Fix buffer overflow in meshlink_hint_address().

diff --git a/src/meshlink.c b/src/meshlink.c
index 79db920b6a9d39eef024f6ee56c692679024925b..6e2ca709b28679163d550d6890459904ed41d4a4 100644 (file)
--- a/src/meshlink.c
+++ b/src/meshlink.c
@@ -1677,39 +1677,21 @@ void meshlink_whitelist(meshlink_handle_t *mesh, meshlink_node_t *node) {
 /* Hint that a hostname may be found at an address
  * See header file for detailed comment.
  */
-extern void meshlink_hint_address(meshlink_handle_t *mesh, meshlink_node_t *node, struct sockaddr *addr) {
+extern void meshlink_hint_address(meshlink_handle_t *mesh, meshlink_node_t *node, const struct sockaddr *addr) {
        if(!mesh || !node || !addr)
                return;
        
-       char *addr_str = malloc(MAX_ADDRESS_LENGTH*sizeof(char));
-       memset(addr_str, 0, MAX_ADDRESS_LENGTH*sizeof(char));
+       char *host = NULL, *port = NULL, *str = NULL;
+       sockaddr2str((const sockaddr_t *)addr, &host, &port);
 
-       char *port_str = malloc(MAX_PORT_LENGTH*sizeof(char));
-       memset(port_str, 0, MAX_PORT_LENGTH*sizeof(char));
-       
-       // extra byte for a space, and one to make sure string is null-terminated
-       int full_addr_len = MAX_ADDRESS_LENGTH + MAX_PORT_LENGTH + 2;
-
-       char *full_addr_str = malloc(full_addr_len*sizeof(char));
-       memset(full_addr_str, 0, full_addr_len*sizeof(char));
-       
-       // get address and port number
-       if(!get_ip_str(addr, addr_str, MAX_ADDRESS_LENGTH))
-               goto fail;
-       if(!get_port_str(addr, port_str, MAX_ADDRESS_LENGTH))
-               goto fail;
-
-       // append_config_file expects an address, a space, and then a port number
-       strcat(full_addr_str, addr_str);
-       strcat(full_addr_str, " ");
-       strcat(full_addr_str, port_str);
-       
-       append_config_file(mesh, node->name, "Address", full_addr_str);
+       if(host && port) {
+               xasprintf(&str, "%s %s", host, port);
+               append_config_file(mesh, node->name, "Address", str);
+       }
 
-fail:
-       free(addr_str);
-       free(port_str);
-       free(full_addr_str);
+       free(str);
+       free(host);
+       free(port);
 
        // @TODO do we want to fire off a connection attempt right away?
 }

diff --git a/src/meshlink.h b/src/meshlink.h
index 96fb8d6e7492da240e1505c06ce94dbd294f43b9..c80cd228a19d8d16e79e3693a059fe2956af05ad 100644 (file)
--- a/src/meshlink.h
+++ b/src/meshlink.h
@@ -589,7 +589,7 @@ extern ssize_t meshlink_channel_send(meshlink_handle_t *mesh, meshlink_channel_t
  *                     given hostname. The caller is free to overwrite or free
  *                     this memory once meshlink returns.
  */
-extern void meshlink_hint_address(meshlink_handle_t *mesh, meshlink_node_t *node, struct sockaddr *addr);
+extern void meshlink_hint_address(meshlink_handle_t *mesh, meshlink_node_t *node, const struct sockaddr *addr);
 
 #ifdef __cplusplus
 }

diff --git a/src/utils.c b/src/utils.c
index 0f7b00cc7949807aa1ce4d2a39577049c3e4dc6e..e45e5942d8a477a82e08924ba59e727c1feca4ff 100644 (file)
--- a/src/utils.c
+++ b/src/utils.c
@@ -178,51 +178,3 @@ unsigned int bitfield_to_int(const void *bitfield, size_t size) {
        memcpy(&value, bitfield, size);
        return value;
 }
-
-/* Write IP address from sockaddr to string.
- * Returns NULL on error.
- */
-char *get_ip_str(const struct sockaddr *sa, char *s, size_t maxlen)
-{
-       switch(sa->sa_family) {
-               case AF_INET:
-                       inet_ntop(AF_INET, &(((struct sockaddr_in *)sa)->sin_addr),
-                               s, maxlen);
-                       break;
-
-               case AF_INET6:
-                       inet_ntop(AF_INET6, &(((struct sockaddr_in6 *)sa)->sin6_addr),
-                               s, maxlen);
-                       break;
-
-               default:
-                       strncpy(s, "Unknown AF", maxlen);
-                       return NULL;
-       }
-
-       return s;
-}
-
-/* Write port from sockaddr to string.
- * Returns NULL on error.
- */
-char *get_port_str(const struct sockaddr *sa, char *s, size_t maxlen)
-{
-       switch(sa->sa_family) {
-               case AF_INET:
-                       snprintf(s, maxlen, "%d",
-                               ntohs(((struct sockaddr_in*)sa)->sin_port));
-                       break;
-
-               case AF_INET6:
-                       snprintf(s, maxlen, "%d",
-                               ntohs(((struct sockaddr_in6*)sa)->sin6_port));
-                       break;
-
-               default:
-                       strncpy(s, "Unknown AF", maxlen);
-                       return NULL;
-       }
-
-       return s;
-}

diff --git a/src/utils.h b/src/utils.h
index c0b677fcccbef542069800b916bf625e020308f9..1ea1026a52303bfa82681eb1dc025eb45a323a7c 100644 (file)
--- a/src/utils.h
+++ b/src/utils.h
@@ -47,7 +47,4 @@ extern const char *winerror(int);
 
 extern unsigned int bitfield_to_int(const void *bitfield, size_t size);
 
-extern char *get_ip_str(const struct sockaddr *sa, char *s, size_t maxlen);
-extern char *get_port_str(const struct sockaddr *sa, char *s, size_t maxlen);
-
 #endif /* __MESHLINK_UTILS_H__ */