BUG/MINOR: tools: fix off-by-one in port size check

port_to_str() checks that the port size is at least 5 characters instead
of at least 6. While in theory it could permit a buffer overflow, it's
harmless because all callers have at least 6 characters here.

This fix needs to be backported to 1.7, 1.6 and 1.5.

diff --git a/src/standard.c b/src/standard.c
index 910e1c298b303cedac3a43fa636b0d21b197a801..02a183bfe1e16df996c60b797e7982a48bfc9fc1 100644 (file)
--- a/src/standard.c
+++ b/src/standard.c
@@ -1409,7 +1409,7 @@ int port_to_str(struct sockaddr_storage *addr, char *str, int size)
        uint16_t port;
 
 
-       if (size < 5)
+       if (size < 6)
                return 0;
        *str = '\0';