From owner-svn-src-all@freebsd.org Mon May 16 00:25:26 2016 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AA9E8B3332F; Mon, 16 May 2016 00:25:26 +0000 (UTC) (envelope-from truckman@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6E4141458; Mon, 16 May 2016 00:25:26 +0000 (UTC) (envelope-from truckman@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u4G0PPWt048123; Mon, 16 May 2016 00:25:25 GMT (envelope-from truckman@FreeBSD.org) Received: (from truckman@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u4G0POnA048112; Mon, 16 May 2016 00:25:24 GMT (envelope-from truckman@FreeBSD.org) Message-Id: <201605160025.u4G0POnA048112@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: truckman set sender to truckman@FreeBSD.org using -f From: Don Lewis Date: Mon, 16 May 2016 00:25:24 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r299873 - head/sbin/ifconfig X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 May 2016 00:25:26 -0000 Author: truckman Date: Mon May 16 00:25:24 2016 New Revision: 299873 URL: https://svnweb.freebsd.org/changeset/base/299873 Log: Use strlcpy() instead of strncpy() when copying ifname to ensure that it is NUL terminated. Additional NUL padding is not required for short names. Use sizeof(destination) in a few places instead of IFNAMSIZ. Cast afp->af_ridreq and afp->af_addreq to make the intent of the code more obvious. Reported by: Coverity CID: 1009628, 1009630, 1009631, 1009632, 1009633, 1009635, 1009638 CID: 1009639, 1009640, 1009641, 1009642, 1009643, 1009644, 1009645 CID: 1009646, 1009647, 1010049, 1010050, 1010051, 1010052, 1010053 CID: 1010054, 1011293, 1011294, 1011295, 1011296, 1011297, 1011298 CID: 1011299, 1305821, 1351720, 1351721 MFC after: 1 week Modified: head/sbin/ifconfig/af_inet.c head/sbin/ifconfig/af_inet6.c head/sbin/ifconfig/af_nd6.c head/sbin/ifconfig/ifclone.c head/sbin/ifconfig/ifconfig.c head/sbin/ifconfig/iffib.c head/sbin/ifconfig/ifgre.c head/sbin/ifconfig/ifieee80211.c head/sbin/ifconfig/ifmac.c head/sbin/ifconfig/ifmedia.c Modified: head/sbin/ifconfig/af_inet.c ============================================================================== --- head/sbin/ifconfig/af_inet.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/af_inet.c Mon May 16 00:25:24 2016 (r299873) @@ -151,7 +151,7 @@ in_status_tunnel(int s) const struct sockaddr *sa = (const struct sockaddr *) &ifr.ifr_addr; memset(&ifr, 0, sizeof(ifr)); - strncpy(ifr.ifr_name, name, IFNAMSIZ); + strlcpy(ifr.ifr_name, name, IFNAMSIZ); if (ioctl(s, SIOCGIFPSRCADDR, (caddr_t)&ifr) < 0) return; @@ -176,7 +176,7 @@ in_set_tunnel(int s, struct addrinfo *sr struct in_aliasreq addreq; memset(&addreq, 0, sizeof(addreq)); - strncpy(addreq.ifra_name, name, IFNAMSIZ); + strlcpy(addreq.ifra_name, name, IFNAMSIZ); memcpy(&addreq.ifra_addr, srcres->ai_addr, srcres->ai_addr->sa_len); memcpy(&addreq.ifra_dstaddr, dstres->ai_addr, dstres->ai_addr->sa_len); Modified: head/sbin/ifconfig/af_inet6.c ============================================================================== --- head/sbin/ifconfig/af_inet6.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/af_inet6.c Mon May 16 00:25:24 2016 (r299873) @@ -184,7 +184,7 @@ in6_status(int s __unused, const struct if (sin == NULL) return; - strncpy(ifr6.ifr_name, ifr.ifr_name, sizeof(ifr.ifr_name)); + strlcpy(ifr6.ifr_name, ifr.ifr_name, sizeof(ifr.ifr_name)); if ((s6 = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { warn("socket(AF_INET6,SOCK_DGRAM)"); return; @@ -423,7 +423,7 @@ in6_status_tunnel(int s) const struct sockaddr *sa = (const struct sockaddr *) &in6_ifr.ifr_addr; memset(&in6_ifr, 0, sizeof(in6_ifr)); - strncpy(in6_ifr.ifr_name, name, IFNAMSIZ); + strlcpy(in6_ifr.ifr_name, name, sizeof(in6_ifr.ifr_name)); if (ioctl(s, SIOCGIFPSRCADDR_IN6, (caddr_t)&in6_ifr) < 0) return; @@ -450,7 +450,7 @@ in6_set_tunnel(int s, struct addrinfo *s struct in6_aliasreq in6_addreq; memset(&in6_addreq, 0, sizeof(in6_addreq)); - strncpy(in6_addreq.ifra_name, name, IFNAMSIZ); + strlcpy(in6_addreq.ifra_name, name, sizeof(in6_addreq.ifra_name)); memcpy(&in6_addreq.ifra_addr, srcres->ai_addr, srcres->ai_addr->sa_len); memcpy(&in6_addreq.ifra_dstaddr, dstres->ai_addr, dstres->ai_addr->sa_len); Modified: head/sbin/ifconfig/af_nd6.c ============================================================================== --- head/sbin/ifconfig/af_nd6.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/af_nd6.c Mon May 16 00:25:24 2016 (r299873) @@ -74,7 +74,7 @@ setnd6flags(const char *dummyaddr __unus int error; memset(&nd, 0, sizeof(nd)); - strncpy(nd.ifname, ifr.ifr_name, sizeof(nd.ifname)); + strlcpy(nd.ifname, ifr.ifr_name, sizeof(nd.ifname)); error = ioctl(s, SIOCGIFINFO_IN6, &nd); if (error) { warn("ioctl(SIOCGIFINFO_IN6)"); @@ -99,7 +99,7 @@ setnd6defif(const char *dummyaddr __unus int error; memset(&ndifreq, 0, sizeof(ndifreq)); - strncpy(ndifreq.ifname, ifr.ifr_name, sizeof(ndifreq.ifname)); + strlcpy(ndifreq.ifname, ifr.ifr_name, sizeof(ndifreq.ifname)); if (d < 0) { if (isnd6defif(s)) { @@ -126,7 +126,7 @@ isnd6defif(int s) int error; memset(&ndifreq, 0, sizeof(ndifreq)); - strncpy(ndifreq.ifname, ifr.ifr_name, sizeof(ndifreq.ifname)); + strlcpy(ndifreq.ifname, ifr.ifr_name, sizeof(ndifreq.ifname)); ifindex = if_nametoindex(ndifreq.ifname); error = ioctl(s, SIOCGDEFIFACE_IN6, (caddr_t)&ndifreq); @@ -146,7 +146,7 @@ nd6_status(int s) int isdefif; memset(&nd, 0, sizeof(nd)); - strncpy(nd.ifname, ifr.ifr_name, sizeof(nd.ifname)); + strlcpy(nd.ifname, ifr.ifr_name, sizeof(nd.ifname)); if ((s6 = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { if (errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT) warn("socket(AF_INET6, SOCK_DGRAM)"); Modified: head/sbin/ifconfig/ifclone.c ============================================================================== --- head/sbin/ifconfig/ifclone.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/ifclone.c Mon May 16 00:25:24 2016 (r299873) @@ -162,7 +162,7 @@ DECL_CMD_FUNC(clone_create, arg, d) static DECL_CMD_FUNC(clone_destroy, arg, d) { - (void) strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + (void) strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); if (ioctl(s, SIOCIFDESTROY, &ifr) < 0) err(1, "SIOCIFDESTROY"); } Modified: head/sbin/ifconfig/ifconfig.c ============================================================================== --- head/sbin/ifconfig/ifconfig.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/ifconfig.c Mon May 16 00:25:24 2016 (r299873) @@ -472,7 +472,7 @@ main(int argc, char *argv[]) ifindex = 0; for (ifa = sifap; ifa; ifa = ifa->ifa_next) { memset(&paifr, 0, sizeof(paifr)); - strncpy(paifr.ifr_name, ifa->ifa_name, sizeof(paifr.ifr_name)); + strlcpy(paifr.ifr_name, ifa->ifa_name, sizeof(paifr.ifr_name)); if (sizeof(paifr.ifr_addr) >= ifa->ifa_addr->sa_len) { memcpy(&paifr.ifr_addr, ifa->ifa_addr, ifa->ifa_addr->sa_len); @@ -671,7 +671,7 @@ ifconfig(int argc, char *const *argv, in struct callback *cb; int s; - strncpy(ifr.ifr_name, name, sizeof ifr.ifr_name); + strlcpy(ifr.ifr_name, name, sizeof ifr.ifr_name); afp = NULL; if (uafp != NULL) afp = uafp; @@ -792,7 +792,8 @@ top: } if (clearaddr) { int ret; - strncpy(afp->af_ridreq, name, sizeof ifr.ifr_name); + strlcpy(((struct ifreq *)afp->af_ridreq)->ifr_name, name, + sizeof ifr.ifr_name); ret = ioctl(s, afp->af_difaddr, afp->af_ridreq); if (ret < 0) { if (errno == EADDRNOTAVAIL && (doalias >= 0)) { @@ -809,7 +810,8 @@ top: } } if (newaddr && (setaddr || setmask)) { - strncpy(afp->af_addreq, name, sizeof ifr.ifr_name); + strlcpy(((struct ifreq *)afp->af_addreq)->ifr_name, name, + sizeof ifr.ifr_name); if (ioctl(s, afp->af_aifaddr, afp->af_addreq) < 0) Perror("ioctl (SIOCAIFADDR)"); } @@ -1005,7 +1007,7 @@ static void setifmetric(const char *val, int dummy __unused, int s, const struct afswtch *afp) { - strncpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); ifr.ifr_metric = atoi(val); if (ioctl(s, SIOCSIFMETRIC, (caddr_t)&ifr) < 0) err(1, "ioctl SIOCSIFMETRIC (set metric)"); @@ -1015,7 +1017,7 @@ static void setifmtu(const char *val, int dummy __unused, int s, const struct afswtch *afp) { - strncpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); ifr.ifr_mtu = atoi(val); if (ioctl(s, SIOCSIFMTU, (caddr_t)&ifr) < 0) err(1, "ioctl SIOCSIFMTU (set mtu)"); @@ -1027,7 +1029,7 @@ setifname(const char *val, int dummy __u { char *newname; - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); newname = strdup(val); if (newname == NULL) @@ -1049,7 +1051,7 @@ setifdescr(const char *val, int dummy __ { char *newdescr; - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); ifr.ifr_buffer.length = strlen(val) + 1; if (ifr.ifr_buffer.length == 1) { @@ -1109,7 +1111,7 @@ status(const struct afswtch *afp, const ifr.ifr_addr.sa_family = afp->af_af == AF_LINK ? AF_LOCAL : afp->af_af; } - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); s = socket(ifr.ifr_addr.sa_family, SOCK_DGRAM, 0); if (s < 0) @@ -1191,7 +1193,7 @@ status(const struct afswtch *afp, const else if (afp->af_other_status != NULL) afp->af_other_status(s); - strncpy(ifs.ifs_name, name, sizeof ifs.ifs_name); + strlcpy(ifs.ifs_name, name, sizeof ifs.ifs_name); if (ioctl(s, SIOCGIFSTATUS, &ifs) == 0) printf("%s", ifs.ascii); Modified: head/sbin/ifconfig/iffib.c ============================================================================== --- head/sbin/ifconfig/iffib.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/iffib.c Mon May 16 00:25:24 2016 (r299873) @@ -49,13 +49,13 @@ fib_status(int s) struct ifreq ifr; memset(&ifr, 0, sizeof(ifr)); - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); if (ioctl(s, SIOCGIFFIB, (caddr_t)&ifr) == 0 && ifr.ifr_fib != RT_DEFAULT_FIB) printf("\tfib: %u\n", ifr.ifr_fib); memset(&ifr, 0, sizeof(ifr)); - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); if (ioctl(s, SIOCGTUNFIB, (caddr_t)&ifr) == 0 && ifr.ifr_fib != RT_DEFAULT_FIB) printf("\ttunnelfib: %u\n", ifr.ifr_fib); @@ -74,7 +74,7 @@ setiffib(const char *val, int dummy __un return; } - strncpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); ifr.ifr_fib = fib; if (ioctl(s, SIOCSIFFIB, (caddr_t)&ifr) < 0) warn("ioctl (SIOCSIFFIB)"); @@ -93,7 +93,7 @@ settunfib(const char *val, int dummy __u return; } - strncpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); ifr.ifr_fib = fib; if (ioctl(s, SIOCSTUNFIB, (caddr_t)&ifr) < 0) warn("ioctl (SIOCSTUNFIB)"); Modified: head/sbin/ifconfig/ifgre.c ============================================================================== --- head/sbin/ifconfig/ifgre.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/ifgre.c Mon May 16 00:25:24 2016 (r299873) @@ -68,7 +68,7 @@ setifgrekey(const char *val, int dummy _ { uint32_t grekey = strtol(val, NULL, 0); - strncpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof (ifr.ifr_name)); ifr.ifr_data = (caddr_t)&grekey; if (ioctl(s, GRESKEY, (caddr_t)&ifr) < 0) warn("ioctl (set grekey)"); Modified: head/sbin/ifconfig/ifieee80211.c ============================================================================== --- head/sbin/ifconfig/ifieee80211.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/ifieee80211.c Mon May 16 00:25:24 2016 (r299873) @@ -3366,7 +3366,7 @@ scan_and_wait(int s) return; } (void) memset(&ireq, 0, sizeof(ireq)); - (void) strncpy(ireq.i_name, name, sizeof(ireq.i_name)); + (void) strlcpy(ireq.i_name, name, sizeof(ireq.i_name)); ireq.i_type = IEEE80211_IOC_SCAN_REQ; memset(&sr, 0, sizeof(sr)); @@ -3832,7 +3832,7 @@ get80211wme(int s, int param, int ac, in struct ieee80211req ireq; (void) memset(&ireq, 0, sizeof(ireq)); - (void) strncpy(ireq.i_name, name, sizeof(ireq.i_name)); + (void) strlcpy(ireq.i_name, name, sizeof(ireq.i_name)); ireq.i_type = param; ireq.i_len = ac; if (ioctl(s, SIOCG80211, &ireq) < 0) { @@ -4013,7 +4013,7 @@ list_mac(int s) char c; (void) memset(&ireq, 0, sizeof(ireq)); - (void) strncpy(ireq.i_name, name, sizeof(ireq.i_name)); /* XXX ?? */ + (void) strlcpy(ireq.i_name, name, sizeof(ireq.i_name)); /* XXX ?? */ ireq.i_type = IEEE80211_IOC_MACCMD; ireq.i_val = IEEE80211_MACCMD_POLICY; if (ioctl(s, SIOCG80211, &ireq) < 0) { @@ -4119,7 +4119,7 @@ list_mesh(int s) struct ieee80211req_mesh_route *rt; (void) memset(&ireq, 0, sizeof(ireq)); - (void) strncpy(ireq.i_name, name, sizeof(ireq.i_name)); + (void) strlcpy(ireq.i_name, name, sizeof(ireq.i_name)); ireq.i_type = IEEE80211_IOC_MESH_RTCMD; ireq.i_val = IEEE80211_MESH_RTCMD_LIST; ireq.i_data = &routes; @@ -4201,7 +4201,7 @@ get80211opmode(int s) struct ifmediareq ifmr; (void) memset(&ifmr, 0, sizeof(ifmr)); - (void) strncpy(ifmr.ifm_name, name, sizeof(ifmr.ifm_name)); + (void) strlcpy(ifmr.ifm_name, name, sizeof(ifmr.ifm_name)); if (ioctl(s, SIOCGIFMEDIA, (caddr_t)&ifmr) >= 0) { if (ifmr.ifm_current & IFM_IEEE80211_ADHOC) { @@ -4347,7 +4347,7 @@ getid(int s, int ix, void *data, size_t struct ieee80211req ireq; (void) memset(&ireq, 0, sizeof(ireq)); - (void) strncpy(ireq.i_name, name, sizeof(ireq.i_name)); + (void) strlcpy(ireq.i_name, name, sizeof(ireq.i_name)); ireq.i_type = (!mesh) ? IEEE80211_IOC_SSID : IEEE80211_IOC_MESH_ID; ireq.i_val = ix; ireq.i_data = data; Modified: head/sbin/ifconfig/ifmac.c ============================================================================== --- head/sbin/ifconfig/ifmac.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/ifmac.c Mon May 16 00:25:24 2016 (r299873) @@ -57,7 +57,7 @@ maclabel_status(int s) char *label_text; memset(&ifr, 0, sizeof(ifr)); - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); if (mac_prepare_ifnet_label(&label) == -1) return; @@ -90,7 +90,7 @@ setifmaclabel(const char *val, int d, in } memset(&ifr, 0, sizeof(ifr)); - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); ifr.ifr_ifru.ifru_data = (void *)label; error = ioctl(s, SIOCSIFMAC, &ifr); Modified: head/sbin/ifconfig/ifmedia.c ============================================================================== --- head/sbin/ifconfig/ifmedia.c Sun May 15 23:15:10 2016 (r299872) +++ head/sbin/ifconfig/ifmedia.c Mon May 16 00:25:24 2016 (r299873) @@ -112,7 +112,7 @@ media_status(int s) int xmedia = 1; (void) memset(&ifmr, 0, sizeof(ifmr)); - (void) strncpy(ifmr.ifm_name, name, sizeof(ifmr.ifm_name)); + (void) strlcpy(ifmr.ifm_name, name, sizeof(ifmr.ifm_name)); /* * Check if interface supports extended media types. @@ -213,7 +213,7 @@ ifmedia_getstate(int s) err(1, "malloc"); (void) memset(ifmr, 0, sizeof(struct ifmediareq)); - (void) strncpy(ifmr->ifm_name, name, + (void) strlcpy(ifmr->ifm_name, name, sizeof(ifmr->ifm_name)); ifmr->ifm_count = 0; @@ -287,7 +287,7 @@ setmedia(const char *val, int d, int s, */ subtype = get_media_subtype(IFM_TYPE(ifmr->ifm_ulist[0]), val); - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); ifr.ifr_media = (ifmr->ifm_current & IFM_IMASK) | IFM_TYPE(ifmr->ifm_ulist[0]) | subtype; @@ -319,7 +319,7 @@ domediaopt(const char *val, int clear, i options = get_media_options(IFM_TYPE(ifmr->ifm_ulist[0]), val); - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); ifr.ifr_media = ifmr->ifm_current; if (clear) ifr.ifr_media &= ~options; @@ -346,7 +346,7 @@ setmediainst(const char *val, int d, int if (inst < 0 || inst > (int)IFM_INST_MAX) errx(1, "invalid media instance: %s", val); - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); ifr.ifr_media = (ifmr->ifm_current & ~IFM_IMASK) | inst << IFM_ISHIFT; ifmr->ifm_current = ifr.ifr_media; @@ -363,7 +363,7 @@ setmediamode(const char *val, int d, int mode = get_media_mode(IFM_TYPE(ifmr->ifm_ulist[0]), val); - strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); ifr.ifr_media = (ifmr->ifm_current & ~IFM_MMASK) | mode; ifmr->ifm_current = ifr.ifr_media;