Date: Tue, 12 Nov 2024 03:28:14 GMT From: Cy Schubert <cy@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 42935716286e - main - ipfilter: Avoid overrunning the message buffer Message-ID: <202411120328.4AC3SEb2077899@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=42935716286e7887bfeb9dd8daea72d6a5d40908 commit 42935716286e7887bfeb9dd8daea72d6a5d40908 Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2024-11-07 01:22:57 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2024-11-12 03:14:31 +0000 ipfilter: Avoid overrunning the message buffer Avoid overrunning the message buffer when printing an ippool btree error. We do this in two ways. First we increase the message buffer from 80 to 255 bytes and secondly we replace strcat(3) with strlcat(3). MFC after: 1 week --- sbin/ipf/libipf/load_poolnode.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sbin/ipf/libipf/load_poolnode.c b/sbin/ipf/libipf/load_poolnode.c index 5c9fd838bfa0..8d65f019da43 100644 --- a/sbin/ipf/libipf/load_poolnode.c +++ b/sbin/ipf/libipf/load_poolnode.c @@ -52,11 +52,11 @@ load_poolnode(int role, char *name, ip_pool_node_t *node, int ttl, if (err != 0) { if ((opts & OPT_DONOTHING) == 0) { - char msg[80]; + char msg[255]; snprintf(msg, sizeof(msg), "%s pool node(%s/", what, inet_ntoa(pn.ipn_addr.adf_addr.in4)); - strcat(msg, inet_ntoa(pn.ipn_mask.adf_addr.in4)); + strlcat(msg, inet_ntoa(pn.ipn_mask.adf_addr.in4), sizeof(msg)); return (ipf_perror_fd(pool_fd(), iocfunc, msg)); } }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202411120328.4AC3SEb2077899>