diff options
| author | wez@chromium.org <wez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-08-20 07:38:11 +0000 |
|---|---|---|
| committer | wez@chromium.org <wez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-08-20 07:38:11 +0000 |
| commit | 1a872dff28bdbf21b4ba2f658777af6b218cbf83 (patch) | |
| tree | c7075150ddc6e50f651e872a77a3ac83ed850fba /net/base/ip_endpoint.cc | |
| parent | fca27b0b733ad7acef36d402180afe827f613097 (diff) | |
| download | chromium_src-1a872dff28bdbf21b4ba2f658777af6b218cbf83.zip chromium_src-1a872dff28bdbf21b4ba2f658777af6b218cbf83.tar.gz chromium_src-1a872dff28bdbf21b4ba2f658777af6b218cbf83.tar.bz2 | |
Check the size of supplied sockaddr structures in FromSockAddr.
BUG=
TEST=Green, green, green, lots of green, on the various bots.
Review URL: http://codereview.chromium.org/7659003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@97574 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ip_endpoint.cc')
| -rw-r--r-- | net/base/ip_endpoint.cc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/net/base/ip_endpoint.cc b/net/base/ip_endpoint.cc index 55ea4465..2578ded 100644 --- a/net/base/ip_endpoint.cc +++ b/net/base/ip_endpoint.cc @@ -83,6 +83,8 @@ bool IPEndPoint::FromSockAddr(const struct sockaddr* address, DCHECK(address); switch (address->sa_family) { case AF_INET: { + if (address_length < sizeof(struct sockaddr_in)) + return false; const struct sockaddr_in* addr = reinterpret_cast<const struct sockaddr_in*>(address); port_ = ntohs(addr->sin_port); @@ -91,6 +93,8 @@ bool IPEndPoint::FromSockAddr(const struct sockaddr* address, break; } case AF_INET6: { + if (address_length < sizeof(struct sockaddr_in6)) + return false; const struct sockaddr_in6* addr = reinterpret_cast<const struct sockaddr_in6*>(address); port_ = ntohs(addr->sin6_port); |