[iptables,4/6] libxtables: Avoid buffer overrun in xtables_compatible_revision()
diff mbox series

Message ID 20191206114711.6015-5-phil@nwl.cc
State Accepted
Delegated to: Pablo Neira
Headers show
Series
  • A series of covscan-indicated fixes
Related show

Commit Message

Phil Sutter Dec. 6, 2019, 11:47 a.m. UTC
The function is exported and accepts arbitrary strings as input. Calling
strcpy() without length checks is not OK.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 libxtables/xtables.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Patch
diff mbox series

diff --git a/libxtables/xtables.c b/libxtables/xtables.c
index 895f6988eaf57..777c2b08e9896 100644
--- a/libxtables/xtables.c
+++ b/libxtables/xtables.c
@@ -856,7 +856,8 @@  int xtables_compatible_revision(const char *name, uint8_t revision, int opt)
 
 	xtables_load_ko(xtables_modprobe_program, true);
 
-	strcpy(rev.name, name);
+	strncpy(rev.name, name, XT_EXTENSION_MAXNAMELEN - 1);
+	rev.name[XT_EXTENSION_MAXNAMELEN - 1] = '\0';
 	rev.revision = revision;
 
 	max_rev = getsockopt(sockfd, afinfo->ipproto, opt, &rev, &s);