commit 0e4fc12c5aa299ba89a917c2f6962d2a7e580255 parent 1c4e21f099a029200cacd50a6b7fb224c5550ccf Author: Evgeny Grin (Karlson2k) <k2k@narod.ru> Date: Mon, 31 Jan 2022 15:44:43 +0300 MHD_add_connection(): reject wrong addrlen Diffstat:
| M | src/microhttpd/daemon.c | | | 29 | +++++++++++++++++++++++++++++ |
1 file changed, 29 insertions(+), 0 deletions(-)
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c @@ -3429,6 +3429,35 @@ MHD_add_connection (struct MHD_Daemon *daemon, " added sockets.\n")); } #endif /* HAVE_MESSAGES */ + if (0 != addrlen) + { + if (AF_INET == addr->sa_family) + { + if (sizeof(struct sockaddr_in) > addrlen) + { +#ifdef HAVE_MESSAGES + MHD_DLOG (daemon, + _ ("MHD_add_connection() has been called with " + "incorrect 'addrlen' value.\n")); +#endif /* HAVE_MESSAGES */ + return MHD_NO; + } + } +#ifdef HAVE_INET6 + if (AF_INET6 == addr->sa_family) + { + if (sizeof(struct sockaddr_in6) > addrlen) + { +#ifdef HAVE_MESSAGES + MHD_DLOG (daemon, + _ ("MHD_add_connection() has been called with " + "incorrect 'addrlen' value.\n")); +#endif /* HAVE_MESSAGES */ + return MHD_NO; + } + } +#endif /* HAVE_INET6 */ + } if (! MHD_socket_nonblocking_ (client_socket)) {