From 849c972aa16a85c860f67d7e7f1fbe58e45187d2 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>

Date: Wed, 9 Feb 2022 22:15:08 +0400

Subject: [PATCH 2/2] Replace inet_ntoa() with safer inet_ntop()

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

inet_ntoa() returns a static pointer which is subject to safety issues.

Use the recommended alternative.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

---

 src/arp_table.c |  8 ++++++--

 src/ip_icmp.c   | 10 ++++++----

 src/misc.c      | 22 +++++++++++++---------

 src/socket.c    |  5 +++--

 src/udp.c       |  5 +++--

 5 files changed, 31 insertions(+), 19 deletions(-)

diff --git a/src/arp_table.c b/src/arp_table.c

index ba8c8a4eee88..3cf2ecc238bc 100644

--- a/src/arp_table.c

+++ b/src/arp_table.c

@@ -35,9 +35,11 @@ void arp_table_add(Slirp *slirp, uint32_t ip_addr,

     ArpTable *arptbl = &slirp->arp_table;

     int i;

     char ethaddr_str[ETH_ADDRSTRLEN];

+    char addr[INET_ADDRSTRLEN];

     DEBUG_CALL("arp_table_add");

-    DEBUG_ARG("ip = %s", inet_ntoa((struct in_addr){ .s_addr = ip_addr }));

+    DEBUG_ARG("ip = %s", inet_ntop(AF_INET, &(struct in_addr){ .s_addr = ip_addr },

+                                   addr, sizeof(addr)));

     DEBUG_ARG("hw addr = %s", slirp_ether_ntoa(ethaddr, ethaddr_str,

                                                sizeof(ethaddr_str)));

@@ -69,9 +71,11 @@ bool arp_table_search(Slirp *slirp, uint32_t ip_addr,

     ArpTable *arptbl = &slirp->arp_table;

     int i;

     char ethaddr_str[ETH_ADDRSTRLEN];

+    char addr[INET_ADDRSTRLEN];

     DEBUG_CALL("arp_table_search");

-    DEBUG_ARG("ip = %s", inet_ntoa((struct in_addr){ .s_addr = ip_addr }));

+    DEBUG_ARG("ip = %s", inet_ntop(AF_INET, &(struct in_addr){ .s_addr = ip_addr },

+                                   addr, sizeof(addr)));

     /* If broadcast address */

     if (ip_addr == 0 || ip_addr == 0xffffffff || ip_addr == broadcast_addr) {

diff --git a/src/ip_icmp.c b/src/ip_icmp.c

index f4d686b0222d..26e44a3fd49c 100644

--- a/src/ip_icmp.c

+++ b/src/ip_icmp.c

@@ -291,10 +291,12 @@ void icmp_forward_error(struct mbuf *msrc, uint8_t type, uint8_t code, int minsi

         goto end_error;

     ip = mtod(msrc, struct ip *);

     if (slirp_debug & DBG_MISC) {

-        char bufa[20], bufb[20];

-        slirp_pstrcpy(bufa, sizeof(bufa), inet_ntoa(ip->ip_src));

-        slirp_pstrcpy(bufb, sizeof(bufb), inet_ntoa(ip->ip_dst));

-        DEBUG_MISC(" %.16s to %.16s", bufa, bufb);

+        char addr_src[INET_ADDRSTRLEN];

+        char addr_dst[INET_ADDRSTRLEN];

+

+        inet_ntop(AF_INET, &ip->ip_src, addr_src, sizeof(addr_src));

+        inet_ntop(AF_INET, &ip->ip_dst, addr_dst, sizeof(addr_dst));

+        DEBUG_MISC(" %.16s to %.16s", addr_src, addr_dst);

     }

     if (ip->ip_off & IP_OFFMASK)

         goto end_error; /* Only reply to fragment 0 */

diff --git a/src/misc.c b/src/misc.c

index e6bc0a207d0b..1306f68eb539 100644

--- a/src/misc.c

+++ b/src/misc.c

@@ -293,6 +293,7 @@ char *slirp_connection_info(Slirp *slirp)

     uint16_t dst_port;

     struct socket *so;

     const char *state;

+    char addr[INET_ADDRSTRLEN];

     char buf[20];

     g_string_append_printf(str,

@@ -322,10 +323,11 @@ char *slirp_connection_info(Slirp *slirp)

         }

         slirp_fmt0(buf, sizeof(buf), "  TCP[%s]", state);

         g_string_append_printf(str, "%-19s %3d %15s %5d ", buf, so->s,

-                               src.sin_addr.s_addr ? inet_ntoa(src.sin_addr) :

-                                                     "*",

+                               src.sin_addr.s_addr ?

+                               inet_ntop(AF_INET, &src.sin_addr, addr, sizeof(addr)) : "*",

                                ntohs(src.sin_port));

-        g_string_append_printf(str, "%15s %5d %5d %5d\n", inet_ntoa(dst_addr),

+        g_string_append_printf(str, "%15s %5d %5d %5d\n",

+                               inet_ntop(AF_INET, &dst_addr, addr, sizeof(addr)),

                                ntohs(dst_port), so->so_rcv.sb_cc,

                                so->so_snd.sb_cc);

     }

@@ -346,10 +348,11 @@ char *slirp_connection_info(Slirp *slirp)

             dst_port = so->so_fport;

         }

         g_string_append_printf(str, "%-19s %3d %15s %5d ", buf, so->s,

-                               src.sin_addr.s_addr ? inet_ntoa(src.sin_addr) :

-                                                     "*",

+                               src.sin_addr.s_addr ?

+                               inet_ntop(AF_INET, &src.sin_addr, addr, sizeof(addr)) : "*",

                                ntohs(src.sin_port));

-        g_string_append_printf(str, "%15s %5d %5d %5d\n", inet_ntoa(dst_addr),

+        g_string_append_printf(str, "%15s %5d %5d %5d\n",

+                               inet_ntop(AF_INET, &dst_addr, addr, sizeof(addr)),

                                ntohs(dst_port), so->so_rcv.sb_cc,

                                so->so_snd.sb_cc);

     }

@@ -360,9 +363,10 @@ char *slirp_connection_info(Slirp *slirp)

         src.sin_addr = so->so_laddr;

         dst_addr = so->so_faddr;

         g_string_append_printf(str, "%-19s %3d %15s  -    ", buf, so->s,

-                               src.sin_addr.s_addr ? inet_ntoa(src.sin_addr) :

-                                                     "*");

-        g_string_append_printf(str, "%15s  -    %5d %5d\n", inet_ntoa(dst_addr),

+                               src.sin_addr.s_addr ?

+                               inet_ntop(AF_INET, &src.sin_addr, addr, sizeof(addr)) : "*");

+        g_string_append_printf(str, "%15s  -    %5d %5d\n",

+                               inet_ntop(AF_INET, &dst_addr, addr, sizeof(addr)),

                                so->so_rcv.sb_cc, so->so_snd.sb_cc);

     }

diff --git a/src/socket.c b/src/socket.c

index c0b02ad131f3..6607e319ad6c 100644

--- a/src/socket.c

+++ b/src/socket.c

@@ -743,13 +743,14 @@ struct socket *tcp_listen(Slirp *slirp, uint32_t haddr, unsigned hport,

     struct sockaddr_in addr;

     struct socket *so;

     int s, opt = 1;

+    char inet_addr[INET_ADDRSTRLEN];

     socklen_t addrlen = sizeof(addr);

     memset(&addr, 0, addrlen);

     DEBUG_CALL("tcp_listen");

-    DEBUG_ARG("haddr = %s", inet_ntoa((struct in_addr){ .s_addr = haddr }));

+    DEBUG_ARG("haddr = %s", inet_ntop(AF_INET, &(struct in_addr){ .s_addr = haddr }, inet_addr, sizeof(inet_addr)));

     DEBUG_ARG("hport = %d", ntohs(hport));

-    DEBUG_ARG("laddr = %s", inet_ntoa((struct in_addr){ .s_addr = laddr }));

+    DEBUG_ARG("laddr = %s", inet_ntop(AF_INET, &(struct in_addr){ .s_addr = laddr }, inet_addr, sizeof(inet_addr)));

     DEBUG_ARG("lport = %d", ntohs(lport));

     DEBUG_ARG("flags = %x", flags);

diff --git a/src/udp.c b/src/udp.c

index e4578aa94ed5..0547cd6fc5c3 100644

--- a/src/udp.c

+++ b/src/udp.c

@@ -248,14 +248,15 @@ bad:

 int udp_output(struct socket *so, struct mbuf *m, struct sockaddr_in *saddr,

                struct sockaddr_in *daddr, int iptos)

 {

+    char addr[INET_ADDRSTRLEN];

     register struct udpiphdr *ui;

     int error = 0;

     DEBUG_CALL("udp_output");

     DEBUG_ARG("so = %p", so);

     DEBUG_ARG("m = %p", m);

-    DEBUG_ARG("saddr = %s", inet_ntoa(saddr->sin_addr));

-    DEBUG_ARG("daddr = %s", inet_ntoa(daddr->sin_addr));

+    DEBUG_ARG("saddr = %s", inet_ntop(AF_INET, &saddr->sin_addr, addr, sizeof(addr)));

+    DEBUG_ARG("daddr = %s", inet_ntop(AF_INET, &daddr->sin_addr, addr, sizeof(addr)));

     /*

      * Adjust for header

-- 

2.34.1.428.gdcc0cd074f0c