diff options
author | Phil Sutter <phil@nwl.cc> | 2022-06-08 13:45:13 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2022-06-11 11:47:03 +0200 |
commit | da5b32fb4656ab69fe1156eb7e36c7c961839e8a (patch) | |
tree | 5e966d3024ab173b69f88432200f1b13c2285aaa | |
parent | 1bfb1d916e467e2bcbc44ce1a50a2be5c12b7ef8 (diff) |
extensions: string: Review parse_string() function
* Compare against sizeof(info->pattern) which is more clear than having
to know that this buffer is of size XT_STRING_MAX_PATTERN_SIZE
* Invert the check and error early to reduce indenting
* Pass info->patlen to memcpy() to avoid reading past end of 's'
Signed-off-by: Phil Sutter <phil@nwl.cc>
-rw-r--r-- | extensions/libxt_string.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c index da05fad0..5d72a5cd 100644 --- a/extensions/libxt_string.c +++ b/extensions/libxt_string.c @@ -78,14 +78,13 @@ static void string_init(struct xt_entry_match *m) static void parse_string(const char *s, struct xt_string_info *info) -{ +{ /* xt_string does not need \0 at the end of the pattern */ - if (strlen(s) <= XT_STRING_MAX_PATTERN_SIZE) { - memcpy(info->pattern, s, XT_STRING_MAX_PATTERN_SIZE); - info->patlen = strnlen(s, XT_STRING_MAX_PATTERN_SIZE); - return; - } - xtables_error(PARAMETER_PROBLEM, "STRING too long \"%s\"", s); + if (strlen(s) > sizeof(info->pattern)) + xtables_error(PARAMETER_PROBLEM, "STRING too long \"%s\"", s); + + info->patlen = strnlen(s, sizeof(info->pattern)); + memcpy(info->pattern, s, info->patlen); } static void |