it will coredump if senptr > recptr in memmove function in slutils.c

EarthScope / libslink

The SeedLink client library

Apache License 2.0

9 stars 7 forks source link

it will coredump if senptr > recptr in memmove function in slutils.c #9

Closed wangmm0220 closed 1 month ago

wangmm0220 commented 1 year ago

In the branch of develop.

(slconn->stat->slpack.reclen > 0 && slconn->stat->slpack.reclen > bufferlen)) should be (slconn->stat->slpack.reclen > 0 && slconn->stat->slpack.reclen + SLHEADSIZE > bufferlen))

otherwise sendptr will be bigger than recptr send:1560, rec:1556

chad-earthscope commented 1 year ago

Thanks @wangmm0220. That should be protected against.

Out of curiosity, have you see this scenario occur? If so, what were the circumstances? Thanks.

chad-earthscope commented 1 month ago

This should be fixed in the new major release.