Skip to content

Socket implementation in Ethernet library is prone to buffer overflow. #2756

New issue
New issue
Closed
Closed
Socket implementation in Ethernet library is prone to buffer overflow.#2756
Assignees
cmaglie
Labels
Component: CoreRelated to the code for the standard Arduino APILibrary: EthernetThe Ethernet Arduino library
@josephlm

Description

@josephlm
josephlm
opened on Mar 11, 2015

The code in recvfrom() in libraries/Ethernet/src/utility/socket.cpp does not check the length of the buffer (buf) passed before copying data from Wiznet shield buffer into the application's passed buffer.

If 'data_len' is bigger than 'len' then the only 'len' bytes should be copied to the application's passed buffer, otherwise 'data_len' bytes should be copied to the application's passed buffer.

Metadata

Metadata

Assignees

Labels

Component: CoreRelated to the code for the standard Arduino APILibrary: EthernetThe Ethernet Arduino library

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions