Fix: potential PCB buffer overflow on bsd systems (#941)

2024-11-16 19:56:51 +08:00 · 2020-09-03 10:27:20 +08:00 · 2020-09-03 10:27:20 +08:00 · 02d9169b5d
commit 02d9169b5d
parent 7631bcc99e
2 changed files with 5 additions and 5 deletions
--- a/rules/process_darwin.go
+++ b/rules/process_darwin.go
@ -127,8 +127,8 @@ func getExecPathFromAddress(metadata *C.Metadata) (string, error) {
 		// rup8(sizeof(xtcpcb_n))
 		itemSize += 208
 	}
-	// skip the first and last xinpgen(24 bytes) block
+	// skip the first xinpgen(24 bytes) block
-	for i := 24; i < len(buf)-24; i += itemSize {
+	for i := 24; i+itemSize <= len(buf); i += itemSize {
 		// offset of xinpcb_n and xsocket_n
 		inp, so := i, i+104
--- a/rules/process_freebsd_amd64.go
+++ b/rules/process_freebsd_amd64.go
@ -95,7 +95,7 @@ func searchSocketPid(socket uint64) (uint32, error) {
 	// struct xfile
 	itemSize := 128
-	for i := 0; i < len(buf); i += itemSize {
+	for i := 0; i+itemSize <= len(buf); i += itemSize {
 		// xfile.xf_data
 		data := binary.BigEndian.Uint64(buf[i+56 : i+64])
 		if data == socket {
@ -141,8 +141,8 @@ func getExecPathFromAddress(metadata *C.Metadata) (string, error) {
 	buf := []byte(value)
-	// skip the first and last xinpgen(64 bytes) block
+	// skip the first xinpgen(64 bytes) block
-	for i := 64; i < len(buf)-64; i += itemSize {
+	for i := 64; i+itemSize <= len(buf); i += itemSize {
 		inp := i + inpOffset
 		srcPort := binary.BigEndian.Uint16(buf[inp+254 : inp+256])