Fix potential stack smash in getsyshwaddr on OS X
getsyshwaddr assumed that the first ifaddr it came across was the MAC address, and as such assumes that it has the right length. After upgrading to OS X 10.13.4, this causes minidlnad to crash on startup due to tripping stack smash protection -- I'm not sure if the order of addresses returned previously happened to accidentally hit this invariant, or if this was always an issue and the stack smash protection got smarter. In any event, we just need to look for the AF_LINK address and use that. As an extra check, we make sure the length is the length we expect to copy into the target buffer.
This commit is contained in:
Josh Watzman
Justin Maggard
parent
138d03db19
commit
ade51e9c94
@ -205,9 +205,13 @@ getsyshwaddr(char *buf, int len)
|
|||||||
continue;
|
continue;
|
||||||
memcpy(mac, ifr.ifr_hwaddr.sa_data, 6);
|
memcpy(mac, ifr.ifr_hwaddr.sa_data, 6);
|
||||||
#else
|
#else
|
||||||
|
if (p->ifa_addr->sa_family != AF_LINK)
|
||||||
|
continue;
|
||||||
struct sockaddr_dl *sdl;
|
struct sockaddr_dl *sdl;
|
||||||
sdl = (struct sockaddr_dl*)p->ifa_addr;
|
sdl = (struct sockaddr_dl*)p->ifa_addr;
|
||||||
memcpy(mac, LLADDR(sdl), sdl->sdl_alen);
|
if (sdl->sdl_alen != 6)
|
||||||
|
continue;
|
||||||
|
memcpy(mac, LLADDR(sdl), 6);
|
||||||
#endif
|
#endif
|
||||||
if (MACADDR_IS_ZERO(mac))
|
if (MACADDR_IS_ZERO(mac))
|
||||||
continue;
|
continue;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user