Fixed stack-buffer-overflow reported by AddressSanitizer

mdnsd==1744==ERROR: AddressSanitizer: stack-buffer-overflow on address 0xbe328549 at pc 0xb62b78e9 bp 0xbe327df8 sp 0xbe327e08
READ of size 16 at 0xbe328549 thread T0
 #0 0xb62b78e7  (/usr/lib/libasan.so+0x4c8e7)
 #1 0x4e9b7b in get_ifi_info_linuxv6 /usr/src/debug/mdnsresponder-765.50.9/mDNSPosix/mDNSUNP.c:160
 #2 0x4ea1c3 in get_ifi_info /usr/src/debug/mdnsresponder-765.50.9/mDNSPosix/mDNSUNP.c:231
 #3 0x4e2c5f in SetupInterfaceList /usr/src/debug/mdnsresponder-765.50.9/mDNSPosix/mDNSPosix.c:978
 #4 0x4e5c23 in mDNSPlatformInit /usr/src/debug/mdnsresponder-765.50.9/mDNSPosix/mDNSPosix.c:1349
 #5 0x5c627b in mDNS_Init ../mDNSCore/mDNS.c:14534
 #6 0x4db4eb in main /usr/src/debug/mdnsresponder-765.50.9/mDNSPosix/PosixDaemon.c:179
 #7 0xb610c63b  (/lib/libc.so.6+0x1663b)

Address 0xbe328549 is located in stack of thread T0 at offset 649 in frame
 #0 0x4e93af in get_ifi_info_linuxv6 /usr/src/debug/mdnsresponder-765.50.9/mDNSPosix/mDNSUNP.c:84

In memcpy() function 16 bytes were copied but ifname variable only
contained 9 bytes.

Change-Id: Ib977c9c469e0df88e16aa69a1cb2708b34f9269c
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
(cherry picked from commit 66a4ec013b29e6b00fb8e7a52efc289e99d56340)

diff --git a/mDNSPosix/mDNSUNP.c b/mDNSPosix/mDNSUNP.c
index 17a37c6..624e35c 100755 (executable)
--- a/mDNSPosix/mDNSUNP.c
+++ b/mDNSPosix/mDNSUNP.c
@@ -86,7 +86,11 @@ struct ifi_info *get_ifi_info_linuxv6(int family, int doaliases)
     FILE *fp = NULL;
     char addr[8][5];
     int flags, myflags, index, plen, scope;
+#if defined TIZEN_EXT
+    char ifname[IFNAMSIZ], lastname[IFNAMSIZ];
+#else
     char ifname[9], lastname[IFNAMSIZ];
+#endif
     char addr6[32+7+1]; /* don't forget the seven ':' */
     struct addrinfo hints, *res0;
     int err;