Blame SOURCES/0006-conntrackd-use-strncpy-to-unix-path.patch

d202f6
From 16b593316dcf2fac1d583397f94b727791af8a1c Mon Sep 17 00:00:00 2001
fcec7e
From: Pablo Neira Ayuso <pablo@netfilter.org>
fcec7e
Date: Wed, 20 Mar 2019 08:19:18 +0100
fcec7e
Subject: [PATCH] conntrackd: use strncpy() to unix path
fcec7e
fcec7e
Make sure we don't go over the buffer boundary.
fcec7e
fcec7e
Reported-by: Rijnard van Tonder <rvt@cmu.edu>
fcec7e
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
fcec7e
(cherry picked from commit ce06fb6069065c3d68475356c0728a5fa0a4ab74)
fcec7e
---
fcec7e
 src/read_config_yy.y | 3 ++-
fcec7e
 1 file changed, 2 insertions(+), 1 deletion(-)
fcec7e
fcec7e
diff --git a/src/read_config_yy.y b/src/read_config_yy.y
fcec7e
index 6de8c6c734389..1d510ed20ec8f 100644
fcec7e
--- a/src/read_config_yy.y
fcec7e
+++ b/src/read_config_yy.y
fcec7e
@@ -25,6 +25,7 @@
fcec7e
 #include <netdb.h>
fcec7e
 #include <errno.h>
fcec7e
 #include <stdarg.h>
fcec7e
+#include <limits.h>
fcec7e
 #include "conntrackd.h"
fcec7e
 #include "bitops.h"
fcec7e
 #include "cidr.h"
fcec7e
@@ -650,7 +651,7 @@ unix_options:
fcec7e
 
fcec7e
 unix_option : T_PATH T_PATH_VAL
fcec7e
 {
fcec7e
-	strcpy(conf.local.path, $2);
fcec7e
+	strncpy(conf.local.path, $2, PATH_MAX);
fcec7e
 };
fcec7e
 
fcec7e
 unix_option : T_BACKLOG T_NUMBER
fcec7e
-- 
fcec7e
2.34.1
fcec7e