The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1935
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
In the case of "lxc.net.0.type", the pointers passed to strncpy were
only 2 elements apart, resulting in undefined behavior.
Signed-off-by: Felix Abecassis <fabecas...@nvidia.com>
From ee3e84df78424d26fc6c90862fbe0fa92a686b0d Mon Sep 17 00:00:00 2001
From: Felix Abecassis <fabecas...@nvidia.com>
Date: Tue, 21 Nov 2017 22:27:19 -0800
Subject: [PATCH] confile_utils: fix overlapping strncpy
In the case of "lxc.net.0.type", the pointers passed to strncpy were
only 2 elements apart, resulting in undefined behavior.
Signed-off-by: Felix Abecassis <fabecas...@nvidia.com>
---
src/lxc/confile_utils.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/lxc/confile_utils.c b/src/lxc/confile_utils.c
index d86a2d88e..50f42ef8c 100644
--- a/src/lxc/confile_utils.c
+++ b/src/lxc/confile_utils.c
@@ -567,7 +567,8 @@ bool lxc_config_net_hwaddr(const char *line)
return false;
}
/* strlen("hwaddr") = 6 */
- strncpy(copy + 8, p + 1, 6);
+ if (strlen(p + 1) >= 6)
+ memmove(copy + 8, p + 1, 6);
copy[8 + 6] = '\0';
}
if (strncmp(copy, "lxc.net.hwaddr", 14) == 0) {
@@ -591,7 +592,8 @@ bool lxc_config_net_hwaddr(const char *line)
return false;
}
/* strlen("hwaddr") = 6 */
- strncpy(copy + 12, p + 1, 6);
+ if (strlen(p + 1) >= 6)
+ memmove(copy + 12, p + 1, 6);
copy[12 + 6] = '\0';
}
if (strncmp(copy, "lxc.network.hwaddr", 18) == 0) {
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
