| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180320202909.22166-6-stephen@networkplumber.org>
Date: Tue, 20 Mar 2018 13:29:05 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: netdev@...r.kernel.org
Cc: Stephen Hemminger <stephen@...workplumber.org>
Subject: [PATCH iproute2 v2 5/9] namespace: fix warning snprintf buffer
It is possible that user could request really long namespace
name and overrun the path buffer.
Signed-off-by: Stephen Hemminger <stephen@...workplumber.org>
---
lib/namespace.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/namespace.c b/lib/namespace.c
index 6f3356d0fa08..682634028587 100644
--- a/lib/namespace.c
+++ b/lib/namespace.c
@@ -23,7 +23,8 @@ static void bind_etc(const char *name)
struct dirent *entry;
DIR *dir;
- snprintf(etc_netns_path, sizeof(etc_netns_path), "%s/%s", NETNS_ETC_DIR, name);
+ snprintf(etc_netns_path, sizeof(etc_netns_path), "%s/%s",
+ NETNS_ETC_DIR, name);
dir = opendir(etc_netns_path);
if (!dir)
return;
@@ -33,7 +34,8 @@ static void bind_etc(const char *name)
continue;
if (strcmp(entry->d_name, "..") == 0)
continue;
- snprintf(netns_name, sizeof(netns_name), "%s/%s", etc_netns_path, entry->d_name);
+ snprintf(netns_name, sizeof(netns_name),
+ "%s/%s", etc_netns_path, entry->d_name);
snprintf(etc_name, sizeof(etc_name), "/etc/%s", entry->d_name);
if (mount(netns_name, etc_name, "none", MS_BIND, NULL) < 0) {
fprintf(stderr, "Bind %s -> %s failed: %s\n",
--
2.16.2
Powered by blists - more mailing lists