diff options
author | Marius Tomaschewski <mt@suse.de> | 2011-08-09 12:25:46 +0200 |
---|---|---|
committer | Rainer Gerhards <rgerhards@adiscon.com> | 2011-08-09 12:25:46 +0200 |
commit | 9bea045e60fa612336ae6a78267284bcec2e9e25 (patch) | |
tree | d57e026558cf9c49b04d8d35dc5e327399c5edaf | |
parent | a3953fbee90045b96bd5ef44b64883a6bff57fee (diff) | |
download | rsyslog-9bea045e60fa612336ae6a78267284bcec2e9e25.tar.gz rsyslog-9bea045e60fa612336ae6a78267284bcec2e9e25.tar.xz rsyslog-9bea045e60fa612336ae6a78267284bcec2e9e25.zip |
bugfix: memcpy overflow can occur in allowed sender checking
...if a host name is resolved to IPv4-mapped-on-IPv6 address.
Found by Ismail Dönmez at suse.
Signed-off-by: Rainer Gerhards <rgerhards@adiscon.com>
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | runtime/net.c | 2 |
2 files changed, 4 insertions, 1 deletions
@@ -1,6 +1,9 @@ --------------------------------------------------------------------------- Version 4.6.8 [v4-stable] (rgerhards), 2011-??-?? - bugfix: potential misadressing in property replacer +- bugfix: memcpy overflow can occur in allowed sender checkig + if a name is resolved to IPv4-mapped-on-IPv6 address + Found by Ismail Dönmez at suse --------------------------------------------------------------------------- Version 4.6.7 [v4-stable] (rgerhards), 2011-07-11 - added support for the ":omusrmsg:" syntax in configuring user messages diff --git a/runtime/net.c b/runtime/net.c index fe6eef5b..0866efd7 100644 --- a/runtime/net.c +++ b/runtime/net.c @@ -721,7 +721,7 @@ static rsRetVal AddAllowedSender(struct AllowedSenders **ppRoot, struct AllowedS SIN(allowIP.addr.NetAddr)->sin_port = 0; memcpy(&(SIN(allowIP.addr.NetAddr)->sin_addr.s_addr), &(SIN6(res->ai_addr)->sin6_addr.s6_addr32[3]), - sizeof (struct sockaddr_in)); + sizeof (in_addr_t)); if((iRet = AddAllowedSenderEntry(ppRoot, ppLast, &allowIP, iSignificantBits)) |