Skip to content
This repository has been archived by the owner on Jan 13, 2022. It is now read-only.

Fix possible buffer overrun #4

Closed
wants to merge 2 commits into from
Closed

Fix possible buffer overrun #4

wants to merge 2 commits into from

Conversation

jarikomppa
Copy link

these arrays may be accessed at (1..512) below

for (int i=0; i < 512 && i < numParameters; i++)
{
    dataArray[i+1]=data[i];
    lengthsArray[i+1]=lengths[i];
}

png85 added a commit to png85/RakNet that referenced this pull request Sep 19, 2015
@png85
Merge branch 'develop'
add146f 
Integrate upstream pull requests facebookarchive#4 facebookarchive#10 facebookarchive#14 facebookarchive#29 facebookarchive#30 facebookarchive#31 facebookarchive#38
various issues.
@kochol kochol mentioned this pull request Mar 4, 2016
Open
@jarikomppa jarikomppa closed this Apr 24, 2016
Luke1410 referenced this pull request in SLikeSoft/SLikeNet Jul 31, 2017
@Luke1410
Merge pull request #1 from jarikomppa/master
ea7eccd 
Raknet - pull request #4
@Luke1410
Copy link

Pull request incorporated in SLikeNet 0.1.0.

rhard pushed a commit to rhard/RakNet that referenced this pull request Oct 26, 2017
@Luke1410
Merge pull request facebookarchive#4 from tullrich/master
e40de85 
Add missing read alignment in ReplicaManager3::OnConstruction
@Luke1410 Luke1410 mentioned this pull request Apr 2, 2018
Open
Luke1410
Luke1410 reviewed Jun 2, 2018
View reviewed changes
Source/PacketizedTCP.cpp
unsigned int lengthsArray[512];
const char *dataArray[512];
unsigned int lengthsArray[513];
const char *dataArray[513];
Copy link

@Luke1410 Luke1410 Jun 2, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As @kfsone pointed out in his comment, increasing the array size is unnecessary. See the condition in the for-loop in line 94 which explicitly checks for i < 512 (in addition to i < numParameters). Not a common coding style I'd say (and therefore easily to overlook), but this should prevent any out of bounds access, no?

g-andrade added a commit to g-andrade/RakNet that referenced this pull request Oct 14, 2020
@g-andrade
Merge pull request facebookarchive#4 from alexandrepgfreitas/feature/…
cf80d17 
…fix_memory_out_of_bounds

Feature/fix memory out of bounds
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Luke1410 Luke1410 Luke1410 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@jarikomppa @Luke1410 @kfsone @philpax @Echelon9 @trixnz @darksylinc