[PATCH] ipcpd: Fix potential overflow in DDNS resolver

  • From: Dimitri Staessens <dimitri@ouroboros.rocks>
  • To: ouroboros@xxxxxxxxxxxxx
  • Date: Thu, 17 Feb 2022 19:13:34 +0100

The count value could be IPCP_UDP_BUF_SIZE, overflowing buf.

Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
---
 src/ipcpd/udp/main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ipcpd/udp/main.c b/src/ipcpd/udp/main.c
index 6a3fb24a..e6caea45 100644
--- a/src/ipcpd/udp/main.c
+++ b/src/ipcpd/udp/main.c
@@ -765,7 +765,7 @@ static uint32_t ddns_resolve(char *   name,
 
         close(pipe_fd[1]);
 
-        count = read(pipe_fd[0], buf, IPCP_UDP_BUF_SIZE);
+        count = read(pipe_fd[0], buf, IPCP_UDP_BUF_SIZE - 1);
         if (count <= 0) {
                 log_err("Failed to communicate with nslookup.");
                 close(pipe_fd[0]);
-- 
2.35.1


Other related posts:

  • » [PATCH] ipcpd: Fix potential overflow in DDNS resolver - Dimitri Staessens