j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Sanitize input in id_h - prevent integer overflows

Browse source
This commit is contained in:
thorkill 2017-05-01 12:40:22 +02:00
parent 350e2d2d15
commit bbe60c0f35
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/protocol_auth.c
View file

@ -283,7 +283,7 @@ static bool receive_invitation_sptps(void *handle, uint8_t type, const void *dat
bool id_h(connection_t *c, const char *request) {
char name[MAX_STRING_SIZE];
if(sscanf(request, "%*d " MAX_STRING " %d.%d", name, &c->protocol_major, &c->protocol_minor) < 2) {
if(sscanf(request, "%*d " MAX_STRING " %2d.%3d", name, &c->protocol_major, &c->protocol_minor) < 2) {
logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s)", "ID", c->name,
c->hostname);
return false;