Commit f2525567 authored by Christian Kastner's avatar Christian Kastner

SECURITY: DoS: Fix unchecked return of calloc()

Florian Weimer discovered that a missing check for the return value of calloc()
could crash the daemon, which could be triggered by a very large crontab
created by a user.
parent 40791b93
......@@ -108,6 +108,10 @@ load_entry(file, error_func, pw, envp)
*/
e = (entry *) calloc(sizeof(entry), sizeof(char));
if (e == NULL) {
log_it("CRON", getpid(), "OOM", "Out of memory parsing crontab");
return NULL;
}
if (ch == '@') {
/* all of these should be flagged and load-limited; i.e.,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment