proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-02 13:23:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bfdd: fix coverity memory overrun

Browse Source 
Use the destination for the operator `sizeof()` instead of the source
which could (and is) be bigger than destination.

We are not truncating any data here it just happens that the zebra
interface data structure hardware address can be bigger due to different
types of interface.

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
This commit is contained in:
Rafael Zalamena 2022-07-06 07:52:17 -03:00
parent 500fe387a0
commit f14233edbd
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bfdd/bfd_packet.c
View File

@ -219,8 +219,8 @@ void ptm_bfd_echo_fp_snd(struct bfd_session *bfd)
/* add eth hdr */
eth = (struct ethhdr *)(sendbuff);
memcpy(eth->h_source, bfd->ifp->hw_addr, sizeof(bfd->ifp->hw_addr));
memcpy(eth->h_dest, bfd->peer_hw_addr, sizeof(bfd->peer_hw_addr));
memcpy(eth->h_source, bfd->ifp->hw_addr, sizeof(eth->h_source));
memcpy(eth->h_dest, bfd->peer_hw_addr, sizeof(eth->h_dest));
total_len += sizeof(struct ethhdr);