From: Jan Engelhardt <jengelh@medozas.de>
Date: Thu, 12 Feb 2009 00:18:35 +0000 (+0100)
Subject: libxt_string: fix undefined behavior/incorrect patlen calculation
X-Git-Tag: v1.4.3~37
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=37b4bde745698bf140d74e59a2561f34deeb8726;p=thirdparty%2Fiptables.git

libxt_string: fix undefined behavior/incorrect patlen calculation

strlen ran over the end of the string. Use strnlen to bound it.

Reference: http://bugs.debian.org/513516
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---

diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index 6bd27c0b..aa52fa8d 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -20,6 +20,7 @@
  *             updated to work with slightly modified
  *             ipt_string_info.
  */
+#define _GNU_SOURCE 1
 #include <stdio.h>
 #include <netdb.h>
 #include <string.h>
@@ -207,7 +208,8 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
 			else
 				stringinfo->u.v1.flags |= XT_STRING_FLAG_INVERT;
 		}
-		stringinfo->patlen=strlen((char *)&stringinfo->pattern);
+		stringinfo->patlen = strnlen((char *)&stringinfo->pattern,
+			sizeof(stringinfo->patlen));
 		*flags |= STRING;
 		break;