[tfaber] 74373: [WS2_32][DNSAPI] - Avoid stack buffer overflow in ParseV4Address CORE-11474 - Ros-diffs

19 Apr 2017

Author: tfaber
Date: Wed Apr 19 11:14:18 2017
New Revision: 74373
URL: http://svn.reactos.org/svn/reactos?rev=74373&view=rev
Log:
[WS2_32][DNSAPI]
- Avoid stack buffer overflow in ParseV4Address
CORE-11474
Modified:
    trunk/reactos/dll/win32/dnsapi/dnsapi/query.c
    trunk/reactos/dll/win32/ws2_32/src/addrinfo.c
Modified: trunk/reactos/dll/win32/dnsapi/dnsapi/query.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/dnsapi/dnsapi/que...
==============================================================================

--- trunk/reactos/dll/win32/dnsapi/dnsapi/query.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/dnsapi/dnsapi/query.c	[iso-8859-1] Wed Apr 19 11:14:18 2017
@@ -460,6 +460,7 @@
     */
     if (*cp && *cp > ' ') return FALSE;
+    if (pp >= parts + 4) return FALSE;
     *pp++ = val;
     /*
     * Concoct the address according to
Modified: trunk/reactos/dll/win32/ws2_32/src/addrinfo.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/ws2_32/src/addrin...
==============================================================================
--- trunk/reactos/dll/win32/ws2_32/src/addrinfo.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/ws2_32/src/addrinfo.c	[iso-8859-1] Wed Apr 19 11:14:18 2017
@@ -148,6 +148,7 @@
     */
     if (*cp) return FALSE;
+    if (pp >= parts + 4) return FALSE;
     *pp++ = val;
     /*
     * Concoct the address according to

    