|
 |
fb0f9b |
From a38091c8eb0c515441080806975856ee09d2edc7 Mon Sep 17 00:00:00 2001
|
|
|
fb0f9b |
From: Jan Macku <jamacku@redhat.com>
|
|
|
fb0f9b |
Date: Tue, 23 Mar 2021 08:10:10 +0100
|
|
|
fb0f9b |
Subject: [PATCH] ifenslave: fix CWE-170: Improper Null Termination
|
|
|
fb0f9b |
|
|
|
fb0f9b |
---
|
|
|
fb0f9b |
ifenslave.c | 24 ++++++++++++++++--------
|
|
|
fb0f9b |
1 file changed, 16 insertions(+), 8 deletions(-)
|
|
|
fb0f9b |
|
|
|
fb0f9b |
diff --git a/ifenslave.c b/ifenslave.c
|
|
|
fb0f9b |
index ddd82ec..1efe4f1 100644
|
|
|
fb0f9b |
--- a/ifenslave.c
|
|
|
fb0f9b |
+++ b/ifenslave.c
|
|
|
fb0f9b |
@@ -509,21 +509,24 @@ static int if_getconfig(char *ifname)
|
|
|
fb0f9b |
struct sockaddr dstaddr, broadaddr, netmask;
|
|
|
fb0f9b |
unsigned char *hwaddr;
|
|
|
fb0f9b |
|
|
|
fb0f9b |
- strcpy(ifr.ifr_name, ifname);
|
|
|
fb0f9b |
+ memset(&ifr, 0, sizeof(ifr));
|
|
|
fb0f9b |
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
|
|
fb0f9b |
if (ioctl(skfd, SIOCGIFFLAGS, &ifr) < 0)
|
|
|
fb0f9b |
return -1;
|
|
|
fb0f9b |
mif_flags = ifr.ifr_flags;
|
|
|
fb0f9b |
printf("The result of SIOCGIFFLAGS on %s is %x.\n",
|
|
|
fb0f9b |
ifname, ifr.ifr_flags);
|
|
|
fb0f9b |
|
|
|
fb0f9b |
- strcpy(ifr.ifr_name, ifname);
|
|
|
fb0f9b |
+ memset(&ifr, 0, sizeof(ifr));
|
|
|
fb0f9b |
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
|
|
fb0f9b |
if (ioctl(skfd, SIOCGIFADDR, &ifr) < 0)
|
|
|
fb0f9b |
return -1;
|
|
|
fb0f9b |
printf("The result of SIOCGIFADDR is %2.2x.%2.2x.%2.2x.%2.2x.\n",
|
|
|
fb0f9b |
ifr.ifr_addr.sa_data[2], ifr.ifr_addr.sa_data[3],
|
|
|
fb0f9b |
ifr.ifr_addr.sa_data[4], ifr.ifr_addr.sa_data[5]);
|
|
|
fb0f9b |
|
|
|
fb0f9b |
- strcpy(ifr.ifr_name, ifname);
|
|
|
fb0f9b |
+ memset(&ifr, 0, sizeof(ifr));
|
|
|
fb0f9b |
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
|
|
fb0f9b |
if (ioctl(skfd, SIOCGIFHWADDR, &ifr) < 0)
|
|
|
fb0f9b |
return -1;
|
|
|
fb0f9b |
|
|
|
fb0f9b |
@@ -534,33 +537,38 @@ static int if_getconfig(char *ifname)
|
|
|
fb0f9b |
ifr.ifr_hwaddr.sa_family, hwaddr[0], hwaddr[1],
|
|
|
fb0f9b |
hwaddr[2], hwaddr[3], hwaddr[4], hwaddr[5]);
|
|
|
fb0f9b |
|
|
|
fb0f9b |
- strcpy(ifr.ifr_name, ifname);
|
|
|
fb0f9b |
+ memset(&ifr, 0, sizeof(ifr));
|
|
|
fb0f9b |
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
|
|
fb0f9b |
if (ioctl(skfd, SIOCGIFMETRIC, &ifr) < 0) {
|
|
|
fb0f9b |
metric = 0;
|
|
|
fb0f9b |
} else
|
|
|
fb0f9b |
metric = ifr.ifr_metric;
|
|
|
fb0f9b |
printf("The result of SIOCGIFMETRIC is %d\n", metric);
|
|
|
fb0f9b |
|
|
|
fb0f9b |
- strcpy(ifr.ifr_name, ifname);
|
|
|
fb0f9b |
+ memset(&ifr, 0, sizeof(ifr));
|
|
|
fb0f9b |
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
|
|
fb0f9b |
if (ioctl(skfd, SIOCGIFMTU, &ifr) < 0)
|
|
|
fb0f9b |
mtu = 0;
|
|
|
fb0f9b |
else
|
|
|
fb0f9b |
mtu = ifr.ifr_mtu;
|
|
|
fb0f9b |
printf("The result of SIOCGIFMTU is %d\n", mtu);
|
|
|
fb0f9b |
|
|
|
fb0f9b |
- strcpy(ifr.ifr_name, ifname);
|
|
|
fb0f9b |
+ memset(&ifr, 0, sizeof(ifr));
|
|
|
fb0f9b |
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
|
|
fb0f9b |
if (ioctl(skfd, SIOCGIFDSTADDR, &ifr) < 0) {
|
|
|
fb0f9b |
memset(&dstaddr, 0, sizeof(struct sockaddr));
|
|
|
fb0f9b |
} else
|
|
|
fb0f9b |
dstaddr = ifr.ifr_dstaddr;
|
|
|
fb0f9b |
|
|
|
fb0f9b |
- strcpy(ifr.ifr_name, ifname);
|
|
|
fb0f9b |
+ memset(&ifr, 0, sizeof(ifr));
|
|
|
fb0f9b |
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
|
|
fb0f9b |
if (ioctl(skfd, SIOCGIFBRDADDR, &ifr) < 0) {
|
|
|
fb0f9b |
memset(&broadaddr, 0, sizeof(struct sockaddr));
|
|
|
fb0f9b |
} else
|
|
|
fb0f9b |
broadaddr = ifr.ifr_broadaddr;
|
|
|
fb0f9b |
|
|
|
fb0f9b |
- strcpy(ifr.ifr_name, ifname);
|
|
|
fb0f9b |
+ memset(&ifr, 0, sizeof(ifr));
|
|
|
fb0f9b |
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
|
|
|
fb0f9b |
if (ioctl(skfd, SIOCGIFNETMASK, &ifr) < 0) {
|
|
|
fb0f9b |
memset(&netmask, 0, sizeof(struct sockaddr));
|
|
|
fb0f9b |
} else
|
|
|
fb0f9b |
--
|
|
|
fb0f9b |
2.29.2
|
|
|
fb0f9b |
|