git.ipfire.org Git - thirdparty/iptables.git/commit

]> git.ipfire.org Git - thirdparty/iptables.git/commit

projects / thirdparty / iptables.git / commit

author	Phil Sutter <phil@nwl.cc>
	Wed, 19 Sep 2018 13:16:50 +0000 (15:16 +0200)
committer	Florian Westphal <fw@strlen.de>
	Mon, 24 Sep 2018 09:24:01 +0000 (11:24 +0200)
commit	8e798e050367dfe43bb958f11dd3170b03bda49e
tree	086338c12fb46e635268a897a4ed477c30f31922	tree \| snapshot
parent	74eb2395c838460384286c2b95f711ae275a46cb	commit \| diff

libxt_conntrack: Avoid potential buffer overrun

In print_addr(), a resolved hostname is written into a buffer without
size check. Since BUFSIZ is typically 8192 bytes, this shouldn't be an
issue, though covscan complained about it. Fix the code by using
conntrack_dump_addr() as an example.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>

extensions/libxt_conntrack.c

diff | blob | blame | history

Mirror of git://git.netfilter.org/iptables

RSS Atom