From: zhailiangliang Date: Wed, 3 Apr 2024 07:40:58 +0000 (+0800) Subject: fix heap-buffer-overflow issue in function cfg_mark_ports of file util/config_file.c X-Git-Tag: release-1.20.0rc1~43^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1040%2Fhead;p=thirdparty%2Funbound.git fix heap-buffer-overflow issue in function cfg_mark_ports of file util/config_file.c --- diff --git a/util/config_file.c b/util/config_file.c index 26185da02..e7b2f1959 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -1761,6 +1761,10 @@ cfg_mark_ports(const char* str, int allow, int* avail, int num) #endif if(!mid) { int port = atoi(str); + if(port < 0) { + log_err("Prevent out-of-bounds access to array avail"); + return 0; + } if(port == 0 && strcmp(str, "0") != 0) { log_err("cannot parse port number '%s'", str); return 0;