Skip to content

socket.recvfrom() buffer overflow? [imported] #355

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
cmaglie opened this issue Nov 15, 2012 · 1 comment
Closed

socket.recvfrom() buffer overflow? [imported] #355

cmaglie opened this issue Nov 15, 2012 · 1 comment
Assignees
@cmaglie
Labels
Library: Ethernet The Ethernet Arduino library

Comments

@cmaglie
Copy link
Member

cmaglie commented Nov 15, 2012

This is Issue 355 moved from a Google Code project.
Added by 2010-09-22T16:39:07.000Z by [email protected].
Please review that bug for more context and additional comments, but update this bug.

Original labels: Type-Defect, Priority-Medium

Original description

recvfrom() doesn't check data_len received from W5100.read_data before using it to read into *buf:

maybe indicates more basic problem in w5100 library?

from socket.cpp:

  data_len = head[6];
  data_len = (data_len << 8) + head[7];

  // here should be (data_len > len) test

  W5100.read_data(s, (uint8_t *)ptr, buf, data_len); // data copy.
@ffissore ffissore added the New label Feb 27, 2014
tbowmo pushed a commit to tbowmo/Arduino that referenced this issue Jul 14, 2016
@henrikekblad
Fix mqtt client when using dhcp arduino#355
a60092e
tbowmo pushed a commit to tbowmo/Arduino that referenced this issue Jul 14, 2016
@henrikekblad
Added ability to connect to mqtt server by url. Fixed mqtt client
e95b75e 
connect bug. arduino#355
@sandeepmistry sandeepmistry added the Library: Ethernet The Ethernet Arduino library label Jul 18, 2016
@PaulStoffregen
Copy link
Contributor

Fixed in Ethernet 2.0.0.

The recvfrom() function was removed and implemented directly in EthernetUDP parsePacket() and read(). The read() function does indeed check buffer size.

Closing this old issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cmaglie cmaglie

Labels
Library: Ethernet The Ethernet Arduino library
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@matthijskooijman @cmaglie @ffissore @PaulStoffregen @sandeepmistry