From 850a5faa0d00a84c2cf31906c55d16a0adf5e79c Mon Sep 17 00:00:00 2001 From: stffabi Date: Wed, 4 Sep 2019 14:32:19 +0200 Subject: [PATCH] Fix buffer overflow during NETBIOS name resolution If SecureNAT is enabled and the hostname of the server is longer than 16characters, every NETBIOS name resolution query triggers the buffer overflow. If the server was built with stack protection, the process will be killed. --- src/Cedar/Virtual.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Cedar/Virtual.c b/src/Cedar/Virtual.c index 1fc2c9c6..512449b6 100644 --- a/src/Cedar/Virtual.c +++ b/src/Cedar/Virtual.c @@ -6118,7 +6118,7 @@ void EncodeNetBiosName(UCHAR *dst, char *src) copy_len = 16; } - Copy(tmp, src, StrLen(src)); + Copy(tmp, src, copy_len); wp = 0;