mirror of
https://codeberg.org/scip/udpxd.git
synced 2025-12-16 11:30:57 +01:00
Merge pull request #4 from ValdikSS/bufferoverflows
Fix buffer overflows in argument parser
This commit is contained in:
T.v.Dein
GitHub
16
udpxd.c
16
udpxd.c
@@ -176,21 +176,27 @@ int main ( int argc, char* argv[] ) {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'b':
|
case 'b':
|
||||||
|
srcip = malloc(INET6_ADDRSTRLEN+1);
|
||||||
if(strlen(optarg) > INET6_ADDRSTRLEN) {
|
if(strlen(optarg) > INET6_ADDRSTRLEN) {
|
||||||
fprintf(stderr, "Bind ip address is too long!\n");
|
fprintf(stderr, "Bind ip address is too long!\n");
|
||||||
err = 1;
|
err = 1;
|
||||||
}
|
}
|
||||||
srcip = malloc(INET6_ADDRSTRLEN+1);
|
else {
|
||||||
strncpy(srcip, optarg, strlen(optarg));
|
strncpy(srcip, optarg, INET6_ADDRSTRLEN);
|
||||||
|
srcip[INET6_ADDRSTRLEN-1] = '\0';
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case 'p':
|
case 'p':
|
||||||
strncpy(pidfile, optarg, strlen(optarg));
|
strncpy(pidfile, optarg, MAX_BUFFER_SIZE);
|
||||||
|
pidfile[MAX_BUFFER_SIZE-1] = '\0';
|
||||||
break;
|
break;
|
||||||
case 'u':
|
case 'u':
|
||||||
strncpy(user, optarg, strlen(optarg));
|
strncpy(user, optarg, 128);
|
||||||
|
user[128-1] = '\0';
|
||||||
break;
|
break;
|
||||||
case 'c':
|
case 'c':
|
||||||
strncpy(chroot, optarg, strlen(optarg));
|
strncpy(chroot, optarg, MAX_BUFFER_SIZE);
|
||||||
|
chroot[MAX_BUFFER_SIZE-1] = '\0';
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
usage();
|
usage();
|
||||||
|
|||||||
Reference in New Issue
Block a user