From 229b3d207216b23a107e4e1ee5584412f6b9318d Mon Sep 17 00:00:00 2001 From: Denis Vlasenko Date: Mon, 27 Nov 2006 23:44:57 +0000 Subject: do not overflow ifr_name. maybe it was safe in some places, but not everywhere. err to the safe side. --- networking/ether-wake.c | 2 +- networking/interface.c | 20 ++++++++++---------- networking/libiproute/ipaddress.c | 2 +- networking/libiproute/iplink.c | 14 +++++++------- networking/libiproute/iptunnel.c | 14 +++++++------- networking/route.c | 2 +- networking/udhcp/socket.c | 2 +- 7 files changed, 28 insertions(+), 28 deletions(-) diff --git a/networking/ether-wake.c b/networking/ether-wake.c index f870f6a5f..e205ffc00 100644 --- a/networking/ether-wake.c +++ b/networking/ether-wake.c @@ -145,7 +145,7 @@ int ether_wake_main(int argc, char *argv[]) { struct ifreq if_hwaddr; - strcpy(if_hwaddr.ifr_name, ifname); + strncpy(if_hwaddr.ifr_name, ifname, sizeof(if_hwaddr.ifr_name)); if (ioctl(s, SIOCGIFHWADDR, &if_hwaddr) < 0) bb_perror_msg_and_die("SIOCGIFHWADDR on %s failed", ifname); diff --git a/networking/interface.c b/networking/interface.c index 5f54fd9e5..cabfc063b 100644 --- a/networking/interface.c +++ b/networking/interface.c @@ -617,12 +617,12 @@ static int if_fetch(struct interface *ife) int fd; char *ifname = ife->name; - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(skfd, SIOCGIFFLAGS, &ifr) < 0) return -1; ife->flags = ifr.ifr_flags; - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(skfd, SIOCGIFHWADDR, &ifr) < 0) memset(ife->hwaddr, 0, 32); else @@ -630,20 +630,20 @@ static int if_fetch(struct interface *ife) ife->type = ifr.ifr_hwaddr.sa_family; - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(skfd, SIOCGIFMETRIC, &ifr) < 0) ife->metric = 0; else ife->metric = ifr.ifr_metric; - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(skfd, SIOCGIFMTU, &ifr) < 0) ife->mtu = 0; else ife->mtu = ifr.ifr_mtu; #ifdef SIOCGIFMAP - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(skfd, SIOCGIFMAP, &ifr) == 0) ife->map = ifr.ifr_map; else @@ -651,7 +651,7 @@ static int if_fetch(struct interface *ife) memset(&ife->map, 0, sizeof(struct ifmap)); #ifdef HAVE_TXQUEUELEN - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(skfd, SIOCGIFTXQLEN, &ifr) < 0) ife->tx_queue_len = -1; /* unknown value */ else @@ -663,24 +663,24 @@ static int if_fetch(struct interface *ife) /* IPv4 address? */ fd = get_socket_for_af(AF_INET); if (fd >= 0) { - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); ifr.ifr_addr.sa_family = AF_INET; if (ioctl(fd, SIOCGIFADDR, &ifr) == 0) { ife->has_ip = 1; ife->addr = ifr.ifr_addr; - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(fd, SIOCGIFDSTADDR, &ifr) < 0) memset(&ife->dstaddr, 0, sizeof(struct sockaddr)); else ife->dstaddr = ifr.ifr_dstaddr; - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(fd, SIOCGIFBRDADDR, &ifr) < 0) memset(&ife->broadaddr, 0, sizeof(struct sockaddr)); else ife->broadaddr = ifr.ifr_broadaddr; - strcpy(ifr.ifr_name, ifname); + strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(fd, SIOCGIFNETMASK, &ifr) < 0) memset(&ife->netmask, 0, sizeof(struct sockaddr)); else diff --git a/networking/libiproute/ipaddress.c b/networking/libiproute/ipaddress.c index 42cf629c6..2a267fef6 100644 --- a/networking/libiproute/ipaddress.c +++ b/networking/libiproute/ipaddress.c @@ -86,7 +86,7 @@ static void print_queuelen(char *name) return; memset(&ifr, 0, sizeof(ifr)); - strcpy(ifr.ifr_name, name); + strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); if (ioctl(s, SIOCGIFTXQLEN, &ifr) < 0) { perror("SIOCGIFXQLEN"); close(s); diff --git a/networking/libiproute/iplink.c b/networking/libiproute/iplink.c index f79dab402..1ea11f60b 100644 --- a/networking/libiproute/iplink.c +++ b/networking/libiproute/iplink.c @@ -61,7 +61,7 @@ static int do_chflags(char *dev, __u32 flags, __u32 mask) int fd; int err; - strcpy(ifr.ifr_name, dev); + strncpy(ifr.ifr_name, dev, sizeof(ifr.ifr_name)); fd = get_ctl_fd(); if (fd < 0) return -1; @@ -88,8 +88,8 @@ static int do_changename(char *dev, char *newdev) int fd; int err; - strcpy(ifr.ifr_name, dev); - strcpy(ifr.ifr_newname, newdev); + strncpy(ifr.ifr_name, dev, sizeof(ifr.ifr_name)); + strncpy(ifr.ifr_newname, newdev, sizeof(ifr.ifr_newname)); fd = get_ctl_fd(); if (fd < 0) return -1; @@ -113,7 +113,7 @@ static int set_qlen(char *dev, int qlen) return -1; memset(&ifr, 0, sizeof(ifr)); - strcpy(ifr.ifr_name, dev); + strncpy(ifr.ifr_name, dev, sizeof(ifr.ifr_name)); ifr.ifr_qlen = qlen; if (ioctl(s, SIOCSIFTXQLEN, &ifr) < 0) { perror("SIOCSIFXQLEN"); @@ -135,7 +135,7 @@ static int set_mtu(char *dev, int mtu) return -1; memset(&ifr, 0, sizeof(ifr)); - strcpy(ifr.ifr_name, dev); + strncpy(ifr.ifr_name, dev, sizeof(ifr.ifr_name)); ifr.ifr_mtu = mtu; if (ioctl(s, SIOCSIFMTU, &ifr) < 0) { perror("SIOCSIFMTU"); @@ -161,7 +161,7 @@ static int get_address(char *dev, int *htype) } memset(&ifr, 0, sizeof(ifr)); - strcpy(ifr.ifr_name, dev); + strncpy(ifr.ifr_name, dev, sizeof(ifr.ifr_name)); if (ioctl(s, SIOCGIFINDEX, &ifr) < 0) { perror("SIOCGIFINDEX"); close(s); @@ -194,7 +194,7 @@ static int parse_address(char *dev, int hatype, int halen, char *lla, struct ifr int alen; memset(ifr, 0, sizeof(*ifr)); - strcpy(ifr->ifr_name, dev); + strncpy(ifr->ifr_name, dev, sizeof(ifr->ifr_name)); ifr->ifr_hwaddr.sa_family = hatype; alen = ll_addr_a2n((unsigned char *)(ifr->ifr_hwaddr.sa_data), 14, lla); if (alen < 0) diff --git a/networking/libiproute/iptunnel.c b/networking/libiproute/iptunnel.c index 2b9d3055e..2080324ac 100644 --- a/networking/libiproute/iptunnel.c +++ b/networking/libiproute/iptunnel.c @@ -42,7 +42,7 @@ static int do_ioctl_get_ifindex(char *dev) struct ifreq ifr; int fd; - strcpy(ifr.ifr_name, dev); + strncpy(ifr.ifr_name, dev, sizeof(ifr.ifr_name)); fd = xsocket(AF_INET, SOCK_DGRAM, 0); if (ioctl(fd, SIOCGIFINDEX, &ifr)) { bb_perror_msg("ioctl"); @@ -57,7 +57,7 @@ static int do_ioctl_get_iftype(char *dev) struct ifreq ifr; int fd; - strcpy(ifr.ifr_name, dev); + strncpy(ifr.ifr_name, dev, sizeof(ifr.ifr_name)); fd = xsocket(AF_INET, SOCK_DGRAM, 0); if (ioctl(fd, SIOCGIFHWADDR, &ifr)) { bb_perror_msg("ioctl"); @@ -91,7 +91,7 @@ static int do_get_ioctl(char *basedev, struct ip_tunnel_parm *p) int fd; int err; - strcpy(ifr.ifr_name, basedev); + strncpy(ifr.ifr_name, basedev, sizeof(ifr.ifr_name)); ifr.ifr_ifru.ifru_data = (void*)p; fd = xsocket(AF_INET, SOCK_DGRAM, 0); err = ioctl(fd, SIOCGETTUNNEL, &ifr); @@ -109,9 +109,9 @@ static int do_add_ioctl(int cmd, char *basedev, struct ip_tunnel_parm *p) int err; if (cmd == SIOCCHGTUNNEL && p->name[0]) { - strcpy(ifr.ifr_name, p->name); + strncpy(ifr.ifr_name, p->name, sizeof(ifr.ifr_name)); } else { - strcpy(ifr.ifr_name, basedev); + strncpy(ifr.ifr_name, basedev, sizeof(ifr.ifr_name)); } ifr.ifr_ifru.ifru_data = (void*)p; fd = xsocket(AF_INET, SOCK_DGRAM, 0); @@ -130,9 +130,9 @@ static int do_del_ioctl(char *basedev, struct ip_tunnel_parm *p) int err; if (p->name[0]) { - strcpy(ifr.ifr_name, p->name); + strncpy(ifr.ifr_name, p->name, sizeof(ifr.ifr_name)); } else { - strcpy(ifr.ifr_name, basedev); + strncpy(ifr.ifr_name, basedev, sizeof(ifr.ifr_name)); } ifr.ifr_ifru.ifru_data = (void*)p; fd = xsocket(AF_INET, SOCK_DGRAM, 0); diff --git a/networking/route.c b/networking/route.c index f343d064c..a8926f44e 100644 --- a/networking/route.c +++ b/networking/route.c @@ -422,7 +422,7 @@ static void INET6_setroute(int action, char **args) if (devname) { struct ifreq ifr; memset(&ifr, 0, sizeof(ifr)); - strcpy(ifr.ifr_name, devname); + strncpy(ifr.ifr_name, devname, sizeof(ifr.ifr_name)); if (ioctl(skfd, SIOGIFINDEX, &ifr) < 0) { bb_perror_msg_and_die("SIOGIFINDEX"); diff --git a/networking/udhcp/socket.c b/networking/udhcp/socket.c index b27dca300..92bf4cccf 100644 --- a/networking/udhcp/socket.c +++ b/networking/udhcp/socket.c @@ -51,7 +51,7 @@ int read_interface(char *interface, int *ifindex, uint32_t *addr, uint8_t *arp) } ifr.ifr_addr.sa_family = AF_INET; - strcpy(ifr.ifr_name, interface); + strncpy(ifr.ifr_name, interface, sizeof(ifr.ifr_name)); if (addr) { if (ioctl(fd, SIOCGIFADDR, &ifr) == 0) { bb_perror_msg("SIOCGIFADDR failed, is the interface up and configured?"); -- cgit v1.2.3