Skip to content

L
lxc
Unverified Commit edc59b8c by Donghwa Jeong Committed by Christian Brauner
Options

secure coding: network: strcpy => strlcpy

Signed-off-by: 's avatarDonghwa Jeong <dh48.jeong@samsung.com>
parent b1528b42
Showing with 10 additions and 7 deletions
src/lxc/network.c 100755 → 100644
...@@ -1911,7 +1911,7 @@ char *lxc_mkifname(char *template) ...@@ -1911,7 +1911,7 @@ char *lxc_mkifname(char *template)
/* Generate random names until we find one that doesn't exist. */ /* Generate random names until we find one that doesn't exist. */
while (true) { while (true) {
name[0] = '\0'; name[0] = '\0';
strcpy(name, template); (void)strlcpy(name, template, IFNAMSIZ);
exists = false; exists = false;
for (i = 0; i < strlen(name); i++) { for (i = 0; i < strlen(name); i++) {
...@@ -1936,7 +1936,9 @@ char *lxc_mkifname(char *template) ...@@ -1936,7 +1936,9 @@ char *lxc_mkifname(char *template)
} }
freeifaddrs(ifaddr); freeifaddrs(ifaddr);
return strcpy(template, name); (void)strlcpy(template, name, strlen(template) + 1);
return template;
} }
int setup_private_host_hw_addr(char *veth1) int setup_private_host_hw_addr(char *veth1)
...@@ -2028,6 +2030,7 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna ...@@ -2028,6 +2030,7 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna
char *token, *saveptr = NULL; char *token, *saveptr = NULL;
char netdev_link[IFNAMSIZ]; char netdev_link[IFNAMSIZ];
char buffer[MAXPATHLEN] = {0}; char buffer[MAXPATHLEN] = {0};
size_t retlen;
if (netdev->type != LXC_NET_VETH) { if (netdev->type != LXC_NET_VETH) {
ERROR("Network type %d not support for unprivileged use", netdev->type); ERROR("Network type %d not support for unprivileged use", netdev->type);
...@@ -2144,12 +2147,12 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna ...@@ -2144,12 +2147,12 @@ static int lxc_create_network_unpriv_exec(const char *lxcpath, const char *lxcna
return -1; return -1;
} }
if (strlen(token) >= IFNAMSIZ) { retlen = strlcpy(netdev->priv.veth_attr.veth1, token, IFNAMSIZ);
if (retlen >= IFNAMSIZ) {
ERROR("Host side veth device name returned by lxc-user-nic is " ERROR("Host side veth device name returned by lxc-user-nic is "
"too long"); "too long");
return -E2BIG; return -E2BIG;
} }
strcpy(netdev->priv.veth_attr.veth1, token);
/* netdev->priv.veth_attr.ifindex */ /* netdev->priv.veth_attr.ifindex */
token = strtok_r(NULL, ":", &saveptr); token = strtok_r(NULL, ":", &saveptr);
...@@ -2785,9 +2788,9 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev) ...@@ -2785,9 +2788,9 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev)
*/ */
if (netdev->name[0] == '\0') { if (netdev->name[0] == '\0') {
if (netdev->type == LXC_NET_PHYS) if (netdev->type == LXC_NET_PHYS)
strcpy(netdev->name, netdev->link); (void)strlcpy(netdev->name, netdev->link, IFNAMSIZ);
else else
strcpy(netdev->name, "eth%d"); (void)strlcpy(netdev->name, "eth%d", IFNAMSIZ);
} }
/* rename the interface name */ /* rename the interface name */
...@@ -2813,7 +2816,7 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev) ...@@ -2813,7 +2816,7 @@ static int lxc_setup_netdev_in_child_namespaces(struct lxc_netdev *netdev)
* name of the network device in the child's network namespace. We will * name of the network device in the child's network namespace. We will
* later on send this information back to the parent. * later on send this information back to the parent.
*/ */
strcpy(netdev->name, current_ifname); (void)strlcpy(netdev->name, current_ifname, IFNAMSIZ);
/* set a mac address */ /* set a mac address */
if (netdev->hwaddr) { if (netdev->hwaddr) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment