26 строки
805 B
Diff
26 строки
805 B
Diff
From 193401e7543a1e561dd634a3eaae932fa462a2b9 Mon Sep 17 00:00:00 2001
|
|
From: zhailiangliang <zhailiangliang@loongson.cn>
|
|
Date: Wed, 3 Apr 2024 15:40:58 +0800
|
|
Subject: [PATCH] fix heap-buffer-overflow issue in function cfg_mark_ports of
|
|
file util/config_file.c
|
|
|
|
---
|
|
util/config_file.c | 4 ++++
|
|
1 file changed, 4 insertions(+)
|
|
|
|
diff --git a/util/config_file.c b/util/config_file.c
|
|
index 26185da02..e7b2f1959 100644
|
|
--- a/util/config_file.c
|
|
+++ b/util/config_file.c
|
|
@@ -1761,6 +1761,10 @@ cfg_mark_ports(const char* str, int allow, int* avail, int num)
|
|
#endif
|
|
if(!mid) {
|
|
int port = atoi(str);
|
|
+ if(port < 0) {
|
|
+ log_err("Prevent out-of-bounds access to array avail");
|
|
+ return 0;
|
|
+ }
|
|
if(port == 0 && strcmp(str, "0") != 0) {
|
|
log_err("cannot parse port number '%s'", str);
|
|
return 0;
|