common: Add mandatory length field to UDP receive calls

Current UDP receive reads up to MAX_UDP_LENGTH bytes into the passed in buffer, which may lead to buffer overflow if the write buffer is of insufficient size. Add mandatory length argument to UDP socket receive calls. Reported-by: Simone Margaritelli <simone@zimperium.com> Signed-off-by: Tom Tsou <tom.tsou@ettus.com>
author: Tom Tsou <tom.tsou@ettus.com> 2016-04-28 21:55:17 -0700
committer: Tom Tsou <tom.tsou@ettus.com> 2016-05-02 17:37:05 -0700
commit: 2c650a6895f573e4455f55f0d1ed136ba8ae4744 (patch)
tree: b0a1317a4cda61ba1d90dab064e1909a1f1057b9 /CommonLibs/SocketsTest.cpp
parent: d4555f267e284d14e9e877f8f82da8bcc2d76d7a (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/CommonLibs/SocketsTest.cpp b/CommonLibs/SocketsTest.cpp
index 9a4997b..1fa8bbd 100644
--- a/CommonLibs/SocketsTest.cpp
+++ b/CommonLibs/SocketsTest.cpp
@@ -42,7 +42,7 @@ void *testReaderIP(void *)
 	int rc = 0;
 	while (rc<gNumToSend) {
 		char buf[MAX_UDP_LENGTH];
-		int count = readSocket.read(buf);
+		int count = readSocket.read(buf, MAX_UDP_LENGTH);
 		if (count>0) {
 			COUT("read: " << buf);
 			rc++;
@@ -62,7 +62,7 @@ void *testReaderUnix(void *)
 	int rc = 0;
 	while (rc<gNumToSend) {
 		char buf[MAX_UDP_LENGTH];
-		int count = readSocket.read(buf);
+		int count = readSocket.read(buf, MAX_UDP_LENGTH);
 		if (count>0) {
 			COUT("read: " << buf);
 			rc++;
author	Tom Tsou <tom.tsou@ettus.com>	2016-04-28 21:55:17 -0700
committer	Tom Tsou <tom.tsou@ettus.com>	2016-05-02 17:37:05 -0700
commit	2c650a6895f573e4455f55f0d1ed136ba8ae4744 (patch)
tree	b0a1317a4cda61ba1d90dab064e1909a1f1057b9 /CommonLibs/SocketsTest.cpp
parent	d4555f267e284d14e9e877f8f82da8bcc2d76d7a (diff)