conntrack: Replace strncpy with snprintf to improve null byte handling

We currently use strncpy in a bunch of places which has this weird quirk where it doesn't write a terminating null byte if the input string is >= the max length. To mitigate this we write a null byte to the last character manually. While this works it is easy to forget. Instead we should just be using snprintf which has more sensible behaviour as it always writes a null byte even when truncating the string. Signed-off-by: Daniel Gröber <dxld@darkboxed.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Daniel Gröber <dxld@darkboxed.org> 2020-06-24 15:29:59 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2020-07-01 12:54:06 +0200
commit: 6c7c716bec3b3302c2212c9273c33f9640de8206 (patch)
tree: f6d46c7cbba64c9290e6d50312c79827a3a237ef /src/conntrack/parse_mnl.c
parent: 16756ca4edb55cdd8c88f4e123ffa6b94501d050 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/src/conntrack/parse_mnl.c b/src/conntrack/parse_mnl.c
index 515deff..3cbfc6a 100644
--- a/src/conntrack/parse_mnl.c
+++ b/src/conntrack/parse_mnl.c
@@ -690,9 +690,8 @@ nfct_parse_helper(const struct nlattr *attr, struct nf_conntrack *ct)
 	if (!tb[CTA_HELP_NAME])
 		return 0;
 
-	strncpy(ct->helper_name, mnl_attr_get_str(tb[CTA_HELP_NAME]),
-		NFCT_HELPER_NAME_MAX);
-	ct->helper_name[NFCT_HELPER_NAME_MAX-1] = '\0';
+	snprintf(ct->helper_name, NFCT_HELPER_NAME_MAX, "%s",
+		 mnl_attr_get_str(tb[CTA_HELP_NAME]));
 	set_bit(ATTR_HELPER_NAME, ct->head.set);
 
 	if (!tb[CTA_HELP_INFO])
author	Daniel Gröber <dxld@darkboxed.org>	2020-06-24 15:29:59 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2020-07-01 12:54:06 +0200
commit	6c7c716bec3b3302c2212c9273c33f9640de8206 (patch)
tree	f6d46c7cbba64c9290e6d50312c79827a3a237ef /src/conntrack/parse_mnl.c
parent	16756ca4edb55cdd8c88f4e123ffa6b94501d050 (diff)