netfilter: ipset: replace a strncpy() with strscpy()
authorQian Cai <cai@gmx.us>
Mon, 10 Dec 2018 13:39:38 +0000 (14:39 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 13 Dec 2018 23:04:08 +0000 (00:04 +0100)
To make overflows as obvious as possible and to prevent code from blithely
proceeding with a truncated string. This also has a side-effect to fix a
compilation warning when using GCC 8.2.1.

net/netfilter/ipset/ip_set_core.c: In function 'ip_set_sockfn_get':
net/netfilter/ipset/ip_set_core.c:2027:3: warning: 'strncpy' writing 32 bytes into a region of size 2 overflows the destination [-Wstringop-overflow=]

Signed-off-by: Qian Cai <cai@gmx.us>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/ipset/ip_set_core.c

index e3113aa1a975d51a83cdd8befd98746928de299d..45a257695befe57693c53a484f6be028e81fecf1 100644 (file)
@@ -2154,9 +2154,11 @@ ip_set_sockfn_get(struct sock *sk, int optval, void __user *user, int *len)
                }
                nfnl_lock(NFNL_SUBSYS_IPSET);
                set = ip_set(inst, req_get->set.index);
-               strncpy(req_get->set.name, set ? set->name : "",
-                       IPSET_MAXNAMELEN);
+               ret = strscpy(req_get->set.name, set ? set->name : "",
+                             IPSET_MAXNAMELEN);
                nfnl_unlock(NFNL_SUBSYS_IPSET);
+               if (ret < 0)
+                       goto done;
                goto copy;
        }
        default: