From owner-svn-src-head@freebsd.org Sat Dec 31 11:50:37 2016 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AF717C9941A; Sat, 31 Dec 2016 11:50:37 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 89C861252; Sat, 31 Dec 2016 11:50:37 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id uBVBoaTx058858; Sat, 31 Dec 2016 11:50:36 GMT (envelope-from ngie@FreeBSD.org) Received: (from ngie@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id uBVBoaCj058856; Sat, 31 Dec 2016 11:50:36 GMT (envelope-from ngie@FreeBSD.org) Message-Id: <201612311150.uBVBoaCj058856@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ngie set sender to ngie@FreeBSD.org using -f From: Ngie Cooper Date: Sat, 31 Dec 2016 11:50:36 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r310950 - head/contrib/bsnmp/snmp_mibII X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Dec 2016 11:50:37 -0000 Author: ngie Date: Sat Dec 31 11:50:36 2016 New Revision: 310950 URL: https://svnweb.freebsd.org/changeset/base/310950 Log: MIB-II: use strlcpy when copying interface names to .ifr_name .ifra_name is assumed to be NUL terminated; using strlcpy(3) ensures that it's indeed NUL terminated whereas strncpy does not. Tested and verified as follows with a combination of ifconfig, snmpget, and snmpset: % ifconfig create lo1 127.0.0.2/8 % SNMPARGS="-v 3 -n '' -u bsnmp -A bsnmptest -l authPriv -a sha -x des -X bsnmptest localhost" % snmpget $SNMPARGS IF-MIB::ifAdminStatus.4 IF-MIB::ifAdminStatus.4 = INTEGER: up(1) % snmpset $SNMPARGS IF-MIB::ifAdminStatus.4 i 2 IF-MIB::ifAdminStatus.4 = INTEGER: down(2) % snmpget $SNMPARGS IF-MIB::ifAdminStatus.4 IF-MIB::ifAdminStatus.4 = INTEGER: down(2) % snmpset $SNMPARGS IF-MIB::ifAdminStatus.4 i 1 IF-MIB::ifAdminStatus.4 = INTEGER: up(1) % snmpget $SNMPARGS IF-MIB::ifAdminStatus.4 IF-MIB::ifAdminStatus.4 = INTEGER: up(1) MFC after: 2 weeks Reported by: Coverity CID: 1009652-1009656, 1349850 Modified: head/contrib/bsnmp/snmp_mibII/mibII.c head/contrib/bsnmp/snmp_mibII/mibII_interfaces.c Modified: head/contrib/bsnmp/snmp_mibII/mibII.c ============================================================================== --- head/contrib/bsnmp/snmp_mibII/mibII.c Sat Dec 31 11:42:57 2016 (r310949) +++ head/contrib/bsnmp/snmp_mibII/mibII.c Sat Dec 31 11:50:36 2016 (r310950) @@ -265,7 +265,7 @@ mib_if_admin(struct mibif *ifp, int up) { struct ifreq ifr; - strncpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); if (ioctl(mib_netsock, SIOCGIFFLAGS, &ifr) == -1) { syslog(LOG_ERR, "SIOCGIFFLAGS(%s): %m", ifp->name); return (-1); @@ -515,7 +515,7 @@ mib_fetch_ifmib(struct mibif *ifp) } out: - strncpy(irr.ifr_name, ifp->name, sizeof(irr.ifr_name)); + strlcpy(irr.ifr_name, ifp->name, sizeof(irr.ifr_name)); irr.ifr_buffer.buffer = MIBIF_PRIV(ifp)->alias; irr.ifr_buffer.length = sizeof(MIBIF_PRIV(ifp)->alias); if (ioctl(mib_netsock, SIOCGIFDESCR, &irr) == -1) { @@ -1384,7 +1384,7 @@ siocaifaddr(char *ifname, struct in_addr struct sockaddr_in *sa; memset(&addreq, 0, sizeof(addreq)); - strncpy(addreq.ifra_name, ifname, sizeof(addreq.ifra_name)); + strlcpy(addreq.ifra_name, ifname, sizeof(addreq.ifra_name)); sa = (struct sockaddr_in *)(void *)&addreq.ifra_addr; sa->sin_family = AF_INET; @@ -1414,7 +1414,7 @@ siocdifaddr(const char *ifname, struct i struct sockaddr_in *sa; memset(&delreq, 0, sizeof(delreq)); - strncpy(delreq.ifr_name, ifname, sizeof(delreq.ifr_name)); + strlcpy(delreq.ifr_name, ifname, sizeof(delreq.ifr_name)); sa = (struct sockaddr_in *)(void *)&delreq.ifr_addr; sa->sin_family = AF_INET; sa->sin_len = sizeof(*sa); @@ -1433,7 +1433,7 @@ verify_ifa(const char *name, struct mibi struct sockaddr_in *sa; memset(&req, 0, sizeof(req)); - strncpy(req.ifr_name, name, sizeof(req.ifr_name)); + strlcpy(req.ifr_name, name, sizeof(req.ifr_name)); sa = (struct sockaddr_in *)(void *)&req.ifr_addr; sa->sin_family = AF_INET; sa->sin_len = sizeof(*sa); Modified: head/contrib/bsnmp/snmp_mibII/mibII_interfaces.c ============================================================================== --- head/contrib/bsnmp/snmp_mibII/mibII_interfaces.c Sat Dec 31 11:42:57 2016 (r310949) +++ head/contrib/bsnmp/snmp_mibII/mibII_interfaces.c Sat Dec 31 11:50:36 2016 (r310950) @@ -77,7 +77,7 @@ ifchange_func(struct snmp_context *ctx _ switch (op) { case SNMP_DEPOP_COMMIT: - strncpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); if (ioctl(mib_netsock, SIOCGIFFLAGS, &ifr) == -1) { syslog(LOG_ERR, "GIFFLAGS(%s): %m", ifp->name); return (SNMP_ERR_GENERR); @@ -95,7 +95,7 @@ ifchange_func(struct snmp_context *ctx _ ifc->rb |= IFRB_FLAGS; } if (ifc->rb & IFRB_FLAGS) { - strncpy(ifr1.ifr_name, ifp->name, sizeof(ifr1.ifr_name)); + strlcpy(ifr1.ifr_name, ifp->name, sizeof(ifr1.ifr_name)); if (ioctl(mib_netsock, SIOCGIFFLAGS, &ifr1) == -1) { syslog(LOG_ERR, "GIFFLAGS(%s): %m", ifp->name); return (SNMP_ERR_GENERR); @@ -116,7 +116,7 @@ ifchange_func(struct snmp_context *ctx _ case SNMP_DEPOP_ROLLBACK: if (ifc->rb & IFRB_FLAGS) { - strncpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); ifr.ifr_flags = ifc->rb_flags; if (ioctl(mib_netsock, SIOCSIFFLAGS, &ifr) == -1) { syslog(LOG_ERR, "SIFFLAGS(%s): %m", ifp->name);