TT#142600 Fix buffer overflow on memcpy

We are copying an IPv4 address which is 32-bit, while a MAC address is 6 byte long. Use the proper size in memcpy to avoid an buffer overflow and an out of bounds variable read. Change-Id: Iebcee588a5d5a37af6a7ad5caa27edd85804bfc9 Warned-by: gcc
4 years ago · f09fbc237e
parent a137c6a853
commit f09fbc237e
1 changed files with 1 additions and 1 deletions
--- a/functions.c
+++ b/functions.c
@ -643,7 +643,7 @@ int build_packet(int pkt_type)
 		u_int32_t ip_addr_tmp;
 		ip_addr_tmp = htonl(ip_address);
 		memcpy(arph->sender_mac, dhmac, ETHER_ADDR_LEN);
-		memcpy(arph->sender_ip, (u_char *)&ip_addr_tmp, ETHER_ADDR_LEN);
+		memcpy(arph->sender_ip, (u_char *)&ip_addr_tmp, IP_ADDR_LEN);
 		memcpy(arph->target_mac, arp_hg->sender_mac, ETHER_ADDR_LEN);
 		memcpy(arph->target_ip, arp_hg->sender_ip, IP_ADDR_LEN);
 	} else if(ICMP_SEND) {