Changeset 8c85ca3 in rtems


Ignore:
Timestamp:
Feb 14, 2012, 3:46:04 PM (8 years ago)
Author:
Sebastian Huber <sebastian.huber@…>
Branches:
4.11, master
Children:
f14327a2
Parents:
002affc
git-author:
Sebastian Huber <sebastian.huber@…> (02/14/12 15:46:04)
git-committer:
Sebastian Huber <sebastian.huber@…> (02/14/12 15:46:53)
Message:

Avoid buffer overflow and misaligned memory access

File:
1 edited

Legend:

Unmodified
Added
Removed
  • cpukit/libnetworking/libc/gethostnamadr.c

    r002affc r8c85ca3  
    375375        int             *h_errnop)
    376376{
    377        
     377  uintptr_t current = (uintptr_t) buf;
     378  uintptr_t end = current + buflen;
    378379  size_t L=strlen(name);
    379   result->h_name=buf;
    380   if (buflen<L) { *h_errnop=ERANGE; return 1; }
    381   strcpy(buf,name);
    382 
    383   result->h_addr_list=(char**)(buf+strlen(name)+1);
    384   result->h_addr_list+=sizeof(char*)-((uintptr_t)(result->h_addr_list)&(sizeof(char*)-1));
    385   result->h_addr_list[0]=(char*)&result->h_addr_list[2];
     380
     381  *RESULT = NULL;
     382  *h_errnop = 0;
     383
     384  result->h_name = (char *) current;
     385  current += L + 1;
     386  if (current > end) { *h_errnop = ERANGE; return 1; }
     387  strcpy(result->h_name, name);
     388
     389  current += sizeof(char **);
     390  current -= current & (sizeof(char **) - 1);
     391  result->h_addr_list = (char **) current;
     392  current += 2 * sizeof(char **);
     393  result->h_aliases = (char **) current;
     394  current += sizeof(char **);
     395  if (current > end) { *h_errnop = ERANGE; return 1; }
     396  result->h_addr_list [0]= (char *) current;
     397  current += 16;
     398  result->h_addr_list [1] = NULL;
     399  result->h_aliases [0] = NULL;
     400  if (current > end) { *h_errnop = ERANGE; return 1; }
    386401  if (inet_pton(AF_INET,name,result->h_addr_list[0])) {
    387402    result->h_addrtype=AF_INET;
    388403    result->h_length=4;
    389 commonip:
    390     result->h_aliases=result->h_addr_list+2*sizeof(char**);
    391     result->h_aliases[0]=0;
    392     result->h_addr_list[1]=0;
    393404    *RESULT=result;
    394     *h_errnop=0;
    395405    return 0;
    396406  } else if (inet_pton(AF_INET6,name,result->h_addr_list[0])) {
    397407    result->h_addrtype=AF_INET6;
    398408    result->h_length=16;
    399     goto commonip;
     409    *RESULT=result;
     410    return 0;
    400411  }
    401412
     
    410421  memmove(result,r,sizeof(struct hostent));
    411422  *RESULT=result;
    412   *h_errnop=0;
    413423  endhostent();
    414424  return 0;
Note: See TracChangeset for help on using the changeset viewer.