From 0cfd537e8020812ef02ce0e27b8b22a94d3820c3 Mon Sep 17 00:00:00 2001
From: Giuseppe Longo <giuseppelng@gmail.com>
Date: Sat, 12 Oct 2013 11:21:52 +0200
Subject: nft: arp: fix possible string overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This patch replaces strcat with strncat and strcpy with strncpy
fixing possible string overflow.

Based on the original patch:

http://patchwork.ozlabs.org/patch/279672/

from Jaromír Končický via Jiri Popelka.

Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/xtables-arp.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'iptables/xtables-arp.c')

diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
index 411a6998..18f285c6 100644
--- a/iptables/xtables-arp.c
+++ b/iptables/xtables-arp.c
@@ -847,7 +847,8 @@ static struct xtables_target *command_jump(struct arpt_entry *fw,
 
 	target->t = xtables_calloc(1, size);
 	target->t->u.target_size = size;
-	strcpy(target->t->u.user.name, jumpto);
+	strncpy(target->t->u.user.name, jumpto, sizeof(target->t->u.user.name));
+	target->t->u.user.name[sizeof(target->t->u.user.name)-1] = '\0';
 	target->t->u.user.revision = target->revision;
 
 	xs_init_target(target);
-- 
cgit v1.2.3