From: Phil Sutter Date: Wed, 19 Sep 2018 13:16:51 +0000 (+0200) Subject: libxt_ipvs: Avoid potential buffer overrun X-Git-Tag: v1.8.1~31 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=749d3c2ecd6a9dc21f5a442c44495cb705621dff;p=thirdparty%2Fiptables.git libxt_ipvs: Avoid potential buffer overrun Just like with libxt_conntrack, get rid of the temporary buffer. The comment even states that it was copied from there, so just make them identical again. Signed-off-by: Phil Sutter Signed-off-by: Florian Westphal --- diff --git a/extensions/libxt_ipvs.c b/extensions/libxt_ipvs.c index 46727660..a6c57a03 100644 --- a/extensions/libxt_ipvs.c +++ b/extensions/libxt_ipvs.c @@ -126,19 +126,19 @@ static void ipvs_mt_dump_addr(const union nf_inet_addr *addr, const union nf_inet_addr *mask, unsigned int family, bool numeric) { - char buf[BUFSIZ]; - if (family == NFPROTO_IPV4) { if (!numeric && addr->ip == 0) { printf(" anywhere"); return; } if (numeric) - strcpy(buf, xtables_ipaddr_to_numeric(&addr->in)); + printf(" %s%s", + xtables_ipaddr_to_numeric(&addr->in), + xtables_ipmask_to_numeric(&mask->in)); else - strcpy(buf, xtables_ipaddr_to_anyname(&addr->in)); - strcat(buf, xtables_ipmask_to_numeric(&mask->in)); - printf(" %s", buf); + printf(" %s%s", + xtables_ipaddr_to_anyname(&addr->in), + xtables_ipmask_to_numeric(&mask->in)); } else if (family == NFPROTO_IPV6) { if (!numeric && addr->ip6[0] == 0 && addr->ip6[1] == 0 && addr->ip6[2] == 0 && addr->ip6[3] == 0) { @@ -146,11 +146,13 @@ static void ipvs_mt_dump_addr(const union nf_inet_addr *addr, return; } if (numeric) - strcpy(buf, xtables_ip6addr_to_numeric(&addr->in6)); + printf(" %s%s", + xtables_ip6addr_to_numeric(&addr->in6), + xtables_ip6mask_to_numeric(&mask->in6)); else - strcpy(buf, xtables_ip6addr_to_anyname(&addr->in6)); - strcat(buf, xtables_ip6mask_to_numeric(&mask->in6)); - printf(" %s", buf); + printf(" %s%s", + xtables_ip6addr_to_anyname(&addr->in6), + xtables_ip6mask_to_numeric(&mask->in6)); } }