adding two integers, but
did not first check if the addition would overflow.  This commit fixes
that.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

2024-01-30 15:53:37 +01:00

11 KiB

Raw Blame History

View Raw