There is a potential buffer overflow in calls to recvfrom() because the ep->payload buffer is not over-allocated sufficiently as stated in the comment in endpoint.c. I've changed it to be allocated like how it is used. I could also be the usage that is wrong (not sure).
There is a potential buffer overflow in calls to recvfrom() because the
ep->payloadbuffer is not over-allocated sufficiently as stated in the comment in endpoint.c. I've changed it to be allocated like how it is used. I could also be the usage that is wrong (not sure).https://github.com/perfsonar/owamp/blob/c17e794993e1688869c7dcd3a163c7e8fbc9636d/owamp/endpoint.c#L3501-L3504
This is the length eventually passed to recvfrom() (68 bytes)
https://github.com/perfsonar/owamp/blob/c17e794993e1688869c7dcd3a163c7e8fbc9636d/owamp/endpoint.c#L3506-L3508
This is how it is allocated (41 bytes):
https://github.com/perfsonar/owamp/blob/c17e794993e1688869c7dcd3a163c7e8fbc9636d/owamp/endpoint.c#L449-L459