diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2024-11-07 01:22:57 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2024-11-12 03:14:31 +0000 |
| commit | 42935716286e7887bfeb9dd8daea72d6a5d40908 (patch) | |
| tree | 6bf7af9a5e96a8279daf6b175374812f93977a11 | |
| parent | c607b3258f15d4ea1710bc3cdbab05c9355c2828 (diff) | |
ipfilter: Avoid overrunning the message buffer
Avoid overrunning the message buffer when printing an ippool btree error.
We do this in two ways. First we increase the message buffer from 80 to
255 bytes and secondly we replace strcat(3) with strlcat(3).
MFC after: 1 week
| -rw-r--r-- | sbin/ipf/libipf/load_poolnode.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/ipf/libipf/load_poolnode.c b/sbin/ipf/libipf/load_poolnode.c index 5c9fd838bfa0..8d65f019da43 100644 --- a/sbin/ipf/libipf/load_poolnode.c +++ b/sbin/ipf/libipf/load_poolnode.c @@ -52,11 +52,11 @@ load_poolnode(int role, char *name, ip_pool_node_t *node, int ttl, if (err != 0) { if ((opts & OPT_DONOTHING) == 0) { - char msg[80]; + char msg[255]; snprintf(msg, sizeof(msg), "%s pool node(%s/", what, inet_ntoa(pn.ipn_addr.adf_addr.in4)); - strcat(msg, inet_ntoa(pn.ipn_mask.adf_addr.in4)); + strlcat(msg, inet_ntoa(pn.ipn_mask.adf_addr.in4), sizeof(msg)); return (ipf_perror_fd(pool_fd(), iocfunc, msg)); } } |