Blame SOURCES/0006-conntrackd-use-strncpy-to-unix-path.patch
|
|
d202f6 |
From 16b593316dcf2fac1d583397f94b727791af8a1c Mon Sep 17 00:00:00 2001
|
|
|
fcec7e |
From: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
fcec7e |
Date: Wed, 20 Mar 2019 08:19:18 +0100
|
|
|
fcec7e |
Subject: [PATCH] conntrackd: use strncpy() to unix path
|
|
|
fcec7e |
|
|
|
fcec7e |
Make sure we don't go over the buffer boundary.
|
|
|
fcec7e |
|
|
|
fcec7e |
Reported-by: Rijnard van Tonder <rvt@cmu.edu>
|
|
|
fcec7e |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
fcec7e |
(cherry picked from commit ce06fb6069065c3d68475356c0728a5fa0a4ab74)
|
|
|
fcec7e |
---
|
|
|
fcec7e |
src/read_config_yy.y | 3 ++-
|
|
|
fcec7e |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
fcec7e |
|
|
|
fcec7e |
diff --git a/src/read_config_yy.y b/src/read_config_yy.y
|
|
|
fcec7e |
index 6de8c6c734389..1d510ed20ec8f 100644
|
|
|
fcec7e |
--- a/src/read_config_yy.y
|
|
|
fcec7e |
+++ b/src/read_config_yy.y
|
|
|
fcec7e |
@@ -25,6 +25,7 @@
|
|
|
fcec7e |
#include <netdb.h>
|
|
|
fcec7e |
#include <errno.h>
|
|
|
fcec7e |
#include <stdarg.h>
|
|
|
fcec7e |
+#include <limits.h>
|
|
|
fcec7e |
#include "conntrackd.h"
|
|
|
fcec7e |
#include "bitops.h"
|
|
|
fcec7e |
#include "cidr.h"
|
|
|
fcec7e |
@@ -650,7 +651,7 @@ unix_options:
|
|
|
fcec7e |
|
|
|
fcec7e |
unix_option : T_PATH T_PATH_VAL
|
|
|
fcec7e |
{
|
|
|
fcec7e |
- strcpy(conf.local.path, $2);
|
|
|
fcec7e |
+ strncpy(conf.local.path, $2, PATH_MAX);
|
|
|
fcec7e |
};
|
|
|
fcec7e |
|
|
|
fcec7e |
unix_option : T_BACKLOG T_NUMBER
|
|
|
fcec7e |
--
|
|
|
fcec7e |
2.34.1
|
|
|
fcec7e |
|