From 72345c72804c7747a305b1392df2fd19485139d5 Mon Sep 17 00:00:00 2001 From: hyung-hwan Date: Wed, 17 Oct 2018 15:21:48 +0000 Subject: [PATCH] changed length check in Socket::getIfceIfindex() functions --- qse/lib/si/Socket.cpp | 20 +++++++++++++++----- qse/samples/si/sck01.cpp | 16 ++++++++-------- 2 files changed, 23 insertions(+), 13 deletions(-) diff --git a/qse/lib/si/Socket.cpp b/qse/lib/si/Socket.cpp index 32c424c7..581bb775 100644 --- a/qse/lib/si/Socket.cpp +++ b/qse/lib/si/Socket.cpp @@ -48,7 +48,6 @@ # include #endif -#include ///////////////////////////////// QSE_BEGIN_NAMESPACE(QSE) ///////////////////////////////// @@ -598,7 +597,12 @@ int Socket::getIfceIndex (const qse_mchar_t* name) struct ifreq ifr; QSE_MEMSET (&ifr, 0, QSE_SIZEOF(ifr)); - qse_mbsxcpy (ifr.ifr_name, QSE_COUNTOF(ifr.ifr_name), name); + qse_size_t mlen = qse_mbsxcpy (ifr.ifr_name, QSE_COUNTOF(ifr.ifr_name), name); + if (name[mlen] != QSE_MT('\0')) + { + this->setErrorCode (E_EINVAL); + return -1; + } if (::ioctl(this->handle, SIOCGIFINDEX, &ifr) == -1) { @@ -625,7 +629,7 @@ int Socket::getIfceIndex (const qse_wchar_t* name) QSE_MEMSET (&ifr, 0, QSE_SIZEOF(ifr)); qse_size_t wlen, mlen = QSE_COUNTOF(ifr.ifr_name); - if (qse_wcstombs(name, &wlen, ifr.ifr_name, &mlen) <= -1 || wlen < qse_wcslen(name)) + if (qse_wcstombs(name, &wlen, ifr.ifr_name, &mlen) <= -1 || name[wlen] != QSE_WT('\0')) { this->setErrorCode (E_EINVAL); return -1; @@ -716,7 +720,8 @@ int Socket::get_ifce_address (int cmd, const void* name, bool wchar, SocketAddre if (wchar) { qse_size_t wlen, mlen = QSE_COUNTOF(ifr.ifr_name); - if (qse_wcstombs((const qse_wchar_t*)name, &wlen, ifr.ifr_name, &mlen) <= -1 || wlen < qse_wcslen((const qse_wchar_t*)name)) + if (qse_wcstombs((const qse_wchar_t*)name, &wlen, ifr.ifr_name, &mlen) <= -1 || + ((const qse_wchar_t*)name)[wlen] != QSE_WT('\0')) { this->setErrorCode (E_EINVAL); return -1; @@ -724,7 +729,12 @@ int Socket::get_ifce_address (int cmd, const void* name, bool wchar, SocketAddre } else { - qse_mbsxcpy (ifr.ifr_name, QSE_COUNTOF(ifr.ifr_name), (const qse_mchar_t*)name); + qse_size_t mlen = qse_mbsxcpy (ifr.ifr_name, QSE_COUNTOF(ifr.ifr_name), (const qse_mchar_t*)name); + if (((const qse_mchar_t*)name)[mlen] != QSE_MT('\0')) + { + this->setErrorCode (E_EINVAL); + return -1; + } } #if defined(HAVE_GETIFADDRS) diff --git a/qse/samples/si/sck01.cpp b/qse/samples/si/sck01.cpp index 16702f10..bfa0c71c 100644 --- a/qse/samples/si/sck01.cpp +++ b/qse/samples/si/sck01.cpp @@ -24,36 +24,36 @@ static int test1 () return -1; } - qse_printf (QSE_T("lo ifindex ===> %d\n"), s.getIfceIndex(QSE_WT("lo"))); - if (s.getIfceAddress(QSE_WT("lo"), &addr) >= 0) + qse_printf (QSE_T("lo ifindex ===> %d\n"), s.getIfceIndex(QSE_MT("lo"))); + if (s.getIfceAddress(QSE_T("lo"), &addr) >= 0) { qse_char_t buf[256]; qse_printf (QSE_T("lo ifaddr ===> [%s]\n"), addr.toStrBuf(buf, QSE_COUNTOF(buf))); } - if (s.getIfceNetmask(QSE_WT("lo"), &addr) >= 0) + if (s.getIfceNetmask(QSE_T("lo"), &addr) >= 0) { qse_char_t buf[256]; qse_printf (QSE_T("lo netmask ===> [%s]\n"), addr.toStrBuf(buf, QSE_COUNTOF(buf))); } - if (s.getIfceBroadcast(QSE_WT("lo"), &addr) >= 0) + if (s.getIfceBroadcast(QSE_T("lo"), &addr) >= 0) { qse_char_t buf[256]; qse_printf (QSE_T("lo broadcast ===> [%s]\n"), addr.toStrBuf(buf, QSE_COUNTOF(buf))); } - qse_printf (QSE_T("eth0 ifindex ===> %d\n"), s.getIfceIndex(QSE_WT("eth0"))); - if (s.getIfceAddress(QSE_WT("eth0"), &addr) >= 0) + qse_printf (QSE_T("eth0 ifindex ===> %d\n"), s.getIfceIndex(QSE_T("eth0"))); + if (s.getIfceAddress(QSE_T("eth0"), &addr) >= 0) { qse_char_t buf[256]; qse_printf (QSE_T("eth0 ifaddr ===> [%s]\n"), addr.toStrBuf(buf, QSE_COUNTOF(buf))); } - if (s.getIfceNetmask(QSE_WT("eth0"), &addr) >= 0) + if (s.getIfceNetmask(QSE_T("eth0"), &addr) >= 0) { qse_char_t buf[256]; qse_printf (QSE_T("eth0 netmask ===> [%s]\n"), addr.toStrBuf(buf, QSE_COUNTOF(buf))); } - if (s.getIfceBroadcast(QSE_WT("eth0"), &addr) >= 0) + if (s.getIfceBroadcast(QSE_T("eth0"), &addr) >= 0) { qse_char_t buf[256]; qse_printf (QSE_T("eth0 broadcast ===> [%s]\n"), addr.toStrBuf(buf, QSE_COUNTOF(buf)));