From 089870582fc725e75d54c9901fbb848decc86a09 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Philipp=20T=C3=B6lke?= <toelke@in.tum.de>
Date: Mon, 10 Jan 2011 21:41:35 +0000
Subject: [PATCH] fix two "invalid read"s

---
 src/vpn/gnunet-daemon-vpn.c | 10 ++++++----
 src/vpn/gnunet-daemon-vpn.h |  3 +--
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/vpn/gnunet-daemon-vpn.c b/src/vpn/gnunet-daemon-vpn.c
index 2d6fef76e..00caadfb1 100644
--- a/src/vpn/gnunet-daemon-vpn.c
+++ b/src/vpn/gnunet-daemon-vpn.c
@@ -255,10 +255,11 @@ process_answer(void* cls, const struct GNUNET_SCHEDULER_TaskContext* tc) {
 
 	uint16_t namelen = strlen((char*)pkt->data+12)+1;
 
-	struct map_entry* value = GNUNET_malloc(sizeof(struct GNUNET_vpn_service_descriptor) + 2 + 8 + namelen);
+	struct map_entry* value = GNUNET_malloc(sizeof(struct map_entry) + namelen);
+	char* name = (char*)(value +1);
 
 	value->namelen = namelen;
-	memcpy(value->name, pkt->data+12, namelen);
+	memcpy(name, pkt->data+12, namelen);
 
 	memcpy(&value->desc, &pkt->service_descr, sizeof(struct GNUNET_vpn_service_descriptor));
 
@@ -318,13 +319,14 @@ process_answer(void* cls, const struct GNUNET_SCHEDULER_TaskContext* tc) {
 	  }
 
         unsigned short namelen = htons(map_entry->namelen);
-	char* name = map_entry->name;
+	char* name = (char*)(map_entry + 1);
 
 	list = GNUNET_malloc(2*sizeof(struct answer_packet_list*) + offset + 2 + ntohs(namelen));
 
 	struct answer_packet* rpkt = &list->pkt;
 
-	memcpy(rpkt, pkt, offset);
+	/* The offset points to the first byte belonging to the address */
+	memcpy(rpkt, pkt, offset - 1);
 
 	rpkt->subtype = GNUNET_DNS_ANSWER_TYPE_IP;
 	rpkt->hdr.size = ntohs(offset + 2 + ntohs(namelen));
diff --git a/src/vpn/gnunet-daemon-vpn.h b/src/vpn/gnunet-daemon-vpn.h
index a53c296ef..cec47ae76 100644
--- a/src/vpn/gnunet-daemon-vpn.h
+++ b/src/vpn/gnunet-daemon-vpn.h
@@ -77,9 +77,8 @@ struct map_entry {
     uint16_t namelen;
     uint64_t additional_ports;
     /**
-     * In DNS-Format!
+     * After this struct the name is located in DNS-Format!
      */
-    char name[1];
 };
 
 #endif /* end of include guard: GNUNET-DAEMON-VPN_H */
-- 
2.25.1