Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

possible buffer overflow? #57

Open
arturlangner opened this issue Sep 25, 2019 · 2 comments
Open

possible buffer overflow? #57

arturlangner opened this issue Sep 25, 2019 · 2 comments
Labels
bug

Comments

@arturlangner
Copy link

While browsing through the code I found this line:

aprx/ax25.c

Line 149 in 13c6e79

if (framelen > sizeof(tnc2buf) - 80) {

sizeof of a pointer is taken, I think the intent was to check the size of the buffer itself, not the pointer to it.
@PhirePhly
Copy link
Owner

PhirePhly commented Sep 25, 2019
edited
Loading

I agree. That doesn't look right. I'll look into it. Thanks for the heads up!

@PhirePhly PhirePhly added the bug label Sep 25, 2019
@arturlangner
Copy link
Author

Thanks.
I have a feeling that framelen should be compared against tnc2buflen.

@danak6jq danak6jq mentioned this issue Nov 7, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@PhirePhly @arturlangner