| Message ID | 20191206114711.6015-6-phil@nwl.cc |
|---|---|
| State | Accepted |
| Delegated to: | Pablo Neira |
| Headers | show |
| Series | A series of covscan-indicated fixes | expand |
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c index a42c60a3b64c6..77a186b905d73 100644 --- a/iptables/xtables-translate.c +++ b/iptables/xtables-translate.c @@ -32,14 +32,13 @@ void xlate_ifname(struct xt_xlate *xl, const char *nftmeta, const char *ifname, bool invert) { + int ifaclen = strlen(ifname); char iface[IFNAMSIZ]; - int ifaclen; - if (ifname[0] == '\0') + if (ifaclen < 1 || ifaclen >= IFNAMSIZ) return; strcpy(iface, ifname); - ifaclen = strlen(iface); if (iface[ifaclen - 1] == '+') iface[ifaclen - 1] = '*';
The function potentially fed overlong strings to strcpy(). Given that everything needed to avoid this is there, reorder code a bit to prevent those inputs, too. Fixes: 0ddd663e9c167 ("iptables-translate: add in/out ifname wildcard match translation to nft") Signed-off-by: Phil Sutter <phil@nwl.cc> --- iptables/xtables-translate.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-)