traffic-selector: Avoid out-of-bound array access when calculating range

[people/ms/strongswan.git] / src / libstrongswan / selectors / traffic_selector.c

diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c
index 12f1602241a9be27872c0fa530bfa997520ed4d9..2735a5cc16c3d4fae8d99ea014d3097662f759cc 100644 (file)
--- a/src/libstrongswan/selectors/traffic_selector.c
+++ b/src/libstrongswan/selectors/traffic_selector.c
@@ -2,7 +2,7 @@
  * Copyright (C) 2007-2017 Tobias Brunner
  * Copyright (C) 2005-2007 Martin Willi
  * Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
@@ -109,8 +109,12 @@ static void calc_range(private_traffic_selector_t *this, uint8_t netbits)
        memcpy(this->to, this->from, bytes);
        memset(this->from + bytes, 0x00, len - bytes);
        memset(this->to   + bytes, 0xff, len - bytes);
-       this->from[bytes-1] &= ~mask;
-       this->to[bytes-1]   |=  mask;
+
+       if (bytes)
+       {
+               this->from[bytes-1] &= ~mask;
+               this->to[bytes-1]   |=  mask;
+       }
 }
 
 /**
@@ -293,15 +297,16 @@ int traffic_selector_printf_hook(printf_hook_data_t *data,
                        written += print_in_hook(data, "%d", this->protocol);
                }
        }
-
-       if (has_proto && has_ports)
+       else
        {
-               written += print_in_hook(data, "/");
+               written += print_in_hook(data, "0");
        }
 
        /* build port string */
        if (has_ports)
        {
+               written += print_in_hook(data, "/");
+
                if (this->from_port == this->to_port)
                {
                        struct servent *serv;