> - if (copy_to_user(hlp, m->u.match->name,
> EBT_FUNCTION_MAXNAMELEN))
> + char name[EBT_FUNCTION_MAXNAMELEN] = {};
> +
> + strncpy(name, m->u.match->name, sizeof(name));
> + if (copy_to_user(hlp, name, EBT_FUNCTION_MAXNAMELEN))
> return -EFAULT;
strncpy() is very rarely the function you are looking for.
In this case it MIGHT be right (since you do a fixed size
copy_to_user).
OTOH there is no need to also initialise name[].
And it isn't entirely clear whether the application
is allowed to be given a non-terminated string.
David
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
