| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ecc58bca-b180-df34-339a-cb278205086c@x41-dsec.de>
Date: Wed, 11 Oct 2017 10:28:22 +0200
From: Eric Sesterhenn <eric.sesterhenn@...-dsec.de>
To: linux-kernel@...r.kernel.org
Subject: [PATCH 1/7] Handle snprintf calculations in x_tables
Handle the snprintf calculations more gracefully in case snprintf
truncates the string.
Signed-off-by: Eric Sesterhenn <eric.sesterhenn@...-dsec.de>
---
net/netfilter/x_tables.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index c83a3b5e1c6c..327617acbf05 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -408,6 +408,8 @@ textify_hooks(char *buf, size_t size, unsigned int
mask, uint8_t nfproto)
if (!(mask & (1 << i)))
continue;
res = snprintf(p, size, "%s%s", np ? "/" : "", names[i]);
+ if (res >= size)
+ return buf;
if (res > 0) {
size -= res;
p += res;
--
Eric Sesterhenn (Principal Security Consultant)
X41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen
T: +49 241 9809418-0, Fax: -9
Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989
Geschäftsführer: Markus Vervier
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists