|
 |
621646 |
From d3641eaed9ad19b74f3bababb3db53af0004488b Mon Sep 17 00:00:00 2001
|
|
|
621646 |
From: Phil Sutter <phil@nwl.cc>
|
|
|
621646 |
Date: Thu, 5 Dec 2019 13:57:18 +0100
|
|
|
621646 |
Subject: [PATCH] libxtables: Avoid buffer overrun in
|
|
|
621646 |
xtables_compatible_revision()
|
|
|
621646 |
|
|
|
621646 |
The function is exported and accepts arbitrary strings as input. Calling
|
|
|
621646 |
strcpy() without length checks is not OK.
|
|
|
621646 |
|
|
|
621646 |
(cherry picked from commit f7d3dbb82e7ed94ccbf10cf70a3c7b3f3aaef1a1)
|
|
|
621646 |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
621646 |
---
|
|
|
621646 |
libxtables/xtables.c | 3 ++-
|
|
|
621646 |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
621646 |
|
|
|
621646 |
diff --git a/libxtables/xtables.c b/libxtables/xtables.c
|
|
|
621646 |
index 895f6988eaf57..777c2b08e9896 100644
|
|
|
621646 |
--- a/libxtables/xtables.c
|
|
|
621646 |
+++ b/libxtables/xtables.c
|
|
|
621646 |
@@ -856,7 +856,8 @@ int xtables_compatible_revision(const char *name, uint8_t revision, int opt)
|
|
|
621646 |
|
|
|
621646 |
xtables_load_ko(xtables_modprobe_program, true);
|
|
|
621646 |
|
|
|
621646 |
- strcpy(rev.name, name);
|
|
|
621646 |
+ strncpy(rev.name, name, XT_EXTENSION_MAXNAMELEN - 1);
|
|
|
621646 |
+ rev.name[XT_EXTENSION_MAXNAMELEN - 1] = '\0';
|
|
|
621646 |
rev.revision = revision;
|
|
|
621646 |
|
|
|
621646 |
max_rev = getsockopt(sockfd, afinfo->ipproto, opt, &rev, &s);
|
|
|
621646 |
--
|
|
|
621646 |
2.24.0
|
|
|
621646 |
|