From 0d2b30b62d176b32ac2a8475139fab4cf03bf67d Mon Sep 17 00:00:00 2001 From: Sami Kerola Date: Sun, 2 Nov 2014 21:56:43 +0000 Subject: [PATCH] getdata: fix buffer overflow [AddressSanitizer] ==12031==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61900000a980 at pc 0x0000004bca22 bp 0x7fff580dd6d0 sp 0x7fff580dd6c8 WRITE of size 1 at 0x61900000a980 thread T0 #0 0x4bca21 in parse_config /home/src/dhcpd-pools/src/getdata.c:323:4 #1 0x4bb332 in main /home/src/dhcpd-pools/src/dhcpd-pools.c:266:2 #2 0x7fe03ecc403f in __libc_start_main (/usr/lib/libc.so.6+0x2003f) #3 0x4b9c0c in _start (/home/src/dhcpd-pools/dhcpd-pools+0x4b9c0c) 0x61900000a980 is located 0 bytes to the right of 1024-byte region [0x61900000a580,0x61900000a980) allocated by thread T0 here: #0 0x49c58b in __interceptor_malloc (/home/src/dhcpd-pools/dhcpd-pools+0x49c58b) #1 0x4cbc0d in xmalloc /home/src/dhcpd-pools/lib/xmalloc.c:41:13 #2 0x4bbed8 in parse_config /home/src/dhcpd-pools/src/getdata.c:195:9 #3 0x4bb332 in main /home/src/dhcpd-pools/src/dhcpd-pools.c:266:2 #4 0x7fe03ecc403f in __libc_start_main (/usr/lib/libc.so.6+0x2003f) SUMMARY: AddressSanitizer: heap-buffer-overflow /home/src/dhcpd-pools/src/getdata.c:323 parse_config Signed-off-by: Sami Kerola --- src/getdata.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/getdata.c b/src/getdata.c index 976f0c1..0f5e8ae 100644 --- a/src/getdata.c +++ b/src/getdata.c @@ -325,7 +325,7 @@ void parse_config(int is_include, const char *restrict config_file, /* Long word which is almost causing overflow. None * of words are this long which the program is * searching. */ - if (MAXLEN < i) { + if (MAXLEN == i) { newclause = false; i = 0; continue;