diff options
| author | Daniel Gröber <dxld@darkboxed.org> | 2020-06-24 15:29:59 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-07-01 12:54:06 +0200 |
| commit | 6c7c716bec3b3302c2212c9273c33f9640de8206 (patch) | |
| tree | f6d46c7cbba64c9290e6d50312c79827a3a237ef /src/expect | |
| parent | 16756ca4edb55cdd8c88f4e123ffa6b94501d050 (diff) | |
conntrack: Replace strncpy with snprintf to improve null byte handling
We currently use strncpy in a bunch of places which has this weird quirk
where it doesn't write a terminating null byte if the input string is >=
the max length. To mitigate this we write a null byte to the last character
manually.
While this works it is easy to forget. Instead we should just be using
snprintf which has more sensible behaviour as it always writes a null byte
even when truncating the string.
Signed-off-by: Daniel Gröber <dxld@darkboxed.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expect')
| -rw-r--r-- | src/expect/parse_mnl.c | 15 | ||||
| -rw-r--r-- | src/expect/setter.c | 6 |
2 files changed, 10 insertions, 11 deletions
diff --git a/src/expect/parse_mnl.c b/src/expect/parse_mnl.c index 091a8ae..fb4bdb7 100644 --- a/src/expect/parse_mnl.c +++ b/src/expect/parse_mnl.c @@ -10,6 +10,7 @@ */ #include "internal/internal.h" +#include <assert.h> #include <libmnl/libmnl.h> static int nlmsg_parse_expection_attr_cb(const struct nlattr *attr, void *data) @@ -139,10 +140,8 @@ int nfexp_nlmsg_parse(const struct nlmsghdr *nlh, struct nf_expect *exp) set_bit(ATTR_EXP_FLAGS, exp->set); } if (tb[CTA_EXPECT_HELP_NAME]) { - strncpy(exp->helper_name, - mnl_attr_get_str(tb[CTA_EXPECT_HELP_NAME]), - NFCT_HELPER_NAME_MAX); - exp->helper_name[NFCT_HELPER_NAME_MAX - 1] = '\0'; + snprintf(exp->helper_name, NFCT_HELPER_NAME_MAX, "%s", + mnl_attr_get_str(tb[CTA_EXPECT_HELP_NAME])); set_bit(ATTR_EXP_HELPER_NAME, exp->set); } if (tb[CTA_EXPECT_CLASS]) { @@ -153,9 +152,11 @@ int nfexp_nlmsg_parse(const struct nlmsghdr *nlh, struct nf_expect *exp) nfexp_nlmsg_parse_nat(nfg, tb[CTA_EXPECT_NAT], exp); if (tb[CTA_EXPECT_FN]) { - strncpy(exp->expectfn, mnl_attr_get_payload(tb[CTA_EXPECT_FN]), - __NFCT_EXPECTFN_MAX); - exp->expectfn[__NFCT_EXPECTFN_MAX - 1] = '\0'; + int len = mnl_attr_get_payload_len(tb[CTA_EXPECT_FN]); + /* the kernel doesn't impose a max length on this str */ + assert(len <= __NFCT_EXPECTFN_MAX); + snprintf(exp->expectfn, __NFCT_EXPECTFN_MAX, "%s", + (char *)mnl_attr_get_payload(tb[CTA_EXPECT_FN])); set_bit(ATTR_EXP_FN, exp->set); } diff --git a/src/expect/setter.c b/src/expect/setter.c index 18c925a..c2ca412 100644 --- a/src/expect/setter.c +++ b/src/expect/setter.c @@ -46,8 +46,7 @@ static void set_exp_attr_class(struct nf_expect *exp, const void *value) static void set_exp_attr_helper_name(struct nf_expect *exp, const void *value) { - strncpy(exp->helper_name, value, NFCT_HELPER_NAME_MAX); - exp->helper_name[NFCT_HELPER_NAME_MAX-1] = '\0'; + snprintf(exp->helper_name, NFCT_HELPER_NAME_MAX, "%s", (char *)value); } static void set_exp_attr_nat_dir(struct nf_expect *exp, const void *value) @@ -62,8 +61,7 @@ static void set_exp_attr_nat_tuple(struct nf_expect *exp, const void *value) static void set_exp_attr_expectfn(struct nf_expect *exp, const void *value) { - strncpy(exp->expectfn, value, __NFCT_EXPECTFN_MAX); - exp->expectfn[__NFCT_EXPECTFN_MAX-1] = '\0'; + snprintf(exp->expectfn, __NFCT_EXPECTFN_MAX, "%s", (char *)value); } const set_exp_attr set_exp_attr_array[ATTR_EXP_MAX] = { |