diff options
author | harti <harti@FreeBSD.org> | 2004-02-21 16:29:10 +0000 |
---|---|---|
committer | harti <harti@FreeBSD.org> | 2004-02-21 16:29:10 +0000 |
commit | 18065b763bf77571a33d562af62e14b026dfe363 (patch) | |
tree | fe2e313e01126a57830d800b2e7f168bfd674194 /lib/libatm | |
parent | 44ed42c915c99946ac708aab8960ce671fa01574 (diff) | |
download | FreeBSD-src-18065b763bf77571a33d562af62e14b026dfe363.zip FreeBSD-src-18065b763bf77571a33d562af62e14b026dfe363.tar.gz |
Fix a couple of potential buffer overflows.
Submitted by: christer.oberg@texonet.com
Diffstat (limited to 'lib/libatm')
-rw-r--r-- | lib/libatm/ioctl_subr.c | 8 | ||||
-rw-r--r-- | lib/libatm/ip_addr.c | 14 |
2 files changed, 10 insertions, 12 deletions
diff --git a/lib/libatm/ioctl_subr.c b/lib/libatm/ioctl_subr.c index dd5dafb..f7b15f1 100644 --- a/lib/libatm/ioctl_subr.c +++ b/lib/libatm/ioctl_subr.c @@ -161,7 +161,7 @@ get_vcc_info(const char *intf, struct air_vcc_rsp **vccp) air.air_opcode = AIOCS_INF_VCC; bzero(air.air_vcc_intf, sizeof(air.air_vcc_intf)); if (intf != NULL && strlen(intf) != 0) - strcpy(air.air_vcc_intf, intf); + strncpy(air.air_vcc_intf, intf, IFNAMSIZ - 1); buf_len = do_info_ioctl(&air, buf_len); @@ -375,7 +375,7 @@ get_cfg_info(const char *intf, struct air_cfg_rsp **cfgp) air.air_opcode = AIOCS_INF_CFG; bzero ( air.air_cfg_intf, sizeof(air.air_cfg_intf)); if ( intf != NULL && strlen(intf) != 0 ) - strcpy ( air.air_cfg_intf, intf ); + strncpy(air.air_cfg_intf, intf, IFNAMSIZ - 1); buf_len = do_info_ioctl ( &air, buf_len ); @@ -411,7 +411,7 @@ get_intf_info(const char *intf, struct air_int_rsp **intp) air.air_opcode = AIOCS_INF_INT; bzero ( air.air_int_intf, sizeof(air.air_int_intf)); if ( intf != NULL && strlen(intf) != 0 ) - strcpy ( air.air_int_intf, intf ); + strncpy(air.air_int_intf, intf, IFNAMSIZ - 1); buf_len = do_info_ioctl ( &air, buf_len ); @@ -448,7 +448,7 @@ get_netif_info(const char *intf, struct air_netif_rsp **netp) air.air_opcode = AIOCS_INF_NIF; bzero ( air.air_int_intf, sizeof(air.air_int_intf) ); if ( intf != NULL && strlen(intf) != 0 ) - strcpy ( air.air_int_intf, intf ); + strncpy(air.air_int_intf, intf, IFNAMSIZ - 1); buf_len = do_info_ioctl ( &air, buf_len ); diff --git a/lib/libatm/ip_addr.c b/lib/libatm/ip_addr.c index a653207..d3a5276 100644 --- a/lib/libatm/ip_addr.c +++ b/lib/libatm/ip_addr.c @@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$"); #include <sys/types.h> #include <sys/param.h> #include <sys/socket.h> +#include <stdio.h> #include <net/if.h> #include <netinet/in.h> #include <arpa/inet.h> @@ -118,7 +119,7 @@ get_ip_addr(const char *p) const char * format_ip_addr(const struct in_addr *addr) { - static char host_name[128]; + static char host_name[MAXHOSTNAMELEN + 18]; char *ip_num; struct hostent *ip_host; @@ -143,16 +144,13 @@ format_ip_addr(const struct in_addr *addr) * Look up name in DNS */ ip_host = gethostbyaddr((const char *)addr, sizeof(addr), AF_INET); - if (ip_host && ip_host->h_name && - strlen(ip_host->h_name)) { + if (ip_host && ip_host->h_name && strlen(ip_host->h_name)) { /* * Return host name followed by dotted decimal address */ - strcpy(host_name, ip_host->h_name); - strcat(host_name, " ("); - strcat(host_name, ip_num); - strcat(host_name, ")"); - return(host_name); + snprintf(host_name, sizeof(host_name), "%s (%s)", + ip_host->h_name, ip_num); + return (host_name); } else { /* * No host name -- just return dotted decimal address |