[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH] slirp: check sscanf result when emulating ident
|
From: |
William Bowling |
|
Subject: |
[Qemu-devel] [PATCH] slirp: check sscanf result when emulating ident |
|
Date: |
Fri, 1 Mar 2019 21:45:56 +0000 |
When emulating ident in tcp_emu, if the strchr checks passed but the
sscanf check failed, two uninitialized variables would be copied and
sent in the reply.
Signed-off-by: William Bowling <address@hidden>
---
slirp/tcp_subr.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c
index 262a42d6c8..73a160ba16 100644
--- a/slirp/tcp_subr.c
+++ b/slirp/tcp_subr.c
@@ -664,12 +664,12 @@ tcp_emu(struct socket *so, struct mbuf *m)
break;
}
}
- }
- so_rcv->sb_cc = snprintf(so_rcv->sb_data,
- so_rcv->sb_datalen,
- "%d,%d\r\n", n1, n2);
- so_rcv->sb_rptr = so_rcv->sb_data;
- so_rcv->sb_wptr = so_rcv->sb_data +
so_rcv->sb_cc;
+ so_rcv->sb_cc = snprintf(so_rcv->sb_data,
+ so_rcv->sb_datalen,
+ "%d,%d\r\n", n1, n2);
+ so_rcv->sb_rptr = so_rcv->sb_data;
+ so_rcv->sb_wptr = so_rcv->sb_data + so_rcv->sb_cc;
+ }
}
m_free(m);
return 0;
--
2.15.1
- [Qemu-devel] [PATCH] slirp: check sscanf result when emulating ident,
William Bowling <=