Merge pull request #423

234f576 miniupnpc: quick fix for buffer overflow (moneromooo-monero)
This commit is contained in:
Riccardo Spagni 2015-10-11 21:23:39 +02:00
commit 28cb856b33
No known key found for this signature in database
GPG Key ID: 55432DF31CCD4FCD

View File

@ -15,6 +15,10 @@
void IGDstartelt(void * d, const char * name, int l) void IGDstartelt(void * d, const char * name, int l)
{ {
struct IGDdatas * datas = (struct IGDdatas *)d; struct IGDdatas * datas = (struct IGDdatas *)d;
if (l >= MINIUPNPC_URL_MAXSIZE) {
printf("Attempt to exploit miniupnpc buffer overflow\n");
l = MINIUPNPC_URL_MAXSIZE - 1;
}
memcpy( datas->cureltname, name, l); memcpy( datas->cureltname, name, l);
datas->cureltname[l] = '\0'; datas->cureltname[l] = '\0';
datas->level++; datas->level++;