git.ipfire.org Git - thirdparty/ulogd2.git/commit

author	Jeremy Sowden <jeremy@azazel.net>
	Sat, 3 Dec 2022 19:02:10 +0000 (19:02 +0000)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 8 Dec 2022 20:48:51 +0000 (21:48 +0100)
commit	49f6def6fcbaf01f395fbe00543a9ab2c4bb106e
tree	a277e81f7eccb44372af276556a103f09d3d7691	tree
parent	28e6eacfa96f729fce69f003ae16b96ad8503404	commit \| diff

filter: fix buffer sizes in filter plug-ins

Three of the filter plug-ins define arrays to hold output key values.
The arrays are sized based on the values of enums.  For example:

  enum output_keys {
    KEY_MAC_TYPE,
    KEY_MAC_PROTOCOL,
    KEY_MAC_SADDR,
    START_KEY = KEY_MAC_SADDR,
    KEY_MAC_DADDR,
    KEY_MAC_ADDR,
    MAX_KEY = KEY_MAC_ADDR,
  };

  static char hwmac_str[MAX_KEY - START_KEY][HWADDR_LENGTH];

The arrays are indexed by subtracting `START_KEY` from the enum value of
the key currently being processed: `hwmac_str[okey - START_KEY]`.
However, this means that the last key (`KEY_MAC_ADDR` in this example)
will run off the end of the array.  Increase the size of the arrays.

In the case of `IP2BIN` and `IP2HBIN`, there is no overrun, but only
because they use the wrong upper bound when looping over the keys, and
thus don't assign a value to the last key.  Correct the bound.

Also some small white-space tweaks.

Link: https://bugzilla.netfilter.org/show_bug.cgi?id=890
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

filter/ulogd_filter_HWHDR.c		diff \| blob \| blame \| history
filter/ulogd_filter_IP2BIN.c		diff \| blob \| blame \| history
filter/ulogd_filter_IP2HBIN.c		diff \| blob \| blame \| history
filter/ulogd_filter_IP2STR.c		diff \| blob \| blame \| history