Reported in https://bugzilla.redhat.com/show_bug.cgi?id=808107
In the unlikely case that the interface name was IFNAMSIZ bytes long or longer, strncpy wouldn't NULL-terminate the buffer. Copy one byte less to ensure the buffer is NULL-terminated.
From e214c1399ec0ca1186cedb432caa52ed1e68d838 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <[email protected]> Date: Thu, 5 Apr 2012 14:03:46 -0400 Subject: [PATCH] netlink integration: ensure that interface name is NULL-terminated In the unlikely case that the interface name was IFNAMSIZ bytes long or longer, strncpy wouldn't NULL-terminate the buffer. Copy one byte less to ensure the buffer is NULL-terminated. --- src/monitor/monitor_netlink.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/monitor/monitor_netlink.c b/src/monitor/monitor_netlink.c index 8455f6889ecf330fde697680390cf30d37c11b3e..30bc3fe42724ea1a8f6e8c1e7028b55dcc787893 100644 --- a/src/monitor/monitor_netlink.c +++ b/src/monitor/monitor_netlink.c @@ -117,7 +117,7 @@ static bool has_wireless_extension(const char *ifname) return false; } - strncpy(iwr.ifr_ifrn.ifrn_name, ifname, IFNAMSIZ); + strncpy(iwr.ifr_ifrn.ifrn_name, ifname, IFNAMSIZ-1); /* Does the interface support a wireless extension? */ ret = ioctl(s, SIOCGIWNAME, &iwr); close(s); -- 1.7.7.6
_______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
