diff options
author | Daniel Gröber <dxld@darkboxed.org> | 2020-06-24 15:29:59 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-07-01 12:54:06 +0200 |
commit | 6c7c716bec3b3302c2212c9273c33f9640de8206 (patch) | |
tree | f6d46c7cbba64c9290e6d50312c79827a3a237ef /src/conntrack/parse_mnl.c | |
parent | 16756ca4edb55cdd8c88f4e123ffa6b94501d050 (diff) |
conntrack: Replace strncpy with snprintf to improve null byte handling
We currently use strncpy in a bunch of places which has this weird quirk
where it doesn't write a terminating null byte if the input string is >=
the max length. To mitigate this we write a null byte to the last character
manually.
While this works it is easy to forget. Instead we should just be using
snprintf which has more sensible behaviour as it always writes a null byte
even when truncating the string.
Signed-off-by: Daniel Gröber <dxld@darkboxed.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/conntrack/parse_mnl.c')
-rw-r--r-- | src/conntrack/parse_mnl.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/src/conntrack/parse_mnl.c b/src/conntrack/parse_mnl.c index 515deff..3cbfc6a 100644 --- a/src/conntrack/parse_mnl.c +++ b/src/conntrack/parse_mnl.c @@ -690,9 +690,8 @@ nfct_parse_helper(const struct nlattr *attr, struct nf_conntrack *ct) if (!tb[CTA_HELP_NAME]) return 0; - strncpy(ct->helper_name, mnl_attr_get_str(tb[CTA_HELP_NAME]), - NFCT_HELPER_NAME_MAX); - ct->helper_name[NFCT_HELPER_NAME_MAX-1] = '\0'; + snprintf(ct->helper_name, NFCT_HELPER_NAME_MAX, "%s", + mnl_attr_get_str(tb[CTA_HELP_NAME])); set_bit(ATTR_HELPER_NAME, ct->head.set); if (!tb[CTA_HELP_INFO]) |