diff options
| author | liuwentan <[email protected]> | 2023-10-09 16:16:15 +0800 |
|---|---|---|
| committer | liuwentan <[email protected]> | 2023-10-09 16:16:15 +0800 |
| commit | 1d106cd4c27b5a8231357aa07814c2ab99ec54a4 (patch) | |
| tree | f15db7c0f22763e80e30404c49e10071378c9471 | |
| parent | f09aa3e1fe5baabe83826b1d67cb382d9be83cc0 (diff) | |
[BUGFIX]fix ipport plugin get_ex_data array out of boundsv4.0.45
| -rw-r--r-- | src/inc_internal/maat_ipport_plugin.h | 2 | ||||
| -rw-r--r-- | src/maat_ipport_plugin.c | 9 |
2 files changed, 5 insertions, 6 deletions
diff --git a/src/inc_internal/maat_ipport_plugin.h b/src/inc_internal/maat_ipport_plugin.h index c38f9fc..83d1fc8 100644 --- a/src/inc_internal/maat_ipport_plugin.h +++ b/src/inc_internal/maat_ipport_plugin.h @@ -55,7 +55,7 @@ long long ipport_plugin_runtime_rule_count(void *ipport_plugin_runtime); struct ex_data_runtime *ipport_plugin_runtime_get_ex_data_rt(void *ipport_plugin_runtime); int ipport_plugin_runtime_get_ex_data(void *ipport_plugin_runtime, const struct ip_addr *ip_addr, - uint16_t port, void **ex_data_array, size_t n_ex_data_array); + uint16_t port, void **ex_data_array, size_t n_ex_data); long long ipport_plugin_runtime_update_err_count(void *ipport_plugin_runtime); diff --git a/src/maat_ipport_plugin.c b/src/maat_ipport_plugin.c index e9979a8..73fb186 100644 --- a/src/maat_ipport_plugin.c +++ b/src/maat_ipport_plugin.c @@ -561,10 +561,10 @@ static int validate_port(struct ipport_item *item, uint16_t port) } int ipport_plugin_runtime_get_ex_data(void *ipport_plugin_runtime, const struct ip_addr *ip_addr, - uint16_t port, void **ex_data_array, size_t array_size) + uint16_t port, void **ex_data_array, size_t n_ex_data) { if (NULL == ipport_plugin_runtime || NULL == ip_addr || - NULL == ex_data_array || 0 == array_size) { + NULL == ex_data_array || 0 == n_ex_data) { return -1; } @@ -584,9 +584,8 @@ int ipport_plugin_runtime_get_ex_data(void *ipport_plugin_runtime, const struct ipv6_ntoh(ip_data.ipv6); } - struct scan_result ip_results[MAX_SCANNER_HIT_ITEM_NUM]; - int n_hit_ip_item = ip_matcher_match(ipport_plugin_rt->ip_matcher, &ip_data, ip_results, - MAX_SCANNER_HIT_ITEM_NUM); + struct scan_result ip_results[n_ex_data]; + int n_hit_ip_item = ip_matcher_match(ipport_plugin_rt->ip_matcher, &ip_data, ip_results, n_ex_data); if (n_hit_ip_item <= 0) { return n_hit_ip_item; } |