diff options
| author | Phil Sutter <phil@nwl.cc> | 2018-09-19 15:16:48 +0200 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2018-09-24 11:23:57 +0200 |
| commit | d0c1f1b4ad4e3b91220a03514031ee879db832d0 (patch) | |
| tree | 902e64760974ca641cea1d1ad57cabd3be5fc030 | |
| parent | 23ef6f06c89f1ebc2bc65850b21de69aed8279e3 (diff) | |
libxt_LED: Avoid string overrun while parsing led-trigger-id
Instead of using strcat() and assuming the name will fit, print into the
buffer using snprintf() which truncates the string as needed.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
| -rw-r--r-- | extensions/libxt_LED.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/extensions/libxt_LED.c b/extensions/libxt_LED.c index 8622c379..6ada7950 100644 --- a/extensions/libxt_LED.c +++ b/extensions/libxt_LED.c @@ -53,8 +53,7 @@ static void LED_parse(struct xt_option_call *cb) xtables_option_parse(cb); switch (cb->entry->id) { case O_LED_TRIGGER_ID: - strcpy(led->id, "netfilter-"); - strcat(led->id, cb->arg); + snprintf(led->id, sizeof(led->id), "netfilter-%s", cb->arg); break; case O_LED_DELAY: if (strncasecmp(cb->arg, "inf", 3) == 0) |