Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer overflow checking in parse_hex().

Browse Source 
The inputs to parse_hex are never untrusted data, so not security problem.

Thanks to Klaus Eisentraut <klaus.eisentraut@web.de> for finding this.
This commit is contained in:
Simon Kelley
2019-12-12 16:44:22 +00:00
parent 34d41475e7
commit 7d04e17444
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/util.c
View File

@@ -524,20 +524,20 @@ void prettyprint_time(char *buf, unsigned int t)
int parse_hex(char *in, unsigned char *out, int maxlen, int parse_hex(char *in, unsigned char *out, int maxlen,
unsigned int *wildcard_mask, int *mac_type) unsigned int *wildcard_mask, int *mac_type)
{ {
int mask = 0, i = 0; int done = 0, mask = 0, i = 0;
char *r; char *r;
if (mac_type) if (mac_type)
*mac_type = 0; *mac_type = 0;
while (maxlen == -1 || i < maxlen) while (!done && (maxlen == -1 || i < maxlen))
{ {
for (r = in; *r != 0 && *r != ':' && *r != '-' && *r != ' '; r++) for (r = in; *r != 0 && *r != ':' && *r != '-' && *r != ' '; r++)
if (*r != '*' && !isxdigit((unsigned char)*r)) if (*r != '*' && !isxdigit((unsigned char)*r))
return -1; return -1;
if (*r == 0) if (*r == 0)
maxlen = i; done = 1;
if (r != in ) if (r != in )
{ {