upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-03 22:02:58 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

ipfilter: Avoid overrunning the message buffer

Browse source 
Avoid overrunning the message buffer when printing an ippool btree error.
We do this in two ways. First we increase the message buffer from 80 to
255 bytes and secondly we replace strcat(3) with strlcat(3).

(cherry picked from commit 42935716286e7887bfeb9dd8daea72d6a5d40908)
This commit is contained in:
Cy Schubert 2024-11-06 17:22:57 -08:00
parent 3b032c0698
commit d46948338c
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
sbin/ipf/libipf/load_poolnode.c
View file

@ -52,11 +52,11 @@ load_poolnode(int role, char *name, ip_pool_node_t *node, int ttl,
if (err != 0) {
if ((opts & OPT_DONOTHING) == 0) {
char msg[80];
char msg[255];
snprintf(msg, sizeof(msg), "%s pool node(%s/", what,
inet_ntoa(pn.ipn_addr.adf_addr.in4));
strcat(msg, inet_ntoa(pn.ipn_mask.adf_addr.in4));
strlcat(msg, inet_ntoa(pn.ipn_mask.adf_addr.in4), sizeof(msg));
return (ipf_perror_fd(pool_fd(), iocfunc, msg));
}
}