extensions: string: Review parse_string() function

* Compare against sizeof(info->pattern) which is more clear than having
  to know that this buffer is of size XT_STRING_MAX_PATTERN_SIZE

* Invert the check and error early to reduce indenting

* Pass info->patlen to memcpy() to avoid reading past end of 's'

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index da05fad0f59c8c55282fd46b59df53b5cf7f6fe2..5d72a5cde008f494edd3f77a22979801c22ae5e4 100644 (file)
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -78,14 +78,13 @@ static void string_init(struct xt_entry_match *m)
 
 static void
 parse_string(const char *s, struct xt_string_info *info)
-{      
+{
        /* xt_string does not need \0 at the end of the pattern */
-       if (strlen(s) <= XT_STRING_MAX_PATTERN_SIZE) {
-               memcpy(info->pattern, s, XT_STRING_MAX_PATTERN_SIZE);
-               info->patlen = strnlen(s, XT_STRING_MAX_PATTERN_SIZE);
-               return;
-       }
-       xtables_error(PARAMETER_PROBLEM, "STRING too long \"%s\"", s);
+       if (strlen(s) > sizeof(info->pattern))
+               xtables_error(PARAMETER_PROBLEM, "STRING too long \"%s\"", s);
+
+       info->patlen = strnlen(s, sizeof(info->pattern));
+       memcpy(info->pattern, s, info->patlen);
 }
 
 static void