gandc/zapret2
Template
1
0
Fork 0
mirror of https://github.com/bol-van/zapret2.git synced 2026-03-13 22:03:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

nfqws2: prevent OOB read in addpool

Browse Source
This commit is contained in:
bol-van
2026-02-23 18:44:27 +03:00
parent dbf673e24a
commit 937aa91e5d
2 changed files with 51 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
nfq2/hostlist.c
View File

@@ -11,7 +11,7 @@ static bool addpool(hostlist_pool **hostlist, char **s, const char *end, int *ct
for (; p<end && (*p==' ' || *p=='\t') ; p++);
*s = p;
// comment line ?
if ( *p != '#' && *p != ';' && *p != '/' && *p != '\r' && *p != '\n')
if (p<end && *p != '#' && *p != ';' && *p != '/' && *p != '\r' && *p != '\n')
{
// advance until eol lowering all chars
uint32_t flags = 0;
@@ -66,6 +66,8 @@ bool AppendHostList(hostlist_pool **hostlist, const char *filename)
{
DLOG_CONDUP("zlib compression detected. uncompressed size : %zu\n", zsize);
if (zbuf)
{
p = zbuf;
e = zbuf + zsize;
while(p<e)
@@ -79,6 +81,7 @@ bool AppendHostList(hostlist_pool **hostlist, const char *filename)
}
free(zbuf);
}
}
else
{
DLOG_ERR("zlib decompression failed : result %d\n", r);

13
nfq2/ipset.c
View File

@@ -12,12 +12,15 @@ static bool addpool(ipset *ips, char **s, const char *end, int *ct)
struct cidr6 c6;
for (p=*s; p<end && (*p==' ' || *p=='\t') ; p++);
if (p<end)
{
// comment line
if (!(*p == '#' || *p == ';' || *p == '/' || *p == '\r' || *p == '\n' ))
{
*s=p;
// advance to the token's end
for (; p<end && *p && *p!=' ' && *p!='\t' && *p!='\r' && *p != '\n'; p++);
// comment line
if (!(**s == '#' || **s == ';' || **s == '/' || **s == '\r' || **s == '\n' ))
{
l = p-*s;
if (l>=sizeof(cidr)) l=sizeof(cidr)-1;
memcpy(cidr,*s,l);
@@ -44,6 +47,7 @@ static bool addpool(ipset *ips, char **s, const char *end, int *ct)
else
DLOG_ERR("bad ip or subnet : %s\n",cidr);
}
}
// skip remaining non-eol chars
for (; p<end && *p && *p!='\r' && *p != '\n'; p++);
@@ -83,6 +87,8 @@ static bool AppendIpset(ipset *ips, const char *filename)
{
DLOG_CONDUP("zlib compression detected. uncompressed size : %zu\n", zsize);
if (zbuf)
{
p = zbuf;
e = zbuf + zsize;
while(p<e)
@@ -96,6 +102,7 @@ static bool AppendIpset(ipset *ips, const char *filename)
}
free(zbuf);
}
}
else
{
DLOG_ERR("zlib decompression failed : result %d\n",r);