代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/ipmitool 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From 8f0946a81eb22c14823d726afc486139bb2094ca Mon Sep 17 00:00:00 2001
From: Tom Tung <shes050117@gmail.com>
Date: Fri, 12 Aug 2022 16:47:27 +0800
Subject: [PATCH] lanplus: Realloc the msg if the payload_length gets updated
It's possible the payload_length gets updated in
lanplus_encrypt_payload. If it's updated, the memory of msg should be
updated.
Tested: use ipmitool with lanplus with similar STR and there is no
memory stomping issue.
Resolved: ipmitool/ipmitool#351
Signed-off-by: Tom Tung <shes050117@gmail.com>
---
src/plugins/lanplus/lanplus.c | 19 +++++++++++++++++++
src/plugins/lanplus/lanplus.h | 2 ++
2 files changed, 21 insertions(+)
diff --git a/src/plugins/lanplus/lanplus.c b/src/plugins/lanplus/lanplus.c
index ed41380..7a9162c 100644
--- a/src/plugins/lanplus/lanplus.c
+++ b/src/plugins/lanplus/lanplus.c
@@ -1727,6 +1727,7 @@ ipmi_lanplus_build_v2x_msg(
*/
if (session->v2_data.session_state == LANPLUS_STATE_ACTIVE)
{
+ uint16_t old_payload_length = payload->payload_length;
/* Payload len is adjusted as necessary by lanplus_encrypt_payload */
lanplus_encrypt_payload(session->v2_data.crypt_alg, /* input */
session->v2_data.k2, /* input */
@@ -1735,6 +1736,24 @@ ipmi_lanplus_build_v2x_msg(
msg + IPMI_LANPLUS_OFFSET_PAYLOAD, /* output */
&(payload->payload_length)); /* output */
+ if (old_payload_length != payload->payload_length)
+ {
+ len =
+ IPMI_LANPLUS_OFFSET_PAYLOAD +
+ payload->payload_length +
+ IPMI_MAX_INTEGRITY_PAD_SIZE +
+ IPMI_LANPLUS_PAD_LENGTH_SIZE +
+ IPMI_LANPLUS_NEXT_HEADER_SIZE +
+ IPMI_MAX_AUTH_CODE_SIZE;
+
+ uint8_t * new_msg = realloc(msg, len);
+ if (!new_msg) {
+ free(msg);
+ lprintf(LOG_ERR, "ipmitool: realloc failure");
+ return;
+ }
+ msg = new_msg;
+ }
}
/* Now we know the payload length */
diff --git a/src/plugins/lanplus/lanplus.h b/src/plugins/lanplus/lanplus.h
index 3e287ae..94bd56a 100644
--- a/src/plugins/lanplus/lanplus.h
+++ b/src/plugins/lanplus/lanplus.h
@@ -86,6 +86,8 @@
#define IPMI_LANPLUS_OFFSET_PAYLOAD_SIZE 0x0E
#define IPMI_LANPLUS_OFFSET_PAYLOAD 0x10
+#define IPMI_LANPLUS_PAD_LENGTH_SIZE 1
+#define IPMI_LANPLUS_NEXT_HEADER_SIZE 1
#define IPMI_GET_CHANNEL_AUTH_CAP 0x38
--
2.27.0
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。