gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[BUGFIX]fix ipport plugin get_ex_data array out of bounds

Browse Source
This commit is contained in:
liuwentan
2023-10-09 16:16:15 +08:00
parent f09aa3e1fe
commit 1d106cd4c2
2 changed files with 5 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/inc_internal/maat_ipport_plugin.h
View File

@@ -55,7 +55,7 @@ long long ipport_plugin_runtime_rule_count(void *ipport_plugin_runtime);
struct ex_data_runtime *ipport_plugin_runtime_get_ex_data_rt(void *ipport_plugin_runtime);
int ipport_plugin_runtime_get_ex_data(void *ipport_plugin_runtime, const struct ip_addr *ip_addr,
uint16_t port, void **ex_data_array, size_t n_ex_data_array);
uint16_t port, void **ex_data_array, size_t n_ex_data);
long long ipport_plugin_runtime_update_err_count(void *ipport_plugin_runtime);

9
src/maat_ipport_plugin.c
View File

@@ -561,10 +561,10 @@ static int validate_port(struct ipport_item *item, uint16_t port)
}
int ipport_plugin_runtime_get_ex_data(void *ipport_plugin_runtime, const struct ip_addr *ip_addr,
uint16_t port, void **ex_data_array, size_t array_size)
uint16_t port, void **ex_data_array, size_t n_ex_data)
{
if (NULL == ipport_plugin_runtime || NULL == ip_addr ||
NULL == ex_data_array || 0 == array_size) {
NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
@@ -584,9 +584,8 @@ int ipport_plugin_runtime_get_ex_data(void *ipport_plugin_runtime, const struct
ipv6_ntoh(ip_data.ipv6);
}
struct scan_result ip_results[MAX_SCANNER_HIT_ITEM_NUM];
int n_hit_ip_item = ip_matcher_match(ipport_plugin_rt->ip_matcher, &ip_data, ip_results,
MAX_SCANNER_HIT_ITEM_NUM);
struct scan_result ip_results[n_ex_data];
int n_hit_ip_item = ip_matcher_match(ipport_plugin_rt->ip_matcher, &ip_data, ip_results, n_ex_data);
if (n_hit_ip_item <= 0) {
return n_hit_ip_item;
}