From ade51e9c94c8c4a1f70b9986ba3541222ee8bd60 Mon Sep 17 00:00:00 2001
From: Josh Watzman <github@jwatzman.org>
Date: Tue, 10 Apr 2018 23:17:22 +0100
Subject: [PATCH] Fix potential stack smash in getsyshwaddr on OS X

getsyshwaddr assumed that the first ifaddr it came across was the MAC
address, and as such assumes that it has the right length. After
upgrading to OS X 10.13.4, this causes minidlnad to crash on startup due
to tripping stack smash protection -- I'm not sure if the order of
addresses returned previously happened to accidentally hit this
invariant, or if this was always an issue and the stack smash protection
got smarter.

In any event, we just need to look for the AF_LINK address and use that.
As an extra check, we make sure the length is the length we expect to
copy into the target buffer.
---
 getifaddr.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/getifaddr.c b/getifaddr.c
index 5f95031..2d9474c 100644
--- a/getifaddr.c
+++ b/getifaddr.c
@@ -205,9 +205,13 @@ getsyshwaddr(char *buf, int len)
 				continue;
 			memcpy(mac, ifr.ifr_hwaddr.sa_data, 6);
 #else
+			if (p->ifa_addr->sa_family != AF_LINK)
+				continue;
 			struct sockaddr_dl *sdl;
 			sdl = (struct sockaddr_dl*)p->ifa_addr;
-			memcpy(mac, LLADDR(sdl), sdl->sdl_alen);
+			if (sdl->sdl_alen != 6)
+				continue;
+			memcpy(mac, LLADDR(sdl), 6);
 #endif
 			if (MACADDR_IS_ZERO(mac))
 				continue;