Merge pull request #2417 from 2xsec/bugfix

secure coding: #3 strcpy => strlcpy

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index d019c898484ff9843d70440b3795ae2c02c0b80a..82ee093fd0f9aab34b00e0368ffe7b28d844f835 100644 (file)
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -450,7 +450,7 @@ static int set_config_net_link(const char *key, const char *value,
        if (value[strlen(value) - 1] == '+' && netdev->type == LXC_NET_PHYS)
                ret = create_matched_ifnames(value, lxc_conf, netdev);
        else
-               ret = network_ifname(netdev->link, value);
+               ret = network_ifname(netdev->link, value, sizeof(netdev->link));
 
        return ret;
 }
@@ -466,7 +466,7 @@ static int set_config_net_name(const char *key, const char *value,
        if (!netdev)
                return -1;
 
-       return network_ifname(netdev->name, value);
+       return network_ifname(netdev->name, value, sizeof(netdev->name));
 }
 
 static int set_config_net_veth_pair(const char *key, const char *value,
@@ -480,7 +480,7 @@ static int set_config_net_veth_pair(const char *key, const char *value,
        if (!netdev)
                return -1;
 
-       return network_ifname(netdev->priv.veth_attr.pair, value);
+       return network_ifname(netdev->priv.veth_attr.pair, value, sizeof(netdev->priv.veth_attr.pair));
 }
 
 static int set_config_net_macvlan_mode(const char *key, const char *value,

diff --git a/src/lxc/confile_utils.c b/src/lxc/confile_utils.c
index 5686c60e9ca4851f4bf54ebdb7fb7d2821869de9..30df78d940786c255b68613edc1a8ce3034ed057 100644 (file)
--- a/src/lxc/confile_utils.c
+++ b/src/lxc/confile_utils.c
@@ -36,6 +36,10 @@
 #include "parse.h"
 #include "utils.h"
 
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
+
 lxc_log_define(lxc_confile_utils, lxc);
 
 int parse_idmaps(const char *idmap, char *type, unsigned long *nsid,
@@ -509,14 +513,19 @@ int config_ip_prefix(struct in_addr *addr)
        return 0;
 }
 
-int network_ifname(char *valuep, const char *value)
+int network_ifname(char *valuep, const char *value, size_t size)
 {
-       if (strlen(value) >= IFNAMSIZ) {
+       size_t retlen;
+
+       if (!valuep || !value)
+               return -1;
+
+       retlen = strlcpy(valuep, value, size);
+       if (retlen >= size) {
                ERROR("Network devie name \"%s\" is too long (>= %zu)", value,
-                     (size_t)IFNAMSIZ);
+                     size);
        }
 
-       strcpy(valuep, value);
        return 0;
 }
 

diff --git a/src/lxc/confile_utils.h b/src/lxc/confile_utils.h
index 1e20c4f5fcd6e0aa99168038c8dd1cb0d3c7a9d3..a5b76820e2163fd17d865002233b1f2abc873b4e 100644 (file)
--- a/src/lxc/confile_utils.h
+++ b/src/lxc/confile_utils.h
@@ -80,7 +80,7 @@ extern int set_config_string_item_max(char **conf_item, const char *value,
                                      size_t max);
 extern int set_config_path_item(char **conf_item, const char *value);
 extern int config_ip_prefix(struct in_addr *addr);
-extern int network_ifname(char *valuep, const char *value);
+extern int network_ifname(char *valuep, const char *value, size_t size);
 extern int rand_complete_hwaddr(char *hwaddr);
 extern bool lxc_config_net_hwaddr(const char *line);
 extern void update_hwaddr(const char *line);

diff --git a/src/tests/attach.c b/src/tests/attach.c
index 452ba8652afdefd3228ff058d13a2f7678641257..7a1519b9fc79433c1ac3e31bc09f9d1ef4762b3d 100644 (file)
--- a/src/tests/attach.c
+++ b/src/tests/attach.c
@@ -32,6 +32,10 @@
 
 #include <lxc/lxccontainer.h>
 
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
+
 #define TSTNAME    "lxc-attach-test"
 #define TSTOUT(fmt, ...) do { \
        fprintf(stdout, fmt, ##__VA_ARGS__); fflush(NULL); \
@@ -399,7 +403,8 @@ int main(int argc, char *argv[])
        char template[sizeof(P_tmpdir"/attach_XXXXXX")];
        int fret = EXIT_FAILURE;
 
-       strcpy(template, P_tmpdir"/attach_XXXXXX");
+       (void)strlcpy(template, P_tmpdir"/attach_XXXXXX", sizeof(template));
+
        i = lxc_make_tmpfile(template, false);
        if (i < 0) {
                lxc_error("Failed to create temporary log file for container %s\n", TSTNAME);

diff --git a/src/tests/cgpath.c b/src/tests/cgpath.c
index e794e565f01931f946aefb470b32bf057fe32172..fa8d476781f853bf8d7978e9f03b2bcd151f339b 100644 (file)
--- a/src/tests/cgpath.c
+++ b/src/tests/cgpath.c
@@ -33,6 +33,10 @@
 #include "lxc.h"
 #include "commands.h"
 
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
+
 #define MYNAME "lxctest1"
 
 #define TSTERR(fmt, ...) do { \
@@ -87,7 +91,7 @@ static int test_running_container(const char *lxcpath,
                TSTERR("cgroup_get failed");
                goto err3;
        }
-       strcpy(value_save, value);
+       (void)strlcpy(value_save, value, NAME_MAX);
 
        ret = cgroup_ops->set(cgroup_ops, "memory.soft_limit_in_bytes", "512M",
                              c->name, c->config_path);

diff --git a/src/tests/shortlived.c b/src/tests/shortlived.c
index af5bb2eb7e0b0afabdd8883e698796111566bd1d..2a039a2f392b9db952cd7b4a71bcb4adfc6f96af 100644 (file)
--- a/src/tests/shortlived.c
+++ b/src/tests/shortlived.c
@@ -31,6 +31,10 @@
 #include "lxctest.h"
 #include "utils.h"
 
+#ifndef HAVE_STRLCPY
+#include "include/strlcpy.h"
+#endif
+
 #define MYNAME "shortlived"
 
 static int destroy_container(void)
@@ -103,7 +107,8 @@ int main(int argc, char *argv[])
        char template[sizeof(P_tmpdir"/shortlived_XXXXXX")];
        int ret = EXIT_FAILURE;
 
-       strcpy(template, P_tmpdir"/shortlived_XXXXXX");
+       (void)strlcpy(template, P_tmpdir"/shortlived_XXXXXX", sizeof(template));
+
        i = lxc_make_tmpfile(template, false);
        if (i < 0) {
                lxc_error("Failed to create temporary log file for container %s\n", MYNAME);