Dan Williams
parent
a18a3fe0e8
commit
c1a3c2af96
@ -0,0 +1,41 @@
|
||||
From 4376e752c822444f1a26b5e1e974ddd7104ae15c Mon Sep 17 00:00:00 2001
|
||||
From: Jiri Pirko <jiri@resnulli.us>
|
||||
Date: Wed, 18 Dec 2013 13:26:49 +0100
|
||||
Subject: [patch] libndp: fix [cppcheck] Undefined behavior: Variable 'buf' is
|
||||
used as parameter and destination in s[n]printf()
|
||||
|
||||
cppcheck --enable=all --inconclusive --std=posix .
|
||||
|
||||
ndp_msg_opt_dnssl_domain():
|
||||
if (dom_len > len)
|
||||
return NULL;
|
||||
|
||||
if (strlen(buf))
|
||||
----> sprintf(buf, "%s.", buf);
|
||||
buf[strlen(buf) + dom_len] = '\0';
|
||||
memcpy(buf + strlen(buf), ptr, dom_len);
|
||||
|
||||
So just use strcat instead.
|
||||
|
||||
Reported-by: Dan Williams <dcbw@redhat.com>
|
||||
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
|
||||
---
|
||||
libndp/libndp.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libndp/libndp.c b/libndp/libndp.c
|
||||
index 0bc3fe3..e510e2e 100644
|
||||
--- a/libndp/libndp.c
|
||||
+++ b/libndp/libndp.c
|
||||
@@ -1540,7 +1540,7 @@ char *ndp_msg_opt_dnssl_domain(struct ndp_msg *msg, int offset,
|
||||
return NULL;
|
||||
|
||||
if (strlen(buf))
|
||||
- sprintf(buf, "%s.", buf);
|
||||
+ strcat(buf, ".");
|
||||
buf[strlen(buf) + dom_len] = '\0';
|
||||
memcpy(buf + strlen(buf), ptr, dom_len);
|
||||
ptr += dom_len;
|
||||
--
|
||||
1.8.4.2
|
||||
|
||||
@ -1,12 +1,14 @@
|
||||
Name: libndp
|
||||
Version: 1.2
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
Summary: Library for Neighbor Discovery Protocol
|
||||
Group: System Environment/Libraries
|
||||
License: LGPLv2+
|
||||
URL: http://www.libndp.org/
|
||||
Source: http://www.libndp.org/files/libndp-%{version}.tar.gz
|
||||
|
||||
Patch0: 0001-libndp-fix-cppcheck-Undefined-behavior-Variable-buf-.patch
|
||||
|
||||
%description
|
||||
This package contains a library which provides a wrapper
|
||||
for IPv6 Neighbor Discovery Protocol. It also provides a tool
|
||||
@ -23,6 +25,7 @@ necessary for developing programs using libndp.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1 -b .fix_cppcheck_var_buf
|
||||
|
||||
%build
|
||||
%configure --disable-static
|
||||
@ -48,6 +51,9 @@ find $RPM_BUILD_ROOT -name \*.la -delete
|
||||
%{_libdir}/pkgconfig/*.pc
|
||||
|
||||
%changelog
|
||||
* Tue Jan 21 2014 Jiri Pirko <jpirko@redhat.com> - 1.2-2
|
||||
- libndp: fix [cppcheck] Undefined behavior: Variable 'buf' is used as parameter and destination in s[n]printf() [1044084] [1091720]
|
||||
|
||||
* Tue Oct 15 2013 Jiri Pirko <jpirko@redhat.com> - 1.2-1
|
||||
- Update to 1.2
|
||||
- libndp: silently ignore packets with optlen 0
|
||||
|
||||
Loading…
Reference in New Issue
Block a user