Re: [B.A.T.M.A.N.] [PATCH] alfred: Avoid buffer overflow while querying ARP cache

On Friday, January 27, 2017 3:10:44 PM CET Sven Eckelmann wrote: > The arpreq.arp_dev is a limited buffer (16 bytes). Avoid that more bytes > from the interface name are copied into this buffer by switching from > strcpy to strncpy. > > Fixes: c7da798113a2 ("alfred: IPv4 multicast distribution

Re: [B.A.T.M.A.N.] [PATCH] alfred: Avoid buffer overflow while querying ARP cache

On Freitag, 27. Januar 2017 22:34:22 CET Antonio Quartulli wrote: [...] > arpreq is already set to 0 few lines above. why not simpling > "sizeof(arpreq.arp_dev) - 1" as last argument for the strncpy() and avoid the > line below? > > Or is this required for consistency with the rest of the code?

Re: [B.A.T.M.A.N.] [PATCH] alfred: Avoid buffer overflow while querying ARP cache

On Fri, Jan 27, 2017 at 03:10:44PM +0100, Sven Eckelmann wrote: > The arpreq.arp_dev is a limited buffer (16 bytes). Avoid that more bytes > from the interface name are copied into this buffer by switching from > strcpy to strncpy. > > Fixes: c7da798113a2 ("alfred: IPv4 multicast distribution

[B.A.T.M.A.N.] [PATCH] alfred: Avoid buffer overflow while querying ARP cache

The arpreq.arp_dev is a limited buffer (16 bytes). Avoid that more bytes from the interface name are copied into this buffer by switching from strcpy to strncpy. Fixes: c7da798113a2 ("alfred: IPv4 multicast distribution support.") Signed-off-by: Sven Eckelmann --- util.c | 4