From: Hans Dedecker Date: Thu, 3 May 2018 15:21:15 +0000 (+0200) Subject: odhcpd: fix strncpy bounds X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=4983ee551a743e55bb2f2ec12ceab0ddba13eb2d;p=project%2Fodhcpd.git odhcpd: fix strncpy bounds Fix strncpy bounds as reported by Coverity in CID 1412278 and 1412293 Signed-off-by: Hans Dedecker --- diff --git a/src/dhcpv4.c b/src/dhcpv4.c index db5f138..35a3ad0 100644 --- a/src/dhcpv4.c +++ b/src/dhcpv4.c @@ -779,8 +779,10 @@ static void handle_dhcpv4(void *addr, void *data, size_t len, } } - struct ifreq ifr = {.ifr_name = ""}; - strncpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name)); + struct ifreq ifr; + + memset(&ifr, 0, sizeof(ifr)); + strncpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name) - 1); if (!ioctl(sock, SIOCGIFMTU, &ifr)) { uint16_t mtu = htons(ifr.ifr_mtu); diff --git a/src/odhcpd.c b/src/odhcpd.c index 71b803d..8aa4571 100644 --- a/src/odhcpd.c +++ b/src/odhcpd.c @@ -143,10 +143,12 @@ int odhcpd_get_interface_config(const char *ifname, const char *what) int odhcpd_get_mac(const struct interface *iface, uint8_t mac[6]) { struct ifreq ifr; + memset(&ifr, 0, sizeof(ifr)); - strncpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name)); + strncpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name) - 1); if (ioctl(ioctl_sock, SIOCGIFHWADDR, &ifr) < 0) return -1; + memcpy(mac, ifr.ifr_hwaddr.sa_data, 6); return 0; }