From 6f915d4215c06be3c719761423d9b5e8aa3cb820 Mon Sep 17 00:00:00 2001 From: Stéphane Raimbault Date: Wed, 31 Jul 2019 22:49:53 +0200 Subject: [PATCH] Fix my so stupid fix for VD-1301 vulnerability --- src/modbus.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modbus.c b/src/modbus.c index 8c8fc55..68a28a3 100644 --- a/src/modbus.c +++ b/src/modbus.c @@ -874,7 +874,7 @@ int modbus_reply(modbus_t *ctx, const uint8_t *req, int nb_bytes = req[offset + 5]; int mapping_address = address - mb_mapping->start_registers; - if (nb < 1 || MODBUS_MAX_WRITE_REGISTERS < nb || nb_bytes * 8 < nb) { + if (nb < 1 || MODBUS_MAX_WRITE_REGISTERS < nb || nb_bytes != nb * 2) { rsp_length = response_exception( ctx, &sft, MODBUS_EXCEPTION_ILLEGAL_DATA_VALUE, rsp, TRUE, "Illegal number of values %d in write_registers (max %d)\n", -- libgit2 0.21.4