[lxc-devel] [lxc/master] confile_utils: fix overlapping strncpy
flx42 on Github
lxc-bot at linuxcontainers.org
Wed Nov 22 06:34:26 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 484 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20171122/78d62da5/attachment.bin>
-------------- next part --------------
From ee3e84df78424d26fc6c90862fbe0fa92a686b0d Mon Sep 17 00:00:00 2001
From: Felix Abecassis <fabecassis at nvidia.com>
Date: Tue, 21 Nov 2017 22:27:19 -0800
Subject: [PATCH] confile_utils: fix overlapping strncpy
In the case of "lxc.net.0.type", the pointers passed to strncpy were
only 2 elements apart, resulting in undefined behavior.
Signed-off-by: Felix Abecassis <fabecassis at nvidia.com>
---
src/lxc/confile_utils.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/lxc/confile_utils.c b/src/lxc/confile_utils.c
index d86a2d88e..50f42ef8c 100644
--- a/src/lxc/confile_utils.c
+++ b/src/lxc/confile_utils.c
@@ -567,7 +567,8 @@ bool lxc_config_net_hwaddr(const char *line)
return false;
}
/* strlen("hwaddr") = 6 */
- strncpy(copy + 8, p + 1, 6);
+ if (strlen(p + 1) >= 6)
+ memmove(copy + 8, p + 1, 6);
copy[8 + 6] = '\0';
}
if (strncmp(copy, "lxc.net.hwaddr", 14) == 0) {
@@ -591,7 +592,8 @@ bool lxc_config_net_hwaddr(const char *line)
return false;
}
/* strlen("hwaddr") = 6 */
- strncpy(copy + 12, p + 1, 6);
+ if (strlen(p + 1) >= 6)
+ memmove(copy + 12, p + 1, 6);
copy[12 + 6] = '\0';
}
if (strncmp(copy, "lxc.network.hwaddr", 18) == 0) {
More information about the lxc-devel
mailing list