[PATCH 05/10] net: icmp: don't overrun buffer on send
Ahmad Fatoum
a.fatoum at pengutronix.de
Thu Apr 4 11:39:56 PDT 2024
len is the size of the ICMP echo request and the ICMP echo response will
have the exact same size, but the code erroneously, copied ETHER_HDR_SIZE
bytes worth of extra data beyond the buffer and sent that out.
Fix this by using the correct length.
Signed-off-by: Ahmad Fatoum <a.fatoum at pengutronix.de>
---
net/net.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/net.c b/net/net.c
index 754a764d2a49..a9d130635417 100644
--- a/net/net.c
+++ b/net/net.c
@@ -715,9 +715,9 @@ static int ping_reply(struct eth_device *edev, unsigned char *pkt, int len)
if (!packet)
return 0;
- memcpy(packet, pkt, ETHER_HDR_SIZE + len);
+ memcpy(packet, pkt, len);
- ret = eth_send(edev, packet, ETHER_HDR_SIZE + len);
+ ret = eth_send(edev, packet, len);
net_free_packet(packet);
--
2.39.2
More information about the barebox
mailing list