diff options
| author | Jeremy Sowden <jeremy@azazel.net> | 2022-12-03 19:02:10 +0000 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2022-12-08 21:48:51 +0100 |
| commit | 49f6def6fcbaf01f395fbe00543a9ab2c4bb106e (patch) | |
| tree | a277e81f7eccb44372af276556a103f09d3d7691 /output/ulogd_output_JSON.c | |
| parent | 28e6eacfa96f729fce69f003ae16b96ad8503404 (diff) | |
filter: fix buffer sizes in filter plug-ins
Three of the filter plug-ins define arrays to hold output key values.
The arrays are sized based on the values of enums. For example:
enum output_keys {
KEY_MAC_TYPE,
KEY_MAC_PROTOCOL,
KEY_MAC_SADDR,
START_KEY = KEY_MAC_SADDR,
KEY_MAC_DADDR,
KEY_MAC_ADDR,
MAX_KEY = KEY_MAC_ADDR,
};
static char hwmac_str[MAX_KEY - START_KEY][HWADDR_LENGTH];
The arrays are indexed by subtracting `START_KEY` from the enum value of
the key currently being processed: `hwmac_str[okey - START_KEY]`.
However, this means that the last key (`KEY_MAC_ADDR` in this example)
will run off the end of the array. Increase the size of the arrays.
In the case of `IP2BIN` and `IP2HBIN`, there is no overrun, but only
because they use the wrong upper bound when looping over the keys, and
thus don't assign a value to the last key. Correct the bound.
Also some small white-space tweaks.
Link: https://bugzilla.netfilter.org/show_bug.cgi?id=890
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'output/ulogd_output_JSON.c')
0 files changed, 0 insertions, 0 deletions