Fixed a buffer overflow when client calls SetATSHostList() with

long host names.
This commit is contained in:
S Rahul 2009-10-15 12:41:20 +00:00
parent 3c94f4cba1
commit 78e69573cd

View File

@ -1054,6 +1054,11 @@ SetATSHostList(
for (i = 0; ATSHostList[i] != NULL; i++) { for (i = 0; ATSHostList[i] != NULL; i++) {
int ret; int ret;
if (strlen(ATSHostList[i]) > 255) {
DbgTrace(0, "-SetATSHostList- Host name too long: %s\n", ATSHostList[i]);
retStatus = CASA_STATUS_INVALID_PARAMETER;
goto exit;
}
ret = sscanf(ATSHostList[i], "%[^:]:%hu", address, &port); ret = sscanf(ATSHostList[i], "%[^:]:%hu", address, &port);
if (ret != 2) { if (ret != 2) {
DbgTrace(0, "-SetATSHostList- Invalid entry: %s\n", ATSHostList[i]); DbgTrace(0, "-SetATSHostList- Invalid entry: %s\n", ATSHostList[i]);