Permalink
Browse files

- canceled misuse of strlcpy()

- added a margin for an internal buffer storing ifname so that the use of
  strlcpy() (where it could be used) is safe.
  • Loading branch information...
1 parent f4a0099 commit 889e09b6eb1c64370352b304ad9d8987cefaeb81 jinmei committed Jul 25, 2007
Showing with 13 additions and 4 deletions.
  1. +10 −2 kame/kame/rafixd/rafixd.c
  2. +3 −2 kame/kame/rafixd/rafixd.h
View
12 kame/kame/rafixd/rafixd.c
@@ -1,4 +1,4 @@
-/* $KAME: rafixd.c,v 1.9 2007/07/24 22:01:41 itojun Exp $ */
+/* $KAME: rafixd.c,v 1.10 2007/07/25 04:54:58 jinmei Exp $ */
/*
* Copyright (C) 2003 WIDE Project.
@@ -250,6 +250,10 @@ add_interface(ifname)
return (-1);
}
memset(ifp, 0, sizeof(*ifp));
+ /*
+ * strlcpy() is okay since we have a margin for a null char in
+ * ifp->ifname.
+ */
strlcpy(ifp->ifname, ifname, sizeof(ifp->ifname));
ifp->ifindex = index;
@@ -527,7 +531,11 @@ bpf_open(iface)
}
bzero(&ifr, sizeof(ifr));
- strlcpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name));
+ /*
+ * Note: don't use strlcpy() here. ifr.ifr_name may not always be
+ * null-terminated.
+ */
+ strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name));
if (ioctl(fd, BIOCSETIF, &ifr) < 0) {
perror("ioctl(BIOCSETIF)");
return (-1);
View
5 kame/kame/rafixd/rafixd.h
@@ -1,4 +1,4 @@
-/* $KAME: rafixd.h,v 1.2 2003/03/14 10:01:24 jinmei Exp $ */
+/* $KAME: rafixd.h,v 1.3 2007/07/25 04:54:58 jinmei Exp $ */
/*
* Copyright (C) 2003 WIDE Project.
@@ -46,7 +46,8 @@ struct prefix {
struct ifinfo {
struct ifinfo *next;
- char ifname[IF_NAMESIZE]; /* interface name */
+ char ifname[IF_NAMESIZE + 1]; /* interface name including one byte
+ of margin for a terminator */
unsigned int ifindex; /* corresponding interface index */
};

0 comments on commit 889e09b

Please sign in to comment.