gcc 8.1 warns when it can detect that a strncpy may result in a string with no
null terminator. It also warns when it can similarly detect that an snprintf may
discard characters, unless the return value from that snprintf is tested.
gcc 8.1.0 (latest release) does not complain about the patched line, but the
gcc 8.1.1 snapshot that comes with FC28 does.
Reported-by: Florian Westphal <fw@xxxxxxxxx>
Signed-off-by: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
---
extensions/ebt_string.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/extensions/ebt_string.c b/extensions/ebt_string.c
index 9550c41..2c40501 100644
--- a/extensions/ebt_string.c
+++ b/extensions/ebt_string.c
@@ -168,7 +168,9 @@ static int parse(int c, char **argv, int argc, const struct ebt_u_entry *entry,
ebt_check_option2(flags, OPT_STRING_ALGO);
if (ebt_check_inverse2(optarg))
ebt_print_error2("Unexpected `!' after --string-algo");
- strncpy(info->algo, optarg, XT_STRING_MAX_ALGO_NAME_SIZE);
+ if (snprintf(info->algo, XT_STRING_MAX_ALGO_NAME_SIZE, "%s",
+ optarg) >= XT_STRING_MAX_ALGO_NAME_SIZE)
+ ebt_print_error2("\"%s\" is truncated", info->algo);
break;
case STRING_ICASE:
ebt_check_option2(flags, OPT_STRING_ICASE);
--
2.9.0
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
