libsmb: Protect against rogue getaddrinfo result

author Volker Lendecke <vl@samba.org>

Tue, 22 Sep 2020 11:50:01 +0000 (13:50 +0200)

committer Jeremy Allison <jra@samba.org>

Wed, 23 Sep 2020 16:54:38 +0000 (16:54 +0000)
author Volker Lendecke <vl@samba.org>
Tue, 22 Sep 2020 11:50:01 +0000 (13:50 +0200)
committer Jeremy Allison <jra@samba.org>
Wed, 23 Sep 2020 16:54:38 +0000 (16:54 +0000)
diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c

index 68c946010fec0126ed06ed58e981882550514995..bb43cb2f615a883a1b3e242e64b0b9cbbc620f1e 100644 (file)
--- a/source3/libsmb/namequery.c
+++ b/source3/libsmb/namequery.c
@@ -2820,7 +2820,9 @@ static NTSTATUS resolve_hosts(TALLOC_CTX *mem_ctx,
         for (res = ailist; res; res = res->ai_next) {
                 struct sockaddr_storage ss = {0};
  
-               if ((res->ai_addr == NULL) || (res->ai_addrlen == 0)) {
+               if ((res->ai_addr == NULL) ||
+                   (res->ai_addrlen == 0) ||
+                   (res->ai_addrlen > sizeof(ss))) {
                         continue;
                 }
author	Volker Lendecke <vl@samba.org>
	Tue, 22 Sep 2020 11:50:01 +0000 (13:50 +0200)
committer	Jeremy Allison <jra@samba.org>
	Wed, 23 Sep 2020 16:54:38 +0000 (16:54 +0000)