From 1ffae4a6dd37c9284d88feffcaa99a4460f7fa00 Mon Sep 17 00:00:00 2001 From: Warner Losh Date: Mon, 3 Mar 1997 09:50:21 +0000 Subject: [PATCH] Check the size of the IP address reutrned from gethostbyname2, per PR 2578 from Julian A. Likely not strictly needed, but it doesn't hurt and protects ping against possible buffer overflows if the resolver were to return large IP addresses. --- sbin/ping/ping.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c index 491cf2eb7afd..0c5ebbde77ad 100644 --- a/sbin/ping/ping.c +++ b/sbin/ping/ping.c @@ -45,7 +45,7 @@ static const char copyright[] = static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; */ static const char rcsid[] = - "$Id: ping.c,v 1.18 1997/03/02 06:32:40 imp Exp $"; + "$Id: ping.c,v 1.19 1997/03/02 20:01:13 imp Exp $"; #endif /* not lint */ /* @@ -324,6 +324,8 @@ main(argc, argv) target, hstrerror(h_errno)); to->sin_len = sizeof *to; + if (hp->h_length > sizeof(to->sin_addr)) + errx(1,"gethostbyname2 returned an illegal address"); memcpy(&to->sin_addr, hp->h_addr_list[0], sizeof to->sin_addr); (void)strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1); hnamebuf[(sizeof hnamebuf) - 1] = '\0';