On Thu, Apr 05, 2012 at 11:15:18AM -0700, Stephen Gallagher wrote: > On Thu, 2012-04-05 at 14:07 -0400, Jakub Hrozek wrote: > > Reported in https://bugzilla.redhat.com/show_bug.cgi?id=808107 > > > > In the unlikely case that the interface name was IFNAMSIZ bytes long or > > longer, strncpy wouldn't NULL-terminate the buffer. Copy one byte less > > to ensure the buffer is NULL-terminated. > > Nack, this is incomplete. You need to do: > > strncpy(iwr.ifr_ifrn.ifrn_name, ifname, IFNAMSIZ-1); > iwr.ifr_ifrn.ifrn_name[IFNAMSIZ-1] = '\0';
Thank you, a new patch is attached.
From e87d4024f2f053d67f60d03a3c2bff2772870521 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <[email protected]> Date: Thu, 5 Apr 2012 14:03:46 -0400 Subject: [PATCH] netlink integration: ensure that interface name is NULL-terminated In the unlikely case that the interface name was IFNAMSIZ bytes long or longer, strncpy wouldn't NULL-terminate the buffer. Copy one byte less to ensure the buffer is NULL-terminated. --- src/monitor/monitor_netlink.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/monitor/monitor_netlink.c b/src/monitor/monitor_netlink.c index 8455f6889ecf330fde697680390cf30d37c11b3e..2fe380ac9a9ee0096e753550bdad2d200c6c73af 100644 --- a/src/monitor/monitor_netlink.c +++ b/src/monitor/monitor_netlink.c @@ -117,7 +117,8 @@ static bool has_wireless_extension(const char *ifname) return false; } - strncpy(iwr.ifr_ifrn.ifrn_name, ifname, IFNAMSIZ); + strncpy(iwr.ifr_ifrn.ifrn_name, ifname, IFNAMSIZ-1); + iwr.ifr_ifrn.ifrn_name[IFNAMSIZ-1] = '\0'; /* Does the interface support a wireless extension? */ ret = ioctl(s, SIOCGIWNAME, &iwr); close(s); -- 1.7.7.6
_______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
