[riot-notifications] [RIOT-OS/RIOT] sock_dns: fix out-of-bound errors (#10740)

Martine Lenders notifications at github.com
Thu Jan 10 00:06:05 CET 2019


miri64 commented on this pull request.



> @@ -140,7 +140,7 @@ static int _parse_dns_reply(uint8_t *buf, size_t len, void* addr_out, int family
                 ((_type == DNS_TYPE_AAAA) && (family == AF_INET)) ||
                 ! ((_type == DNS_TYPE_A) || ((_type == DNS_TYPE_AAAA))
                     )) {
-            if (((bufpos - pos) + addrlen) < (bufpos - pos)) {
+            if (addrlen < len) {

Need to go to bed -.-... Fixed.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/10740#discussion_r246580454
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20190109/d25ba8d9/attachment.html>


More information about the notifications mailing list