Erlang Mailing Lists
Author Message

<  Erlang patches mailing list  ~  [PATCH] ei: check the length of the node name
Guest
Posted: Fri Oct 29, 2010 7:27 am Reply with quote
Guest
On Sun, Oct 24, 2010 at 3:09 PM, Michael Santos
<michael.santos@gmail.com> wrote:
> Check the length of the node name to prevent an overflow.

Thanks! Will include in pu.

--
Björn Gustavsson, Erlang/OTP, Ericsson AB

________________________________________________________________
erlang-patches (at) erlang.org mailing list.
See http://www.erlang.org/faq.html
To unsubscribe; mailto:erlang-patches-unsubscribe@erlang.org

Post received from mailinglist
Back to top
Guest
Posted: Fri Oct 29, 2010 7:37 am Reply with quote
Guest
Check the length of the node name to prevent an overflow.
---
lib/erl_interface/src/epmd/epmd_publish.c | 6 ++++++
lib/erl_interface/src/epmd/epmd_unpublish.c | 5 +++++
2 files changed, 11 insertions(+), 0 deletions(-)

diff --git a/lib/erl_interface/src/epmd/epmd_publish.c b/lib/erl_interface/src/epmd/epmd_publish.c
index a9b8727..d45fe64 100644
--- a/lib/erl_interface/src/epmd/epmd_publish.c
+++ b/lib/erl_interface/src/epmd/epmd_publish.c
@@ -69,6 +69,12 @@ static int ei_epmd_r4_publish (int port, const char *alive, unsigned ms)
int n;
int res, creation;

+ if (len > sizeof(buf)-2)
+ {
+ erl_errno = ERANGE;
+ return -1;
+ }
+
s = buf;
put16be(s,len);

diff --git a/lib/erl_interface/src/epmd/epmd_unpublish.c b/lib/erl_interface/src/epmd/epmd_unpublish.c
index 08662fe..495cbab 100644
--- a/lib/erl_interface/src/epmd/epmd_unpublish.c
+++ b/lib/erl_interface/src/epmd/epmd_unpublish.c
@@ -59,6 +59,11 @@ int ei_unpublish_tmo(const char *alive, unsigned ms)
int len = 1 + strlen(alive);
int fd, res;

+ if (len > sizeof(buf)-3) {
+ erl_errno = ERANGE;
+ return -1;
+ }
+
put16be(s,len);
put8(s,EI_EPMD_STOP_REQ);
strcpy(s, alive);
--
1.7.0.4


________________________________________________________________
erlang-patches (at) erlang.org mailing list.
See http://www.erlang.org/faq.html
To unsubscribe; mailto:erlang-patches-unsubscribe@erlang.org

Post received from mailinglist
Back to top

Display posts from previous:  

All times are GMT
View next topic
View previous topic
Page 1 of 1
Erlang Forum - Trap Exit Forum Index  ~  Erlang patches mailing list
This forum is locked: you cannot post, reply to, or edit topics.

Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum
Hosted by Erlang Solutions    |    Powered by phpBB and NoseBleed v1.14