From 5ffdff685a0e7d25f7c016f3a6cd89bb82fed71c Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Sat, 12 Jul 2014 14:35:29 +0200 Subject: [PATCH] Fix unsafe use of strncpy() and sprintf(). The strncpy() problem was found by cppcheck. --- src/subnet_parse.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/subnet_parse.c b/src/subnet_parse.c index 1d54c13..c919b59 100644 --- a/src/subnet_parse.c +++ b/src/subnet_parse.c @@ -186,6 +186,7 @@ int subnet_compare(const subnet_t *a, const subnet_t *b) { bool str2net(subnet_t *subnet, const char *subnetstr) { char str[1024]; strncpy(str, subnetstr, sizeof(str)); + str[sizeof str - 1] = 0; int consumed; int weight = DEFAULT_WEIGHT; @@ -255,7 +256,7 @@ bool str2net(subnet_t *subnet, const char *subnetstr) { for (int i = 0; i < 4; i++) if (x[i] > 255) return false; - sprintf(last_colon, ":%02x%02x:%02x%02x", x[0], x[1], x[2], x[3]); + snprintf(last_colon, sizeof str - (last_colon - str), ":%02x%02x:%02x%02x", x[0], x[1], x[2], x[3]); } char* double_colon = strstr(str, "::"); -- 2.25.1