diff options
author | imp <imp@FreeBSD.org> | 1997-03-03 09:50:21 +0000 |
---|---|---|
committer | imp <imp@FreeBSD.org> | 1997-03-03 09:50:21 +0000 |
commit | e5f21340d7f9c05c71cde10a3321860bfc6a2a5d (patch) | |
tree | 1ae86f797605261ef44d108ce9108c5de2dcdfd0 /sbin | |
parent | 1e7a910ca151c2606d05de7a8b9fa8d216282613 (diff) | |
download | FreeBSD-src-e5f21340d7f9c05c71cde10a3321860bfc6a2a5d.zip FreeBSD-src-e5f21340d7f9c05c71cde10a3321860bfc6a2a5d.tar.gz |
Check the size of the IP address reutrned from gethostbyname2, per PR
2578 from Julian A. Likely not strictly needed, but it doesn't hurt
and protects ping against possible buffer overflows if the resolver
were to return large IP addresses.
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ping/ping.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c index 491cf2e..0c5ebbd 100644 --- a/sbin/ping/ping.c +++ b/sbin/ping/ping.c @@ -45,7 +45,7 @@ static const char copyright[] = static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; */ static const char rcsid[] = - "$Id: ping.c,v 1.18 1997/03/02 06:32:40 imp Exp $"; + "$Id: ping.c,v 1.19 1997/03/02 20:01:13 imp Exp $"; #endif /* not lint */ /* @@ -324,6 +324,8 @@ main(argc, argv) target, hstrerror(h_errno)); to->sin_len = sizeof *to; + if (hp->h_length > sizeof(to->sin_addr)) + errx(1,"gethostbyname2 returned an illegal address"); memcpy(&to->sin_addr, hp->h_addr_list[0], sizeof to->sin_addr); (void)strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1); hnamebuf[(sizeof hnamebuf) - 1] = '\0'; |