firewall-util: add an assert that we're not overwriting a buffer

Check for CID #1368267.
author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2017-02-19 13:19:50 -0500
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2017-02-20 16:02:15 -0500
commit: f28501279d2c28fdbb31d8273b723e9bf71d3b98 (patch)
tree: 1d240276ada05668ba0100143505b2227fc64490 /src/shared/firewall-util.c
parent: 1e94df447150f065241091044b32a730a5bf9ed4 (diff)
download: systemd-f28501279d2c28fdbb31d8273b723e9bf71d3b98.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/src/shared/firewall-util.c b/src/shared/firewall-util.c
index 9c29b0afca..952fc48c45 100644
--- a/src/shared/firewall-util.c
+++ b/src/shared/firewall-util.c
@@ -76,8 +76,11 @@ static int entry_fill_basics(
         }
 
         if (out_interface) {
+                size_t l = strlen(out_interface);
+                assert(l < sizeof entry->ip.outiface && l < sizeof entry->ip.outiface_mask);
+
                 strcpy(entry->ip.outiface, out_interface);
-                memset(entry->ip.outiface_mask, 0xFF, strlen(out_interface)+1);
+                memset(entry->ip.outiface_mask, 0xFF, l + 1);
         }
         if (destination) {
                 entry->ip.dst = destination->in;
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2017-02-19 13:19:50 -0500
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2017-02-20 16:02:15 -0500
commit	f28501279d2c28fdbb31d8273b723e9bf71d3b98 (patch)
tree	1d240276ada05668ba0100143505b2227fc64490 /src/shared/firewall-util.c
parent	1e94df447150f065241091044b32a730a5bf9ed4 (diff)
download	systemd-f28501279d2c28fdbb31d8273b723e9bf71d3b98.tar.gz