Fixes a possible unsafe memcpy in uip_udp_packet_send

If the buffers overlap, memcpy must not be used as it might have arbitrary
results. memmove() on the other hand is safe to use.
This commit is contained in:
Valentin Sawadski 2015-10-08 17:18:26 +02:00
parent 46c2f78614
commit 44b3cd4e09

View File

@ -54,9 +54,9 @@ uip_udp_packet_send(struct uip_udp_conn *c, const void *data, int len)
if(data != NULL) {
uip_udp_conn = c;
uip_slen = len;
memcpy(&uip_buf[UIP_LLH_LEN + UIP_IPUDPH_LEN], data,
len > UIP_BUFSIZE - UIP_LLH_LEN - UIP_IPUDPH_LEN?
UIP_BUFSIZE - UIP_LLH_LEN - UIP_IPUDPH_LEN: len);
memmove(&uip_buf[UIP_LLH_LEN + UIP_IPUDPH_LEN], data,
len > UIP_BUFSIZE - UIP_LLH_LEN - UIP_IPUDPH_LEN?
UIP_BUFSIZE - UIP_LLH_LEN - UIP_IPUDPH_LEN: len);
uip_process(UIP_UDP_SEND_CONN);
#if UIP_CONF_IPV6_MULTICAST