(unet2): Добавил проверку выхода за границы массива в преобразовании UDPPacket в UDPMessage

f6b78bc4 · Pavel Vainerman · 2165dda8 · f6b78bc4 · f6b78bc4
Commit f6b78bc4 authored Oct 02, 2011 by Pavel Vainerman
Show whitespace changes
Inline Side-by-side

Showing with 10 additions and 1 deletion

UDPPacket.cc extensions/UNet2/UDPPacket.cc +9 -0

unet2-tester.cc extensions/UNet2/unet2-tester.cc +1 -1

No files found.
--- a/extensions/UNet2/UDPPacket.cc
+++ b/extensions/UNet2/UDPPacket.cc
@@ -169,11 +169,17 @@ size_t UDPMessage::getMessage( UDPMessage& m, UDPPacket& p )
 	// копируем аналоговые данные
 	size_t sz = m.acount*sizeof(UDPAData);
+	if( sz > sizeof(m.a_dat) )
+		sz = sizeof(m.a_dat);
 	memcpy(m.a_dat,&(p.data[i]),sz);
 	i += sz;
 	// копируем булевые индексы
 	sz = m.dcount*sizeof(long);
+	if( sz > sizeof(m.d_id) )
+		sz = sizeof(m.d_id);
 	memcpy(m.d_id,&(p.data[i]),sz);
 	i += sz;
@@ -181,6 +187,9 @@ size_t UDPMessage::getMessage( UDPMessage& m, UDPPacket& p )
 	size_t nbyte = m.dcount / sizeof(unsigned char);
 	size_t nbit =  m.dcount % sizeof(unsigned char);
 	sz = nbit > 0 ? nbyte + 1 : nbyte;
+	if( sz > sizeof(m.d_dat) )
+		sz = sizeof(m.d_dat);
 	memcpy(m.d_dat,&(p.data[i]),sz);
    return i+sz;

--- a/extensions/UNet2/unet2-tester.cc
+++ b/extensions/UNet2/unet2-tester.cc
@@ -267,7 +267,7 @@ int main(int argc, char* argv[])
 					mypack.addAData(d);
 				}
-				for( int i=0; i < count; i++ )
+				for( unsigned int i=0; i < count; i++ )
 					mypack.addDData(i,i);
 				udp->setPeer(host,port);