From: Guus Sliepen Date: Sat, 12 Jul 2014 12:35:29 +0000 (+0200) Subject: Fix unsafe use of strncpy() and sprintf(). X-Git-Tag: release-1.1pre11~66 X-Git-Url: https://git.tinc-vpn.org/git/browse?a=commitdiff_plain;h=5ffdff685a0e7d25f7c016f3a6cd89bb82fed71c;p=tinc Fix unsafe use of strncpy() and sprintf(). The strncpy() problem was found by cppcheck. --- diff --git a/src/subnet_parse.c b/src/subnet_parse.c index 1d54c134..c919b59a 100644 --- a/src/subnet_parse.c +++ b/src/subnet_parse.c @@ -186,6 +186,7 @@ int subnet_compare(const subnet_t *a, const subnet_t *b) { bool str2net(subnet_t *subnet, const char *subnetstr) { char str[1024]; strncpy(str, subnetstr, sizeof(str)); + str[sizeof str - 1] = 0; int consumed; int weight = DEFAULT_WEIGHT; @@ -255,7 +256,7 @@ bool str2net(subnet_t *subnet, const char *subnetstr) { for (int i = 0; i < 4; i++) if (x[i] > 255) return false; - sprintf(last_colon, ":%02x%02x:%02x%02x", x[0], x[1], x[2], x[3]); + snprintf(last_colon, sizeof str - (last_colon - str), ":%02x%02x:%02x%02x", x[0], x[1], x[2], x[3]); } char* double_colon = strstr(str, "::");