![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 39ba035)
raw | patch | inline | side by side (parent: 39ba035)
| author | Sebastian Harl <sh@tokkee.org> | |
| Thu, 2 Oct 2008 12:53:06 +0000 (14:53 +0200) | ||
| committer | Florian Forster <octo@huhu.verplant.org> | |
| Fri, 3 Oct 2008 20:10:40 +0000 (22:10 +0200) |
Those were introduced when unifying the string handling in commit 5f9ec13b in
cases where the exact length of the string to be copied is passed to sstrncpy
instead of the size of the destination buffer.
In case of the iptables plugin this prevented the table or chain name to match
correctly as the user configuration was truncated. In case of the ignorelist a
given regex was truncated.
Signed-off-by: Sebastian Harl <sh@tokkee.org>
Signed-off-by: Florian Forster <octo@huhu.verplant.org>
cases where the exact length of the string to be copied is passed to sstrncpy
instead of the size of the destination buffer.
In case of the iptables plugin this prevented the table or chain name to match
correctly as the user configuration was truncated. In case of the ignorelist a
given regex was truncated.
Signed-off-by: Sebastian Harl <sh@tokkee.org>
Signed-off-by: Florian Forster <octo@huhu.verplant.org>
| src/iptables.c | patch | blob | history | |
| src/utils_ignorelist.c | patch | blob | history |
diff --git a/src/iptables.c b/src/iptables.c
index 4d15c6e0896ac62e15b3082fb6c622403c4add2d..e1694af3475407ae75ba98de73e8b48598e63a56 100644 (file)
--- a/src/iptables.c
+++ b/src/iptables.c
table = fields[0];
chain = fields[1];
- table_len = strlen (table);
- if ((unsigned int)table_len >= sizeof(temp.table))
+ table_len = strlen (table) + 1;
+ if ((unsigned int)table_len > sizeof(temp.table))
{
ERROR ("Table `%s' too long.", table);
free (value_copy);
}
sstrncpy (temp.table, table, table_len);
- chain_len = strlen (chain);
- if ((unsigned int)chain_len >= sizeof(temp.chain))
+ chain_len = strlen (chain) + 1;
+ if ((unsigned int)chain_len > sizeof(temp.chain))
{
ERROR ("Chain `%s' too long.", chain);
free (value_copy);
diff --git a/src/utils_ignorelist.c b/src/utils_ignorelist.c
index 518715b1f48ada50c018e38f600dd6c14bcbd66f..db679dad83f9053e628c916032e23d8438b293a9 100644 (file)
--- a/src/utils_ignorelist.c
+++ b/src/utils_ignorelist.c
/* We need to copy `entry' since it's const */
entry_copy = smalloc (entry_len);
memset (entry_copy, '\0', entry_len);
- sstrncpy (entry_copy, entry + 1, entry_len - 2);
+ /* sstrncpy() overwrites the trailing '/' */
+ sstrncpy (entry_copy, entry + 1, entry_len - 1);
DEBUG("I'm about to add regex entry: %s", entry_copy);
ret = ignorelist_append_regex(il, entry_copy);