18fd73d348
- arptables-nft-helper: Remove bashisms - ebtables-helper: Drop unused variable, add a missing quote - extensions: libxt_string: Avoid buffer size warning for strncpy() - libxtables: Introduce xtables_strdup() and use it everywhere - extensions: libebt_ip6: Use xtables_ip6parse_any() - iptables-apply: Drop unused variable - nft: Avoid buffer size warnings copying iface names - nft: Avoid memleak in error path of nft_cmd_new() - libxtables: Fix memleak in xtopt_parse_hostmask() - extensions: libebt_ip6: Drop unused variables - libxtables: Drop leftover variable in xtables_numeric_to_ip6addr() Resolves: RHBZ#1938745
57 lines
2.1 KiB
Diff
57 lines
2.1 KiB
Diff
From dda5f0d0ebbcb39f4e001335f70159121f554886 Mon Sep 17 00:00:00 2001
|
|
From: Phil Sutter <phil@nwl.cc>
|
|
Date: Wed, 2 Jun 2021 11:58:06 +0200
|
|
Subject: [PATCH] nft: Avoid buffer size warnings copying iface names
|
|
|
|
The call to strncpy() is actually not needed: source buffer is only
|
|
IFNAMSIZ bytes large and guaranteed to be null-terminated. Use this to
|
|
avoid compiler warnings due to size parameter matching the destination
|
|
buffer size by performing the copy using (dumb) memcpy() instead.
|
|
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
(cherry picked from commit 0729ab37c5d90b78dd3bc8c9addb8a1c60708eff)
|
|
---
|
|
iptables/nft-ipv4.c | 4 ++--
|
|
iptables/nft-ipv6.c | 4 ++--
|
|
2 files changed, 4 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c
|
|
index a5b835b1f681d..34f94bd8cc24a 100644
|
|
--- a/iptables/nft-ipv4.c
|
|
+++ b/iptables/nft-ipv4.c
|
|
@@ -348,11 +348,11 @@ static void nft_ipv4_post_parse(int command,
|
|
*/
|
|
cs->fw.ip.invflags = args->invflags;
|
|
|
|
- strncpy(cs->fw.ip.iniface, args->iniface, IFNAMSIZ);
|
|
+ memcpy(cs->fw.ip.iniface, args->iniface, IFNAMSIZ);
|
|
memcpy(cs->fw.ip.iniface_mask,
|
|
args->iniface_mask, IFNAMSIZ*sizeof(unsigned char));
|
|
|
|
- strncpy(cs->fw.ip.outiface, args->outiface, IFNAMSIZ);
|
|
+ memcpy(cs->fw.ip.outiface, args->outiface, IFNAMSIZ);
|
|
memcpy(cs->fw.ip.outiface_mask,
|
|
args->outiface_mask, IFNAMSIZ*sizeof(unsigned char));
|
|
|
|
diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c
|
|
index 46008fc5e762a..d9c9400ad7dc3 100644
|
|
--- a/iptables/nft-ipv6.c
|
|
+++ b/iptables/nft-ipv6.c
|
|
@@ -293,11 +293,11 @@ static void nft_ipv6_post_parse(int command, struct iptables_command_state *cs,
|
|
*/
|
|
cs->fw6.ipv6.invflags = args->invflags;
|
|
|
|
- strncpy(cs->fw6.ipv6.iniface, args->iniface, IFNAMSIZ);
|
|
+ memcpy(cs->fw6.ipv6.iniface, args->iniface, IFNAMSIZ);
|
|
memcpy(cs->fw6.ipv6.iniface_mask,
|
|
args->iniface_mask, IFNAMSIZ*sizeof(unsigned char));
|
|
|
|
- strncpy(cs->fw6.ipv6.outiface, args->outiface, IFNAMSIZ);
|
|
+ memcpy(cs->fw6.ipv6.outiface, args->outiface, IFNAMSIZ);
|
|
memcpy(cs->fw6.ipv6.outiface_mask,
|
|
args->outiface_mask, IFNAMSIZ*sizeof(unsigned char));
|
|
|
|
--
|
|
2.31.1
|
|
|