[GitHub] [incubator-nuttx-apps] acassis commented on a change in pull request #789: dhcpc: fix potential invalid memory reads

[GitBox <gi...@apache.org>]

acassis commented on a change in pull request #789:
URL: https://github.com/apache/incubator-nuttx-apps/pull/789#discussion_r660601211



##########
File path: netutils/dhcpc/dhcpc.c
##########
@@ -326,41 +326,48 @@ static uint8_t dhcpc_parseoptions(FAR struct dhcpc_state *presult,
 
             /* Get subnet mask in network order */
 
-            memcpy(&presult->netmask.s_addr, optptr + 2, 4);
+            if (optptr + 6 <= end)

Review comment:
       also I think it should be important to include an "else" and print a debug error to let the user know what is going on!

##########
File path: netutils/dhcpc/dhcpc.c
##########
@@ -326,41 +326,48 @@ static uint8_t dhcpc_parseoptions(FAR struct dhcpc_state *presult,
 
             /* Get subnet mask in network order */
 
-            memcpy(&presult->netmask.s_addr, optptr + 2, 4);
+            if (optptr + 6 <= end)

Review comment:
       also I think it should be important to include an "else" and print a debug error to let the user know what is going on!




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@nuttx.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org