projects
/
oweals
/
firewall3.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
redirects: fix segmentation fault
[oweals/firewall3.git]
/
redirects.c
diff --git
a/redirects.c
b/redirects.c
index b928287deebb0f8407aa5ecbc4dab75bdda05c66..9a827b65a892cb9d8794ecdc3bd0a3189a903c0f 100644
(file)
--- a/
redirects.c
+++ b/
redirects.c
@@
-155,7
+155,7
@@
resolve_dest(struct uci_element *e, struct fw3_redirect *redir,
if (!compare_addr(addr, &redir->ip_redir))
continue;
if (!compare_addr(addr, &redir->ip_redir))
continue;
- s
trncpy(redir->dest.name, zone->name, sizeof(redir->dest.name) - 1
);
+ s
nprintf(redir->dest.name, sizeof(redir->dest.name), "%s", zone->name
);
redir->dest.set = true;
redir->_dest = zone;
redir->dest.set = true;
redir->_dest = zone;
@@
-458,14
+458,14
@@
append_chain_nat(struct fw3_ipt_rule *r, struct fw3_redirect *redir)
static void
set_redirect(struct fw3_ipt_rule *r, struct fw3_port *port)
{
static void
set_redirect(struct fw3_ipt_rule *r, struct fw3_port *port)
{
- char buf[sizeof("65535-65535
\0
")];
+ char buf[sizeof("65535-65535")];
fw3_ipt_rule_target(r, "REDIRECT");
if (port && port->set)
{
if (port->port_min == port->port_max)
fw3_ipt_rule_target(r, "REDIRECT");
if (port && port->set)
{
if (port->port_min == port->port_max)
- s
printf(buf
, "%u", port->port_min);
+ s
nprintf(buf, sizeof(buf)
, "%u", port->port_min);
else
snprintf(buf, sizeof(buf), "%u-%u", port->port_min, port->port_max);
else
snprintf(buf, sizeof(buf), "%u-%u", port->port_min, port->port_max);
@@
-477,22
+477,30
@@
static void
set_snat_dnat(struct fw3_ipt_rule *r, enum fw3_flag target,
struct fw3_address *addr, struct fw3_port *port)
{
set_snat_dnat(struct fw3_ipt_rule *r, enum fw3_flag target,
struct fw3_address *addr, struct fw3_port *port)
{
- char buf[sizeof("255.255.255.255:65535-65535\0")];
-
- buf[0] = '\0';
+ char buf[sizeof("255.255.255.255:65535-65535")] = {};
+ char ip[INET_ADDRSTRLEN], *p = buf;
+ size_t rem = sizeof(buf);
+ int len;
if (addr && addr->set)
{
if (addr && addr->set)
{
- inet_ntop(AF_INET, &addr->address.v4, buf, sizeof(buf));
+ inet_ntop(AF_INET, &addr->address.v4, ip, sizeof(ip));
+
+ len = snprintf(p, rem, "%s", ip);
+
+ if (len < 0 || len >= rem)
+ return;
+
+ rem -= len;
+ p += len;
}
if (port && port->set)
{
if (port->port_min == port->port_max)
}
if (port && port->set)
{
if (port->port_min == port->port_max)
- s
printf(buf + strlen(buf)
, ":%u", port->port_min);
+ s
nprintf(p, rem
, ":%u", port->port_min);
else
else
- sprintf(buf + strlen(buf), ":%u-%u",
- port->port_min, port->port_max);
+ snprintf(p, rem, ":%u-%u", port->port_min, port->port_max);
}
if (target == FW3_FLAG_DNAT)
}
if (target == FW3_FLAG_DNAT)
@@
-708,9
+716,8
@@
expand_redirect(struct fw3_ipt_handle *handle, struct fw3_state *state,
return;
ext_addrs = fw3_resolve_zone_addresses(redir->_src, &redir->ip_dest);
return;
ext_addrs = fw3_resolve_zone_addresses(redir->_src, &redir->ip_dest);
-
if (!ext_addrs)
if (!ext_addrs)
-
goto out
;
+
return
;
list_for_each_entry(ext_addr, ext_addrs, list)
{
list_for_each_entry(ext_addr, ext_addrs, list)
{
@@
-733,6
+740,9
@@
expand_redirect(struct fw3_ipt_handle *handle, struct fw3_state *state,
continue;
int_addrs = fw3_resolve_zone_addresses(zone, NULL);
continue;
int_addrs = fw3_resolve_zone_addresses(zone, NULL);
+ if (!int_addrs)
+ continue;
+
list_for_each_entry(int_addr, int_addrs, list)
{
if (!fw3_is_family(int_addr, handle->family))
list_for_each_entry(int_addr, int_addrs, list)
{
if (!fw3_is_family(int_addr, handle->family))
@@
-755,12
+765,12
@@
expand_redirect(struct fw3_ipt_handle *handle, struct fw3_state *state,
&ref_addr, int_addr, ext_addr, reflection_zone);
}
}
&ref_addr, int_addr, ext_addr, reflection_zone);
}
}
+
+ fw3_free_list(int_addrs);
}
}
}
}
-out:
fw3_free_list(ext_addrs);
fw3_free_list(ext_addrs);
- fw3_free_list(int_addrs);
}
void
}
void