]> granicus.if.org Git - curl/commitdiff
projects / curl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c14650c)
passing in a very long interface name could make a buffer overflow
authorDaniel Stenberg <daniel@haxx.se>
Wed, 30 Jun 2004 11:48:19 +0000 (11:48 +0000)
committerDaniel Stenberg <daniel@haxx.se>
Wed, 30 Jun 2004 11:48:19 +0000 (11:48 +0000)
lib/if2ip.c patch | blob | history

diff --git a/lib/if2ip.c b/lib/if2ip.c
index 237d1f758823e9a93e9dc3823eceded020dc2c2d..b167b8df6553ca9b6215fe81021957be76a8075b 100644 (file)
--- a/lib/if2ip.c
+++ b/lib/if2ip.c
@@ -94,8 +94,11 @@ char *Curl_if2ip(const char *interface, char *buf, int buf_size)
   }
   else {
     struct ifreq req;
+    size_t len = strlen(interface);
     memset(&req, 0, sizeof(req));
-    strcpy(req.ifr_name, interface);
+    if(len >= sizeof(req.ifr_name))
+      return NULL; /* this can't be a fine interface name */
+    memcpy(req.ifr_name, interface, len+1);
     req.ifr_addr.sa_family = AF_INET;
 #ifdef IOCTL_3_ARGS
     if (SYS_ERROR == ioctl(dummy, SIOCGIFADDR, &req)) {
Unnamed repository; edit this file 'description' to name the repository.