Overview

File conntrackd-use-strncpy-to-unix-path.patch of Package conntrack-tools

From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 20 Mar 2019 08:19:18 +0100
Subject: conntrackd: use strncpy() to unix path
Patch-mainline: conntrack-tools-1.4.6?
Git-commit: ce06fb6069065c3d68475356c0728a5fa0a4ab74
References: bsc#1141480

Make sure we don't go over the buffer boundary.

Reported-by: Rijnard van Tonder <rvt@cmu.edu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/read_config_yy.y | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/src/read_config_yy.y
+++ b/src/read_config_yy.y
@@ -25,6 +25,7 @@
 #include <netdb.h>
 #include <errno.h>
 #include <stdarg.h>
+#include <limits.h>
 #include "conntrackd.h"
 #include "bitops.h"
 #include "cidr.h"
@@ -650,7 +651,7 @@ unix_options:
 
 unix_option : T_PATH T_PATH_VAL
 {
-	strcpy(conf.local.path, $2);
+	strncpy(conf.local.path, $2, PATH_MAX);
 };
 
 unix_option : T_BACKLOG T_NUMBER
openSUSE Build Service is sponsored by
Places