This change originated from covscan complaining about the strcpy() call
with an unknown size source buffer. But in fact, the size is known (and
equal to the destination size), so pass a pointer to STRUCT_GETINFO to
alloc_handle() instead of it's fields separately. Hopefully this will
silence covscan.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
libiptc/libiptc.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index 6eacdddd09a1c..7c3cb9e7cf076 100644
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -1270,7 +1270,7 @@ static int iptcc_compile_table(struct xtc_handle *h, STRUCT_REPLACE *repl)
/* Allocate handle of given size */
static struct xtc_handle *
-alloc_handle(const char *tablename, unsigned int size, unsigned int num_rules)
+alloc_handle(STRUCT_GETINFO *infop)
{
struct xtc_handle *h;
@@ -1281,14 +1281,14 @@ alloc_handle(const char *tablename, unsigned int size, unsigned int num_rules)
}
memset(h, 0, sizeof(*h));
INIT_LIST_HEAD(&h->chains);
- strcpy(h->info.name, tablename);
+ strcpy(h->info.name, infop->name);
- h->entries = malloc(sizeof(STRUCT_GET_ENTRIES) + size);
+ h->entries = malloc(sizeof(STRUCT_GET_ENTRIES) + infop->size);
if (!h->entries)
goto out_free_handle;
- strcpy(h->entries->name, tablename);
- h->entries->size = size;
+ strcpy(h->entries->name, infop->name);
+ h->entries->size = infop->size;
return h;
@@ -1337,8 +1337,8 @@ retry:
DEBUGP("valid_hooks=0x%08x, num_entries=%u, size=%u\n",
info.valid_hooks, info.num_entries, info.size);
- if ((h = alloc_handle(info.name, info.size, info.num_entries))
- == NULL) {
+ h = alloc_handle(&info);
+ if (h == NULL) {
close(sockfd);
return NULL;
}
--
2.18.0
