summaryrefslogtreecommitdiffstats
path: root/extensions/libipt_POOL.c
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2024-04-09 15:38:14 +0200
committerPhil Sutter <phil@nwl.cc>2024-04-10 01:09:25 +0200
commit8bf2bab8eb2e4f5ae2fef859ea7c877662854101 (patch)
tree5d41034c577d477c4f25c5daa22324a4c8100c4f /extensions/libipt_POOL.c
parenta2911408959d7e86bc4bad4f1be2551a19ad125c (diff)
libxtables: Attenuate effects of functions' internal static buffers
While functions returning pointers to internal static buffers have obvious limitations, users are likely unaware how they call each other internally and thus won't notice unsafe use. One such case is calling both xtables_ipaddr_to_numeric() and xtables_ipmask_to_numeric() as parameters for a single printf() call. Defuse this trap by avoiding the internal calls to xtables_ip{,6}addr_to_numeric() which is easily doable since callers keep their own static buffers already. While being at it, make use of inet_ntop() everywhere and also use INET_ADDRSTRLEN/INET6_ADDRSTRLEN defines for correct (and annotated) static buffer sizes. Reported-by: Vitaly Chikunov <vt@altlinux.org> Signed-off-by: Phil Sutter <phil@nwl.cc> Reviewed-by: Vitaly Chikunov <vt@altlinux.org>
Diffstat (limited to 'extensions/libipt_POOL.c')
0 files changed, 0 insertions, 0 deletions