Fun with buffer overrruns.

In get_option(): don't read past the end of the option buffer.

Also add a small unittest to verify sane behaviour for the above.
The dhcpcd code is not easily refactored into a library, nor is it
entirely possible to include some header files directly since some
structures use C++ reserved keywords ("new") for variable names.

In print_option(): use of snprintf() returns the length that
/would/ have been written.  Add checks that the output buffer
is not overrun when printing.

This fixes CVE-2014-7912 and CVE-2014-7913

Bug: 18356137
Bug: 18356135
Change-Id: I0f907b8a952208749226ba034a416d773e068f8a

0 files changed, 0 insertions, 0 deletions