Project

General

Profile

Bug #269 ยป 0001-Buffer-Overflow-check-against-the-implicit-size-of-s.patch

Pierre-Louis Bonicoli, 2012-01-07 11:45

View differences:

src/connection.c
1113 1113

  
1114 1114
	mylog(LOG_DEBUG, "Trying to accept new client on %d", cn->handle);
1115 1115
	err = accept(cn->handle, &sa, &sa_len);
1116

  
1116 1117
	if (err < 0) {
1117 1118
		mylog(LOG_ERROR, "accept failed: %s", strerror(errno));
1118 1119
		return NULL;
1119 1120
	}
1121

  
1122
	if (err >= FD_SETSIZE) {
1123
		mylog(LOG_WARN, "too many client connected, close %d", err);
1124

  
1125
		if (close(err) == -1)
1126
			mylog(LOG_WARN, "Error on socket close: %s",
1127
					strerror(errno));
1128

  
1129
		return NULL;
1130
	}
1131

  
1120 1132
	socket_set_nonblock(err);
1121 1133

  
1122 1134
	conn = connection_init(cn->anti_flood, cn->ssl, cn->timeout, 0);
src/irc.c
2439 2439

  
2440 2440
	if (conn == bip->listener) {
2441 2441
		struct link_client *n = irc_accept_new(conn);
2442
		assert(n);
2443
		list_add_last(&bip->conn_list, CONN(n));
2444
		list_add_last(&bip->connecting_client_list, n);
2442
		if (n) {
2443
			list_add_last(&bip->conn_list, CONN(n));
2444
			list_add_last(&bip->connecting_client_list, n);
2445
		}
2445 2446
		return;
2446 2447
	}
2447 2448

  
2448
- 
    (1-1/1)