[PATCH] possible stack overflow in lib/libatm

Sepherosa Ziehau sepherosa at gmail.com
Mon May 2 02:43:57 PDT 2005


lib/libatm
1) guard against possible stack overflow
2) guard against possible NULL pointer accessing

Please review it.
Cheers,

-- 
Live Free or Die
Index: atm_addr.c
===================================================================
RCS file: /opt/df_cvs/src/lib/libatm/atm_addr.c,v
retrieving revision 1.3
diff -u -r1.3 atm_addr.c
--- atm_addr.c	23 Sep 2004 21:39:08 -0000	1.3
+++ atm_addr.c	2 May 2005 09:43:44 -0000
@@ -177,6 +177,8 @@
 			 */
 			val = val << 4;
 			val += c_value;
+			if (out_len >= len)
+				return 0;
 			out[out_len] = (u_char) val;
 			out_len++;
 			break;
Index: ioctl_subr.c
===================================================================
RCS file: /opt/df_cvs/src/lib/libatm/ioctl_subr.c,v
retrieving revision 1.4
diff -u -r1.4 ioctl_subr.c
--- ioctl_subr.c	23 Sep 2004 21:39:08 -0000	1.4
+++ ioctl_subr.c	2 May 2005 09:43:44 -0000
@@ -310,7 +310,7 @@
 	/*
 	 * Check whether name is of a valid length
 	 */
-	if (strlen(name) > IFNAMSIZ - 1 ||
+	if (name == NULL || strlen(name) > IFNAMSIZ - 1 ||
 			strlen(name) < 1) {
 		return(FALSE);
 	}
Index: ip_addr.c
===================================================================
RCS file: /opt/df_cvs/src/lib/libatm/ip_addr.c,v
retrieving revision 1.3
diff -u -r1.3 ip_addr.c
--- ip_addr.c	23 Sep 2004 20:20:59 -0000	1.3
+++ ip_addr.c	2 May 2005 09:43:44 -0000
@@ -78,6 +78,8 @@
 	struct hostent			*ip_host;
 	static struct sockaddr_in	sin;
 
+	if (p == NULL)
+		return NULL;
 	/*
 	 * Get IP address of specified host name
 	 */




More information about the Submit mailing list