On Tue, Jun 02, 2015 at 10:18:34AM +0200, Erik Skultety wrote:
We allocate 16 bytes for IPv4 address and 55 bytes for interface key, therefore we should read up to 15/54 bytes and let the last byte reserved for terminating null byte in sscanf. https://bugzilla.redhat.com/show_bug.cgi?id=1226400 --- src/nwfilter/nwfilter_dhcpsnoop.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_dhcpsnoop.c index 6da8983..f331e22 100644 --- a/src/nwfilter/nwfilter_dhcpsnoop.c +++ b/src/nwfilter/nwfilter_dhcpsnoop.c @@ -1958,8 +1958,8 @@ virNWFilterSnoopLeaseFileLoad(void) break; } ln++; - /* key len 55 = "VMUUID"+'-'+"MAC" */ - if (sscanf(line, "%u %55s %16s %16s", &ipl.timeout, + /* key len 54 = "VMUUID"+'-'+"MAC" */ + if (sscanf(line, "%u %54s %15s %15s", &ipl.timeout, ifkey, ipstr, srvstr) < 4) {
We initialize ifkey as char ifkey[VIR_IFKEY_LEN], so it might be nicer to call: if (sscanf(line, "%u %*s %*s %*s", &ipl.timeout, VIR_IFKEY_LEN - 1, ifkey, INET_ADDRSTRLEN - 1, ipstr, INET_ADDRSTRLEN - 1, srvstr) < 4) { ... But what you have is enough, so ACK to that.
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list