From d7dad1bc49176b9e2c6bc93d5918313b8054524e Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Fri, 6 Jan 2017 16:46:22 +0100 Subject: [PATCH] BUG/MINOR: tools: fix off-by-one in port size check port_to_str() checks that the port size is at least 5 characters instead of at least 6. While in theory it could permit a buffer overflow, it's harmless because all callers have at least 6 characters here. This fix needs to be backported to 1.7, 1.6 and 1.5. --- src/standard.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/standard.c b/src/standard.c index 910e1c298..02a183bfe 100644 --- a/src/standard.c +++ b/src/standard.c @@ -1409,7 +1409,7 @@ int port_to_str(struct sockaddr_storage *addr, char *str, int size) uint16_t port; - if (size < 5) + if (size < 6) return 0; *str = '\0';