diff options
| -rw-r--r-- | extensions/libip6t_owner.c | 1 | ||||
| -rw-r--r-- | extensions/libipt_XOR.c | 1 | ||||
| -rw-r--r-- | extensions/libipt_helper.c | 1 | ||||
| -rw-r--r-- | extensions/libipt_owner.c | 1 | ||||
| -rw-r--r-- | extensions/libipt_recent.c | 4 | ||||
| -rw-r--r-- | ip6tables-restore.c | 3 | ||||
| -rw-r--r-- | ip6tables.c | 1 | ||||
| -rw-r--r-- | iptables-restore.c | 3 | ||||
| -rw-r--r-- | libiptc/libiptc.c | 3 |
9 files changed, 15 insertions, 3 deletions
diff --git a/extensions/libip6t_owner.c b/extensions/libip6t_owner.c index ed785306..6d7258d4 100644 --- a/extensions/libip6t_owner.c +++ b/extensions/libip6t_owner.c @@ -129,6 +129,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, exit_error(PARAMETER_PROBLEM, "OWNER CMD `%s' too long, max %d characters", optarg, sizeof(ownerinfo->comm)); strncpy(ownerinfo->comm, optarg, sizeof(ownerinfo->comm)); + ownerinfo->comm[sizeof(ownerinfo->comm)-1] = '\0'; if (invert) ownerinfo->invert |= IP6T_OWNER_COMM; diff --git a/extensions/libipt_XOR.c b/extensions/libipt_XOR.c index 3b05a309..47d8baac 100644 --- a/extensions/libipt_XOR.c +++ b/extensions/libipt_XOR.c @@ -47,6 +47,7 @@ static int parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': strncpy(info->key, optarg, 30); + info->key[29] = '\0'; *flags |= IPT_KEY_SET; break; case '2': diff --git a/extensions/libipt_helper.c b/extensions/libipt_helper.c index 4b16e021..72660d94 100644 --- a/extensions/libipt_helper.c +++ b/extensions/libipt_helper.c @@ -46,6 +46,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, case '1': check_inverse(optarg, &invert, &invert, 0); strncpy(info->name, optarg, 29); + info->name[29] = '\0'; if (invert) info->invert = 1; *flags = 1; diff --git a/extensions/libipt_owner.c b/extensions/libipt_owner.c index 73f0ed54..9c92ab2a 100644 --- a/extensions/libipt_owner.c +++ b/extensions/libipt_owner.c @@ -128,6 +128,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, exit_error(PARAMETER_PROBLEM, "OWNER CMD `%s' too long, max %d characters", optarg, sizeof(ownerinfo->comm)); strncpy(ownerinfo->comm, optarg, sizeof(ownerinfo->comm)); + ownerinfo->comm[sizeof(ownerinfo->comm)-1] = '\0'; if (invert) ownerinfo->invert |= IPT_OWNER_COMM; diff --git a/extensions/libipt_recent.c b/extensions/libipt_recent.c index aa32aa07..a3942720 100644 --- a/extensions/libipt_recent.c +++ b/extensions/libipt_recent.c @@ -75,6 +75,9 @@ init(struct ipt_entry_match *match, unsigned int *nfcache) *nfcache |= NFC_UNKNOWN; strncpy(info->name,"DEFAULT",IPT_RECENT_NAME_LEN); + /* eventhough IPT_RECENT_NAME_LEN is currently defined as 200, + * better be safe, than sorry */ + info->name[IPT_RECENT_NAME_LEN-1] = '\0'; info->side = IPT_RECENT_SOURCE; } @@ -142,6 +145,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, case 208: strncpy(info->name,optarg,IPT_RECENT_NAME_LEN); + info->name[IPT_RECENT_NAME_LEN-1] = '\0'; break; case 209: diff --git a/ip6tables-restore.c b/ip6tables-restore.c index cc60e234..89ef79d2 100644 --- a/ip6tables-restore.c +++ b/ip6tables-restore.c @@ -7,7 +7,7 @@ * Rusty Russell <rusty@linuxcare.com.au> * This code is distributed under the terms of GNU GPL v2 * - * $Id: ip6tables-restore.c,v 1.12 2003/05/02 15:30:11 laforge Exp $ + * $Id: ip6tables-restore.c,v 1.13 2004/01/05 09:41:51 laforge Exp $ */ #include <getopt.h> @@ -182,6 +182,7 @@ int main(int argc, char *argv[]) exit(1); } strncpy(curtable, table, IP6T_TABLE_MAXNAMELEN); + curtable[IP6T_TABLE_MAXNAMELEN] = '\0'; if (handle) ip6tc_free(&handle); diff --git a/ip6tables.c b/ip6tables.c index 664b307b..16d3ae17 100644 --- a/ip6tables.c +++ b/ip6tables.c @@ -675,6 +675,7 @@ parse_hostnetworkmask(const char *name, struct in6_addr **addrpp, int i, j, n; strncpy(buf, name, sizeof(buf) - 1); + buf[sizeof(buf) - 1] = '\0'; if ((p = strrchr(buf, '/')) != NULL) { *p = '\0'; addrp = parse_mask(p + 1); diff --git a/iptables-restore.c b/iptables-restore.c index 0a5627da..9ef78c78 100644 --- a/iptables-restore.c +++ b/iptables-restore.c @@ -4,7 +4,7 @@ * * This code is distributed under the terms of GNU GPL v2 * - * $Id: iptables-restore.c,v 1.26 2003/05/02 15:30:11 laforge Exp $ + * $Id: iptables-restore.c,v 1.27 2004/01/05 09:41:50 laforge Exp $ */ #include <getopt.h> @@ -179,6 +179,7 @@ int main(int argc, char *argv[]) exit(1); } strncpy(curtable, table, IPT_TABLE_MAXNAMELEN); + curtable[IPT_TABLE_MAXNAMELEN] = '\0'; if (handle) iptc_free(&handle); diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c index ba2e35e8..3aacb547 100644 --- a/libiptc/libiptc.c +++ b/libiptc/libiptc.c @@ -1,4 +1,4 @@ -/* Library which manipulates firewall rules. Version $Revision: 1.41 $ */ +/* Library which manipulates firewall rules. Version $Revision: 1.43 $ */ /* Architecture of firewall rules is as follows: * @@ -526,6 +526,7 @@ add_chain_cache(TC_HANDLE_T h, const char *name, unsigned int start_off, h->cache_num_chains++; strncpy(newcc->name, name, TABLE_MAXNAMELEN-1); + newcc->name[TABLE_MAXNAMELEN-1] = '\0'; newcc->start_off = start_off; newcc->end_off = end_off; |