diff options
author | archie <archie@FreeBSD.org> | 1999-06-05 05:52:52 +0000 |
---|---|---|
committer | archie <archie@FreeBSD.org> | 1999-06-05 05:52:52 +0000 |
commit | d7f89ddca7bda593e462c757e7236f7be265b7ba (patch) | |
tree | 6941893c62312ff941940dd2dac20df842658773 /usr.sbin | |
parent | 47e8c0df80372b7e332c2917c46155e79ace4a7f (diff) | |
download | FreeBSD-src-d7f89ddca7bda593e462c757e7236f7be265b7ba.zip FreeBSD-src-d7f89ddca7bda593e462c757e7236f7be265b7ba.tar.gz |
When incrementing through a SIOCGIFCONF list, enforce a lower limit of
sizeof(ifr->ifr_addr) for the variable length field ifr->ifr_addr.sa_len.
Otherwise the increment will be wrong in certain cases.
Obtained from: Whistle source tree
For the record: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> suggests
SIOCGIFCONF should be dropped in favor of a sysctl mechanism.
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/arp/arp.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/usr.sbin/arp/arp.c b/usr.sbin/arp/arp.c index 6326fb7..efe4ab1 100644 --- a/usr.sbin/arp/arp.c +++ b/usr.sbin/arp/arp.c @@ -45,7 +45,7 @@ static char const copyright[] = static char const sccsid[] = "@(#)from: arp.c 8.2 (Berkeley) 1/2/94"; #endif static const char rcsid[] = - "$Id: arp.c,v 1.14 1998/01/16 17:38:51 bde Exp $"; + "$Id: arp.c,v 1.15 1999/03/10 10:11:43 julian Exp $"; #endif /* not lint */ /* @@ -696,8 +696,8 @@ get_ether_addr(u_long ipaddr, u_char *hwaddr) break; } nextif: - ifr = (struct ifreq *) - ((char *)&ifr->ifr_addr + ifr->ifr_addr.sa_len); + ifr = (struct ifreq *) ((char *)&ifr->ifr_addr + + MAX(ifr->ifr_addr.sa_len, sizeof(ifr->ifr_addr))); } if (ifr >= ifend) { @@ -725,8 +725,8 @@ nextif: printf("\n"); return dla->sdl_alen; } - ifr = (struct ifreq *) - ((char *)&ifr->ifr_addr + ifr->ifr_addr.sa_len); + ifr = (struct ifreq *) ((char *)&ifr->ifr_addr + + MAX(ifr->ifr_addr.sa_len, sizeof(ifr->ifr_addr))); } return 0; } |