Merge pull request #2549 from signalwire/stun_overrun

[Core] switch_stun.c: Coverity 1468480: Out-of-bounds access (OVERRUN)
This commit is contained in:
Andrey Volk 2024-07-30 18:05:26 +03:00 committed by GitHub
commit d569ca0273
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 12 additions and 1 deletions

View File

@ -141,6 +141,13 @@ typedef struct {
uint32_t address;
} switch_stun_ip_t;
typedef struct {
uint8_t wasted;
uint8_t family;
uint16_t port;
uint8_t address[16];
} switch_stun_ipv6_t;
#if SWITCH_BYTE_ORDER == __BIG_ENDIAN
typedef struct {

View File

@ -401,13 +401,17 @@ SWITCH_DECLARE(uint8_t) switch_stun_packet_attribute_get_mapped_address(switch_s
SWITCH_DECLARE(uint8_t) switch_stun_packet_attribute_get_xor_mapped_address(switch_stun_packet_attribute_t *attribute, switch_stun_packet_header_t *header, char *ipstr, switch_size_t iplen, uint16_t *port)
{
switch_stun_ip_t *ip;
switch_stun_ipv6_t *ipv6;
uint8_t x, *i;
char *p = ipstr;
ip = (switch_stun_ip_t *) attribute->value;
if (ip->family == 2) {
uint8_t *v6addr = (uint8_t *) &ip->address;
uint8_t *v6addr;
ipv6 = (switch_stun_ipv6_t *)attribute->value;
v6addr = (uint8_t *) &ipv6->address;
v6_xor(v6addr, (uint8_t *)header->id);
inet_ntop(AF_INET6, v6addr, ipstr, iplen);
} else {