Add mtod_check()

Recent security issues demonstrate the lack of safety care when casting a mbuf to a particular structure type. At least, it should check that the buffer is large enough. The following patches will make use of this function. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
author: Marc-André Lureau <marcandre.lureau@redhat.com> 2021-06-04 15:58:25 +0400
committer: Marc-André Lureau <marcandre.lureau@redhat.com> 2021-06-14 11:35:54 +0400
commit: 93e645e72a056ec0b2c16e0299fc5c6b94e4ca17 (patch)
tree: 7445e9a496bfda1f6faafd0c1e0af1dac212af2f /src/mbuf.c
parent: 5758d835e431886e862a8b849ac2236b7cfed067 (diff)
download: slirp-93e645e72a056ec0b2c16e0299fc5c6b94e4ca17.zip
slirp-93e645e72a056ec0b2c16e0299fc5c6b94e4ca17.tar.gz
slirp-93e645e72a056ec0b2c16e0299fc5c6b94e4ca17.tar.bz2
1 files changed, 11 insertions, 0 deletions
diff --git a/src/mbuf.c b/src/mbuf.c
index b47f64e..b4152c3 100644
--- a/src/mbuf.c
+++ b/src/mbuf.c
@@ -263,3 +263,14 @@ struct mbuf *m_dup(Slirp *slirp, struct mbuf *m,
 
     return n;
 }
+
+void *mtod_check(struct mbuf *m, size_t len)
+{
+    if (m->m_len >= len) {
+        return m->m_data;
+    }
+
+    DEBUG_ERROR("mtod failed");
+
+    return NULL;
+}
author	Marc-André Lureau <marcandre.lureau@redhat.com>	2021-06-04 15:58:25 +0400
committer	Marc-André Lureau <marcandre.lureau@redhat.com>	2021-06-14 11:35:54 +0400
commit	93e645e72a056ec0b2c16e0299fc5c6b94e4ca17 (patch)
tree	7445e9a496bfda1f6faafd0c1e0af1dac212af2f /src/mbuf.c
parent	5758d835e431886e862a8b849ac2236b7cfed067 (diff)
download	slirp-93e645e72a056ec0b2c16e0299fc5c6b94e4ca17.zip slirp-93e645e72a056ec0b2c16e0299fc5c6b94e4ca17.tar.gz slirp-93e645e72a056ec0b2c16e0299fc5c6b94e4ca17.tar.bz2