Hi Owen,
Thanks for the fix.
I like your solution with removing the loop. However, while this fixes
the buffer overflow, IMO it is not complete, because get_dir() shouldn't
be called in cases where depth = 128. In this case checking the MSB of
the ip is not quite right thing.
The only place w
On Wed, 16 Jun 2021 12:07:29 -0400
ohily...@iol.unh.edu wrote:
> From: Owen Hilyard
>
> ASAN found a stack buffer overflow in lib/rib/rte_rib6.c:get_dir.
> The fix for the stack buffer overflow was to make sure depth
> was always < 128, since when depth = 128 it caused the index
> into the ip ad
From: Owen Hilyard
ASAN found a stack buffer overflow in lib/rib/rte_rib6.c:get_dir.
The fix for the stack buffer overflow was to make sure depth
was always < 128, since when depth = 128 it caused the index
into the ip address to be 16, which read off the end of the array.
While trying to solve
3 matches
Mail list logo
