[HUST CSE][bsp][fix] Fix potential buffer overflow vulnerability (#7409)
This commit is contained in:
parent
1efe3071c7
commit
0d7e18df1e
|
@ -26,6 +26,10 @@
|
|||
#include <rtthread.h>
|
||||
#include <netif/ethernetif.h>
|
||||
|
||||
#define DBG_TAG "pcap.netif"
|
||||
#define DBG_LVL DBG_INFO
|
||||
#include <rtdbg.h>
|
||||
|
||||
#define MAX_ADDR_LEN 6
|
||||
|
||||
#define NETIF_DEVICE(netif) ((struct pcap_netif*)(netif))
|
||||
|
@ -203,6 +207,14 @@ rt_err_t pcap_netif_tx( rt_device_t dev, struct pbuf* p)
|
|||
/* lock EMAC device */
|
||||
rt_sem_take(&sem_lock, RT_WAITING_FOREVER);
|
||||
|
||||
/* check if the total length of pbuf exceeds the size of buf */
|
||||
if(p->tot_len > 2048)
|
||||
{
|
||||
LOG_E("Sending the packet: send data exceed max len 2048!");
|
||||
rt_sem_release(&sem_lock);
|
||||
return -RT_ERROR;
|
||||
}
|
||||
|
||||
/* copy data to tx buffer */
|
||||
q = p;
|
||||
ptr = (rt_uint8_t*)buf;
|
||||
|
@ -219,7 +231,7 @@ rt_err_t pcap_netif_tx( rt_device_t dev, struct pbuf* p)
|
|||
|
||||
if (res != 0)
|
||||
{
|
||||
rt_kprintf("Error sending the packet: \n", pcap_geterr(tap));
|
||||
LOG_E("Sending the packet: %s", pcap_geterr(tap));
|
||||
result = -RT_ERROR;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue