Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add str len check in config_sortlist to avoid stack overflow (#497)
In ares_set_sortlist, it calls config_sortlist(..., sortstr) to parse the input str and initialize a sortlist configuration. However, ares_set_sortlist has not any checks about the validity of the input str. It is very easy to create an arbitrary length stack overflow with the unchecked `memcpy(ipbuf, str, q-str);` and `memcpy(ipbufpfx, str, q-str);` statements in the config_sortlist call, which could potentially cause severe security impact in practical programs. This commit add necessary check for `ipbuf` and `ipbufpfx` which avoid the potential stack overflows. fixes #496 Fix By: @hopper-vul
- Loading branch information