Commit 36f056a0 authored by Juliusz Chroboczek's avatar Juliusz Chroboczek

Fix buffer overflow in zone_equal.

Prefixes are counted in bits, not in bytes.  It is safe to compare all
16 bytes, since prefixes are always normalised -- they have zeroes beyond
the prefix length, see mask_prefix.  Alternatively, we could use
prefix_cmp.
parent c96af640
......@@ -132,9 +132,9 @@ static int
zone_equal(const struct zone *z1, const struct zone *z2)
{
return z1 && z2 && z1->dst_plen == z2->dst_plen &&
memcmp(z1->dst_prefix, z2->dst_prefix, z1->dst_plen) == 0 &&
memcmp(z1->dst_prefix, z2->dst_prefix, 16) == 0 &&
z1->src_plen == z2->src_plen &&
memcmp(z1->src_prefix, z2->src_prefix, z1->src_plen) == 0;
memcmp(z1->src_prefix, z2->src_prefix, 16) == 0;
}
static const struct babel_route *
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment