git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
ed263ef
)
libsmb: Protect against rogue getaddrinfo result
author
Volker Lendecke
<vl@samba.org>
Tue, 22 Sep 2020 11:50:01 +0000
(13:50 +0200)
committer
Jeremy Allison
<jra@samba.org>
Wed, 23 Sep 2020 16:54:38 +0000
(16:54 +0000)
Probably a "won't happen", but to me this looked fishy
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
source3/libsmb/namequery.c
patch
|
blob
|
history
diff --git
a/source3/libsmb/namequery.c
b/source3/libsmb/namequery.c
index 68c946010fec0126ed06ed58e981882550514995..bb43cb2f615a883a1b3e242e64b0b9cbbc620f1e 100644
(file)
--- a/
source3/libsmb/namequery.c
+++ b/
source3/libsmb/namequery.c
@@
-2820,7
+2820,9
@@
static NTSTATUS resolve_hosts(TALLOC_CTX *mem_ctx,
for (res = ailist; res; res = res->ai_next) {
struct sockaddr_storage ss = {0};
- if ((res->ai_addr == NULL) || (res->ai_addrlen == 0)) {
+ if ((res->ai_addr == NULL) ||
+ (res->ai_addrlen == 0) ||
+ (res->ai_addrlen > sizeof(ss))) {
continue;
}