anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-07 05:05:12 +02:00
Code Issues Releases Wiki Activity

xt_DNETMAP: fix a buffer overflow

Browse Source 
prefix_str was only 16 bytes, but the largest emitted string could be
"255.255.255.255/32" (19 bytes).

xt_DNETMAP.c: In function "dnetmap_tg_check":
compat_xtables.h:46:22: warning: "%u" directive writing between 1 and 10
bytes into a region of size between 0 and 8 [-Wformat-overflow=]
 # define NIPQUAD_FMT "%u.%u.%u.%u"
xt_DNETMAP.c:296:2: note: "sprintf" output between 10 and 27 bytes into
a destination of size 16
  sprintf(p->prefix_str, NIPQUAD_FMT "/%u", NIPQUAD(mr->min_addr.ip),
   33 - ffs(~(ip_min ^ ip_max)));
This commit is contained in:
Jan Engelhardt
2017-06-15 12:15:48 +02:00
parent 21ea7b76ec
commit 1874fcd519
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
extensions/xt_DNETMAP.c
View File

@@ -81,7 +81,7 @@ struct dnetmap_entry {
struct dnetmap_prefix {
struct nf_nat_range prefix;
char prefix_str[16];
char prefix_str[20];
#ifdef CONFIG_PROC_FS
char proc_str_data[20];
char proc_str_stat[25];