From 37b4bde745698bf140d74e59a2561f34deeb8726 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@medozas.de>
Date: Thu, 12 Feb 2009 01:18:35 +0100
Subject: libxt_string: fix undefined behavior/incorrect patlen calculation

strlen ran over the end of the string. Use strnlen to bound it.

Reference: http://bugs.debian.org/513516
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
 extensions/libxt_string.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index 6bd27c0b..aa52fa8d 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -20,6 +20,7 @@
  *             updated to work with slightly modified
  *             ipt_string_info.
  */
+#define _GNU_SOURCE 1
 #include <stdio.h>
 #include <netdb.h>
 #include <string.h>
@@ -207,7 +208,8 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
 			else
 				stringinfo->u.v1.flags |= XT_STRING_FLAG_INVERT;
 		}
-		stringinfo->patlen=strlen((char *)&stringinfo->pattern);
+		stringinfo->patlen = strnlen((char *)&stringinfo->pattern,
+			sizeof(stringinfo->patlen));
 		*flags |= STRING;
 		break;
 
-- 
cgit v1.2.3