qemu-e2k/slirp
Prasad J Pandit a7104eda7d slirp: check data length while emulating ident function
While emulating identification protocol, tcp_emu() does not check
available space in the 'sc_rcv->sb_data' buffer. It could lead to
heap buffer overflow issue. Add check to avoid it.

Reported-by: Kira <864786842@qq.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2019-01-14 23:36:38 +01:00
..
arp_table.c slirp: replace DEBUG_ARGS with DEBUG_ARG 2019-01-14 00:44:29 +01:00
bootp.c slirp: no need to make DPRINTF conditional on DEBUG 2019-01-14 00:44:29 +01:00
bootp.h slirp: Implement RFC2132 TFTP server name 2018-10-21 21:24:55 +02:00
cksum.c slirp: call into g_debug() for DEBUG macros 2019-01-14 23:36:38 +01:00
COPYRIGHT
debug.h slirp: Mark debugging calls as unlikely 2019-01-14 23:36:38 +01:00
dhcpv6.c slirp: call into g_debug() for DEBUG macros 2019-01-14 23:36:38 +01:00
dhcpv6.h slirp: add in6_dhcp_multicast() 2018-01-14 18:16:13 +01:00
dnssearch.c
if.c slirp: add clock_get_ns() callback 2019-01-14 00:44:29 +01:00
if.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
ip6_icmp.c slirp: add clock_get_ns() callback 2019-01-14 00:44:29 +01:00
ip6_icmp.h slirp: replace HOST_WORDS_BIGENDIAN with glib equivalent 2019-01-14 00:40:54 +01:00
ip6_input.c slirp: use %p for pointers format 2019-01-14 00:44:29 +01:00
ip6_output.c slirp: use %p for pointers format 2019-01-14 00:44:29 +01:00
ip6.h slirp: replace HOST_WORDS_BIGENDIAN with glib equivalent 2019-01-14 00:40:54 +01:00
ip_icmp.c slirp: call into g_debug() for DEBUG macros 2019-01-14 23:36:38 +01:00
ip_icmp.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
ip_input.c slirp: remove #if notdef dead code 2019-01-14 00:44:10 +01:00
ip_output.c Use #include "..." for our own headers, <...> for others 2016-07-12 16:19:16 +02:00
ip.h slirp: replace SIZEOF_CHAR_P with glib equivalent 2019-01-14 00:40:54 +01:00
libslirp.h slirp: add clock_get_ns() callback 2019-01-14 00:44:29 +01:00
main.h slirp: remove unused HAVE_SYS_SELECT_H 2019-01-14 00:40:54 +01:00
Makefile.objs slirp: set G_LOG_DOMAIN 2019-01-14 23:36:38 +01:00
mbuf.c slirp: improve a bit the debug macros 2019-01-14 00:43:30 +01:00
mbuf.h slirp: remove unused M_TRAILINGSPACE 2019-01-14 00:40:54 +01:00
misc.c slirp: factor out guestfwd addition checks 2019-01-14 00:44:29 +01:00
misc.h slirp: rename exec_list 2019-01-14 00:44:29 +01:00
ncsi-pkt.h slirp: add a fake NC-SI backend 2017-04-25 19:17:25 +08:00
ncsi.c slirp: replace ARRAY_SIZE with G_N_ELEMENTS 2019-01-14 00:44:29 +01:00
ndp_table.c slirp: replace DEBUG_ARGS with DEBUG_ARG 2019-01-14 00:44:29 +01:00
sbuf.c slirp: Handle error returns from sosendoob() 2017-07-15 14:28:25 +02:00
sbuf.h slirp: remove unused sbflush() 2019-01-14 00:44:10 +01:00
slirp.c slirp: call into g_debug() for DEBUG macros 2019-01-14 23:36:38 +01:00
slirp.h slirp: rename exec_list 2019-01-14 00:44:29 +01:00
socket.c slirp: call into g_debug() for DEBUG macros 2019-01-14 23:36:38 +01:00
socket.h slirp: rename /extra/chardev 2019-01-14 00:40:54 +01:00
tcp_input.c slirp: call into g_debug() for DEBUG macros 2019-01-14 23:36:38 +01:00
tcp_output.c slirp: call into g_debug() for DEBUG macros 2019-01-14 23:36:38 +01:00
tcp_subr.c slirp: check data length while emulating ident function 2019-01-14 23:36:38 +01:00
tcp_timer.c slirp: replace compile time DO_KEEPALIVE 2019-01-14 00:43:30 +01:00
tcp_timer.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
tcp_var.h slirp: VMState conversion; tcpcb 2017-04-29 18:44:16 +02:00
tcp.h slirp: replace HOST_WORDS_BIGENDIAN with glib equivalent 2019-01-14 00:40:54 +01:00
tcpip.h slirp, disas: Replace min/max with MIN/MAX macros 2016-12-20 23:55:19 +01:00
tftp.c slirp: replace ARRAY_SIZE with G_N_ELEMENTS 2019-01-14 00:44:29 +01:00
tftp.h slirp: support dynamic block size for TFTP transfers 2016-12-21 00:02:15 +01:00
trace-events slirp: add tftp tracing 2019-01-14 00:40:54 +01:00
udp6.c slirp: call into g_debug() for DEBUG macros 2019-01-14 23:36:38 +01:00
udp.c slirp: call into g_debug() for DEBUG macros 2019-01-14 23:36:38 +01:00
udp.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00