From 78db7640db0e2afa8403d721fd241ae901ba0bde Mon Sep 17 00:00:00 2001
From: Denys Fedoryshchenko <denys.f@collabora.com>
Date: Sun, 10 Mar 2024 17:34:00 +0200
Subject: Add safeguards to parse_gw_ip_address helper functions

In case of invalid configuration we might get stack overflow
with unexpected consequences.

Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
---
 accel-pppd/extra/ippool.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'accel-pppd/extra/ippool.c')

diff --git a/accel-pppd/extra/ippool.c b/accel-pppd/extra/ippool.c
index 6ba2b5d..3ae48e9 100644
--- a/accel-pppd/extra/ippool.c
+++ b/accel-pppd/extra/ippool.c
@@ -108,6 +108,9 @@ static void parse_gw_ip_address(const char *val)
 
 	ptr = strchr(val, '/');
 	if (ptr) {
+		// safeguard, don't crash on oversized or undersized strings
+		if (ptr - val > 15 || ptr - val < 7)
+			return;
 		memcpy(addr, val, ptr - val);
 		addr[ptr - val] = 0;
 		conf_gw_ip_address = inet_addr(addr);
-- 
cgit v1.2.3