I reviewed the previously rejected changes in "Sanitize calls to strcpy()" again and found merely two valid ones: * Copying from 'real_name' of matches/targets: Length of that field is not checked xtables_register_* functions, so it's length may be arbitrary. Patch 1 of this series adds the missing check. * In libiptc, a chain name is copied from a larger array to a shorter one without checking. This is fixed by patch 2. The remaining patches in this series are fall-out from the above. Phil Sutter (6): libxtables: Check extension real_name length libiptc: NULL-terminate errorname Combine command_match() implementations Combine parse_target() and command_jump() implementations arptables: Use the shared nft_ipv46_parse_target() nft-shared: Use xtables_calloc() include/xtables.h | 1 + iptables/ip6tables.c | 101 ++------------------------------------- iptables/iptables.c | 106 ++--------------------------------------- iptables/nft-arp.c | 9 +--- iptables/nft-shared.c | 13 +---- iptables/xshared.c | 101 +++++++++++++++++++++++++++++++++++++++ iptables/xshared.h | 4 ++ iptables/xtables-arp.c | 60 +---------------------- iptables/xtables.c | 104 ++-------------------------------------- libiptc/libiptc.c | 3 +- libxtables/xtables.c | 12 +++++ 11 files changed, 137 insertions(+), 377 deletions(-) -- 2.19.0
