summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorDaniel Gröber <dxld@darkboxed.org>2020-06-24 15:30:04 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2020-07-01 13:00:09 +0200
commit7d2f395d32ae06828aef386a04f0c5ab857f36db (patch)
tree8221b9d8d205d3bf206ce170bc0091bf65e97ed0 /src
parentbc1cb4b1140327dc69246907518c95da2d3f580d (diff)
conntrack: Fix buffer overflow in protocol related snprintf functions
Signed-off-by: Daniel Gröber <dxld@darkboxed.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/conntrack/snprintf_default.c14
-rw-r--r--src/conntrack/snprintf_xml.c20
2 files changed, 24 insertions, 10 deletions
diff --git a/src/conntrack/snprintf_default.c b/src/conntrack/snprintf_default.c
index 081bcb6..64a05aa 100644
--- a/src/conntrack/snprintf_default.c
+++ b/src/conntrack/snprintf_default.c
@@ -13,20 +13,18 @@ static int __snprintf_l3protocol(char *buf,
unsigned int len,
const struct nf_conntrack *ct)
{
- return (snprintf(buf, len, "%-8s %u ",
- l3proto2str[ct->head.orig.l3protonum] == NULL ?
- "unknown" : l3proto2str[ct->head.orig.l3protonum],
- ct->head.orig.l3protonum));
+ uint8_t num = ct->head.orig.l3protonum;
+
+ return snprintf(buf, len, "%-8s %u ", __l3proto2str(num), num);
}
int __snprintf_protocol(char *buf,
unsigned int len,
const struct nf_conntrack *ct)
{
- return (snprintf(buf, len, "%-8s %u ",
- proto2str[ct->head.orig.protonum] == NULL ?
- "unknown" : proto2str[ct->head.orig.protonum],
- ct->head.orig.protonum));
+ uint8_t num = ct->head.orig.protonum;
+
+ return snprintf(buf, len, "%-8s %u ", __proto2str(num), num);
}
static int __snprintf_timeout(char *buf,
diff --git a/src/conntrack/snprintf_xml.c b/src/conntrack/snprintf_xml.c
index c3a836a..e557df2 100644
--- a/src/conntrack/snprintf_xml.c
+++ b/src/conntrack/snprintf_xml.c
@@ -55,12 +55,28 @@
const char *__proto2str(uint8_t protonum)
{
- return proto2str[protonum] ? proto2str[protonum] : "unknown";
+ const char *str = NULL;
+
+ if (protonum < ARRAY_SIZE(proto2str))
+ str = proto2str[protonum];
+
+ if (str == NULL)
+ str = "unknown";
+
+ return str;
}
const char *__l3proto2str(uint8_t protonum)
{
- return l3proto2str[protonum] ? l3proto2str[protonum] : "unknown";
+ const char *str = NULL;
+
+ if (protonum < ARRAY_SIZE(l3proto2str))
+ str = l3proto2str[protonum];
+
+ if (str == NULL)
+ str = "unknown";
+
+ return str;
}
static int __snprintf_ipv4_xml(char *buf,