Improve validation of the sockaddr length in iruserok_sa().

Negative numbers are not valid sockaddr lengths. PR: 243747 Submitted by: Andrew Reiter <areiter@veracode.com> MFC after: 1 week
2020-02-05 16:09:44 +00:00 · 2020-02-05 16:09:44 +00:00 · 51d7f2ed58
commit 51d7f2ed58
parent d3631aa582
1 changed files with 2 additions and 2 deletions
--- a/lib/libc/net/rcmd.c
+++ b/lib/libc/net/rcmd.c
@ -438,8 +438,8 @@ iruserok_sa(const void *ra, int rlen, int superuser, const char *ruser,
 	struct sockaddr_storage ss;

 	/* avoid alignment issue */
-	if (rlen > sizeof(ss)) 
-		return(-1);
+	if (rlen <= 0 || rlen > sizeof(ss))
+		return (-1);
 	memcpy(&ss, ra, rlen);
 	raddr = (struct sockaddr *)&ss;