diff options
author | Phil Sutter <phil@nwl.cc> | 2024-04-09 15:38:14 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2024-04-10 01:09:25 +0200 |
commit | 8bf2bab8eb2e4f5ae2fef859ea7c877662854101 (patch) | |
tree | 5d41034c577d477c4f25c5daa22324a4c8100c4f /extensions/libipt_POOL.c | |
parent | a2911408959d7e86bc4bad4f1be2551a19ad125c (diff) |
libxtables: Attenuate effects of functions' internal static buffers
While functions returning pointers to internal static buffers have
obvious limitations, users are likely unaware how they call each other
internally and thus won't notice unsafe use. One such case is calling
both xtables_ipaddr_to_numeric() and xtables_ipmask_to_numeric() as
parameters for a single printf() call.
Defuse this trap by avoiding the internal calls to
xtables_ip{,6}addr_to_numeric() which is easily doable since callers
keep their own static buffers already.
While being at it, make use of inet_ntop() everywhere and also use
INET_ADDRSTRLEN/INET6_ADDRSTRLEN defines for correct (and annotated)
static buffer sizes.
Reported-by: Vitaly Chikunov <vt@altlinux.org>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Reviewed-by: Vitaly Chikunov <vt@altlinux.org>
Diffstat (limited to 'extensions/libipt_POOL.c')
0 files changed, 0 insertions, 0 deletions