diff options
author | Jo-Philipp Wich <jo@mein.io> | 2020-05-27 22:23:23 +0200 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2020-06-03 18:52:45 +0200 |
commit | f62a52b105fdd3aa12cc073b2847140d5b64261f (patch) | |
tree | 56811195367b09b63f55508e9062b316d16a5ccb /defaults.c | |
parent | 23cc543f4f7ca636400707161e7e8355b6ecd856 (diff) | |
download | firewall3-f62a52b105fdd3aa12cc073b2847140d5b64261f.tar.gz |
treewide: replace unsafe string functions
Replace sprintf(), strncpy() etc. with safer variants that perform bounds
checking on the target buffer. Also rework unsafe `p += sprintf(p, ....)`
code to properly handle error cases.
Ref: http://lists.infradead.org/pipermail/openwrt-devel/2020-May/023363.html
Suggested-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'defaults.c')
-rw-r--r-- | defaults.c | 6 |
1 files changed, 2 insertions, 4 deletions
@@ -218,7 +218,7 @@ fw3_print_default_head_rules(struct fw3_ipt_handle *handle, { int i; struct fw3_defaults *defs = &state->defaults; - struct fw3_device lodev = { .set = true }; + struct fw3_device lodev = { .set = true, .name = "lo" }; struct fw3_protocol tcp = { .protocol = 6 }; struct fw3_ipt_rule *r; @@ -232,8 +232,6 @@ fw3_print_default_head_rules(struct fw3_ipt_handle *handle, { case FW3_TABLE_FILTER: - sprintf(lodev.name, "lo"); - r = fw3_ipt_rule_create(handle, NULL, &lodev, NULL, NULL, NULL); fw3_ipt_rule_target(r, "ACCEPT"); fw3_ipt_rule_append(r, "INPUT"); @@ -378,7 +376,7 @@ static void set_default(const char *name, int set) { FILE *f; - char path[sizeof("/proc/sys/net/ipv4/tcp_window_scaling\0")]; + char path[sizeof("/proc/sys/net/ipv4/tcp_window_scaling")]; snprintf(path, sizeof(path), "/proc/sys/net/ipv4/tcp_%s", name); |