提交 64466094 编写于 作者: R Rich Felker

fix stack-based oob memory clobber in resolver's result sorting

commit 4f35eb75 introduced this bug.
it is not present in any released versions. inadvertent use of the &
operator on an array into which we're indexing produced arithmetic on
the wrong-type pointer, with undefined behavior.
上级 d0d21252
......@@ -394,7 +394,7 @@ int __lookup_name(struct address buf[static MAXADDRS], char canon[static 256], c
key |= DAS_USABLE;
if (!getsockname(fd, sa, &salen)) {
if (family == AF_INET) memcpy(
&sa6.sin6_addr.s6_addr+12,
sa6.sin6_addr.s6_addr+12,
&sa4.sin_addr, 4);
if (dscope == scopeof(&sa6.sin6_addr))
key |= DAS_MATCHINGSCOPE;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册