moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

passing in a very long interface name could make a buffer overflow

This commit is contained in:
Daniel Stenberg 2004-06-30 11:48:19 +00:00
parent c14650caec
commit 4af08a19f8
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/if2ip.c
View File

@ -94,8 +94,11 @@ char *Curl_if2ip(const char *interface, char *buf, int buf_size)
} }
else { else {
struct ifreq req; struct ifreq req;
size_t len = strlen(interface);
memset(&req, 0, sizeof(req)); memset(&req, 0, sizeof(req));
strcpy(req.ifr_name, interface); if(len >= sizeof(req.ifr_name))
return NULL; /* this can't be a fine interface name */
memcpy(req.ifr_name, interface, len+1);
req.ifr_addr.sa_family = AF_INET; req.ifr_addr.sa_family = AF_INET;
#ifdef IOCTL_3_ARGS #ifdef IOCTL_3_ARGS
if (SYS_ERROR == ioctl(dummy, SIOCGIFADDR, &req)) { if (SYS_ERROR == ioctl(dummy, SIOCGIFADDR, &req)) {