diff options
author | 2017-11-13 19:35:24 +0100 | |
---|---|---|
committer | 2017-11-13 19:35:34 +0100 | |
commit | 467a3493eacefe6acba34ad0231524245eb8daae (patch) | |
tree | b986ecaaf0f9791af50c445a233786bb71232947 /src/allowedips.c | |
parent | selftest: allowedips: randomized test mutex update (diff) | |
download | wireguard-linux-compat-467a3493eacefe6acba34ad0231524245eb8daae.tar.xz wireguard-linux-compat-467a3493eacefe6acba34ad0231524245eb8daae.zip |
allowedips: do not write out of bounds
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'src/allowedips.c')
-rw-r--r-- | src/allowedips.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/allowedips.c b/src/allowedips.c index 279bdd4..3274c1f 100644 --- a/src/allowedips.c +++ b/src/allowedips.c @@ -13,11 +13,13 @@ struct allowedips_node { static inline void copy_and_assign_cidr(struct allowedips_node *node, const u8 *src, u8 cidr) { - memcpy(node->bits, src, (cidr + 7) / 8); - node->bits[(cidr + 7) / 8 - 1] &= 0xffU << ((8 - (cidr % 8)) % 8); node->cidr = cidr; node->bit_at_a = cidr / 8; node->bit_at_b = 7 - (cidr % 8); + if (cidr) { + memcpy(node->bits, src, (cidr + 7) / 8); + node->bits[(cidr + 7) / 8 - 1] &= ~0U << ((8 - (cidr % 8)) % 8); + } } #define choose_node(parent, key) parent->bit[(key[parent->bit_at_a] >> parent->bit_at_b) & 1] |