From a7a96131bd2ea342f6def0e46be514baf8037ae8 Mon Sep 17 00:00:00 2001
From: Lee Duncan <lduncan@suse.com>
Date: Fri, 15 Dec 2017 11:18:35 -0800
Subject: [PATCH] Skip useless strcopy, and validate CIDR length
Remove a useless strcpy() that copies a string onto itself,
and ensure the CIDR length "keepbits" is not negative.
Found by Qualsys.
---
iscsiuio/src/unix/iscsid_ipc.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
index 8478f9a411a3..4e3d065667c9 100644
--- a/iscsiuio/src/unix/iscsid_ipc.c
+++ b/iscsiuio/src/unix/iscsid_ipc.c
@@ -143,7 +143,7 @@ static int decode_cidr(char *in_ipaddr_str, struct iface_rec_decode *ird)
char *tmp, *tok;
char ipaddr_str[NI_MAXHOST];
char str[INET6_ADDRSTRLEN];
- int keepbits = 0;
+ unsigned long keepbits = 0;
struct in_addr ia;
struct in6_addr ia6;
@@ -156,8 +156,7 @@ static int decode_cidr(char *in_ipaddr_str, struct iface_rec_decode *ird)
tmp = ipaddr_str;
tok = strsep(&tmp, "/");
LOG_INFO(PFX "in cidr: bitmask '%s' ip '%s'", tmp, tok);
- keepbits = atoi(tmp);
- strcpy(ipaddr_str, tok);
+ keepbits = strtoull(tmp, NULL, 10);
}
/* Determine if the IP address passed from the iface file is
--
2.17.2