diff options
| author | paco <paco@voltanet.io> | 2018-06-22 15:41:35 +0200 |
|---|---|---|
| committer | paco <paco@voltanet.io> | 2018-06-22 19:16:52 +0200 |
| commit | 0961ea934fa28621528ca1f68ad706081fd6801b (patch) | |
| tree | 2eb9255b3e1576a85baa4e739a3f6449060341da | |
| parent | 0a8990d5f889113659abba6b61988244a07b2b81 (diff) | |
ripd: out-of-bounds read (Coverity 1399295)
Signed-off-by: F. Aragon <paco@voltanet.io>
| -rw-r--r-- | ripd/ripd.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ripd/ripd.c b/ripd/ripd.c index 92c27106d5..90dc7808eb 100644 --- a/ripd/ripd.c +++ b/ripd/ripd.c @@ -799,11 +799,11 @@ static int rip_auth_simple_password(struct rte *rte, struct sockaddr_in *from, struct interface *ifp) { struct rip_interface *ri; - char *auth_str = (char *)&rte->prefix; + char *auth_str = (char *)rte + offsetof(struct rte, prefix); int i; /* reject passwords with zeros in the middle of the string */ - for (i = strlen(auth_str); i < 16; i++) { + for (i = strnlen(auth_str, 16); i < 16; i++) { if (auth_str[i] != '\0') return 0; } |