* [libnftnl PATCH] data_reg: fix bad buffer size bounds
@ 2014-05-06 17:19 Arturo Borrero Gonzalez
2014-05-07 13:39 ` Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Arturo Borrero Gonzalez @ 2014-05-06 17:19 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo
These calls need to use the new buffer size, instead of the
size that the buffer originally had.
Bugs introduced by myself at dec68741 [data_reg: fix verdict format approach].
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
---
src/expr/data_reg.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c
index 0523cb7..44281f7 100644
--- a/src/expr/data_reg.c
+++ b/src/expr/data_reg.c
@@ -304,7 +304,7 @@ nft_data_reg_verdict_snprintf_def(char *buf, size_t size,
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
if (reg->chain != NULL) {
- ret = snprintf(buf+offset, size, "-> %s ", reg->chain);
+ ret = snprintf(buf+offset, len, "-> %s ", reg->chain);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
}
@@ -322,12 +322,12 @@ nft_data_reg_verdict_snprintf_xml(char *buf, size_t size,
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
if (reg->chain != NULL) {
- ret = snprintf(buf+offset, size, "<chain>%s</chain>",
+ ret = snprintf(buf+offset, len, "<chain>%s</chain>",
reg->chain);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
}
- ret = snprintf(buf+offset, size, "</data_reg>");
+ ret = snprintf(buf+offset, len, "</data_reg>");
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
return offset;
@@ -344,12 +344,12 @@ nft_data_reg_verdict_snprintf_json(char *buf, size_t size,
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
if (reg->chain != NULL) {
- ret = snprintf(buf+offset, size, ",\"chain\":\"%s\"",
+ ret = snprintf(buf+offset, len, ",\"chain\":\"%s\"",
reg->chain);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
}
- ret = snprintf(buf+offset, size, "}");
+ ret = snprintf(buf+offset, len, "}");
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
return offset;
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [libnftnl PATCH] data_reg: fix bad buffer size bounds
2014-05-06 17:19 [libnftnl PATCH] data_reg: fix bad buffer size bounds Arturo Borrero Gonzalez
@ 2014-05-07 13:39 ` Pablo Neira Ayuso
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2014-05-07 13:39 UTC (permalink / raw)
To: Arturo Borrero Gonzalez; +Cc: netfilter-devel
On Tue, May 06, 2014 at 07:19:46PM +0200, Arturo Borrero Gonzalez wrote:
> These calls need to use the new buffer size, instead of the
> size that the buffer originally had.
>
> Bugs introduced by myself at dec68741 [data_reg: fix verdict format approach].
Applied, thanks Arturo.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-05-07 13:39 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-06 17:19 [libnftnl PATCH] data_reg: fix bad buffer size bounds Arturo Borrero Gonzalez
2014-05-07 13:39 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).