From 7887635f629c5a73be5e2db0a1a8a221e8b16077 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C5=A0abata?= <contyk@redhat.com>
Date: Wed, 17 Jul 2013 15:29:54 +0200
Subject: [PATCH] Avoid overflow segfault with FORTIFY_SOURCE
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Petr Ĺ abata <contyk@redhat.com>
---
ip/xfrm_state.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
index 389942c..160ab32 100644
--- a/ip/xfrm_state.c
+++ b/ip/xfrm_state.c
@@ -157,12 +157,16 @@ static int xfrm_algo_parse(struct xfrm_algo *alg, enum xfrm_attr_type_t type,
buf[j] = val;
}
} else {
+ int i;
len = slen;
if (len > 0) {
if (len > max)
invarg("ALGO-KEYMAT value makes buffer overflow\n", key);
- strncpy(buf, key, len);
+ for (i = 0 ; i < len && key[i] != '\0'; i++)
+ buf[i] = key[i];
+ for ( ; i < len; i++)
+ buf[i] = '\0';
}
}
--
1.8.3.1