From: pcarana <pc.moreno2099@gmail.com>
Date: Thu, 28 Feb 2019 14:42:40 +0000 (-0600)
Subject: Avoid possible buffer overflow
X-Git-Tag: v0.0.2~52^2~51
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e5de8e695c8bbe5836a45e7612c105d6166c4e8d;p=thirdparty%2FFORT-validator.git

Avoid possible buffer overflow
---

diff --git a/src/rtr/pdu_sender.c b/src/rtr/pdu_sender.c
index d7163509..ca7cdcbe 100644
--- a/src/rtr/pdu_sender.c
+++ b/src/rtr/pdu_sender.c
@@ -76,13 +76,15 @@ send_response(int fd, char *data, size_t data_len)
 	int error;
 
 	init_buffer(&buffer);
+	/* Check for buffer overflow */
+	if (data_len > buffer.capacity) {
+		error = -EINVAL;
+		err(error, "Buffer out of capacity");
+		return error;
+	}
 	memcpy(buffer.data, data, data_len);
 	buffer.len = data_len;
 
-	/*
-	 * FIXME Check for buffer overflow
-	 */
-
 	error = write(fd, buffer.data, buffer.len);
 	free_buffer(&buffer);
 	if (error < 0) {
diff --git a/src/rtr/pdu_serializer.h b/src/rtr/pdu_serializer.h
index 9f99a140..feb21040 100644
--- a/src/rtr/pdu_serializer.h
+++ b/src/rtr/pdu_serializer.h
@@ -3,7 +3,7 @@
 
 #include "pdu.h"
 
-#define BUFFER_SIZE 32
+#define BUFFER_SIZE 128
 
 struct data_buffer {
 	size_t len;