options: redirects: Fix possible buffer overflows

This fixes two possible situations where strncpy() produces a not null terminated buffer. Coverity IDs: * 1412247 Buffer not null terminated * 1412279 Buffer not null terminated Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Jo-Philipp Wich <jo@mein.io>
author: Hauke Mehrtens <hauke@hauke-m.de> 2018-12-19 10:34:08 +0100
committer: Hauke Mehrtens <hauke@hauke-m.de> 2018-12-20 16:10:03 +0100
commit: 6ba9105f880db5b69386fc6258e41641147fd313 (patch)
tree: 447693be1f599edc6cf38d351dbca6e104058109
parent: 14589c80cde937162da02414a0103653a566e866 (diff)
download: firewall3-6ba9105f880db5b69386fc6258e41641147fd313.tar.gz
2 files changed, 2 insertions, 2 deletions
diff --git a/options.c b/options.c
index 5184346..c763d9e 100644
--- a/options.c
+++ b/options.c
@@ -939,7 +939,7 @@ fw3_parse_setmatch(void *ptr, const char *val, bool is_list)
 		return false;
 	}
 
-	strncpy(m->name, p, sizeof(m->name));
+	strncpy(m->name, p, sizeof(m->name) - 1);
 
 	for (i = 0, p = strtok(NULL, " \t,");
 	     i < 3 && p != NULL;
diff --git a/redirects.c b/redirects.c
index ab95395..97529ee 100644
--- a/redirects.c
+++ b/redirects.c
@@ -154,7 +154,7 @@ resolve_dest(struct uci_element *e, struct fw3_redirect *redir,
 			if (!compare_addr(addr, &redir->ip_redir))
 				continue;
 
-			strncpy(redir->dest.name, zone->name, sizeof(redir->dest.name));
+			strncpy(redir->dest.name, zone->name, sizeof(redir->dest.name) - 1);
 			redir->dest.set = true;
 			redir->_dest = zone;
author	Hauke Mehrtens <hauke@hauke-m.de>	2018-12-19 10:34:08 +0100
committer	Hauke Mehrtens <hauke@hauke-m.de>	2018-12-20 16:10:03 +0100
commit	6ba9105f880db5b69386fc6258e41641147fd313 (patch)
tree	447693be1f599edc6cf38d351dbca6e104058109
parent	14589c80cde937162da02414a0103653a566e866 (diff)
download	firewall3-6ba9105f880db5b69386fc6258e41641147fd313.tar.gz