From nobody Tue Nov 19 00:26:46 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Xslft4rQYz5dGb3; Tue, 19 Nov 2024 00:26:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Xslft2JBQz4db9; Tue, 19 Nov 2024 00:26:46 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731976006; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/iAZMolzmDXVW77aEsV4fdb1DTB4foFwzHMVJsPcrQE=; b=XCf0i2Aru4q0UuKXypJ02Y/GFRv/wVU3t0Ou0G8CqGvVePQHTVWPHlRvGVNJbMg+MUmg6p IjR4wgFD8PJqbrxvVgnHC7KDvVH3Cq6EIvxdAl3Dzk1by3vtQa+BoXBYUxQNlkiFzTgi4y bmqfI6jU6iRiU1eFFh7AmILgwvB1uMsGfE/usPwaTzUGPno7PkDrCfSimd8q7NGx62d0ec 6LwQu+r69EotWTlseCDZ1VqN8QhN1+0mIlN7rpK7R2b3Gshe6jt9ewNuWvp41gkSs8RVek MlVzP0CUihIaep/GPNqN2cTkthn+DLIaSvP5HVjET8HeJixoFaKpH1j5PWuBmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1731976006; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/iAZMolzmDXVW77aEsV4fdb1DTB4foFwzHMVJsPcrQE=; b=bgYWFdxF+GmmLYX9lgldwRsdqbdxQiD0jRwUVT425yDV5+HYnr8ITlAHbhsWgjpKfmrpuf lRq7pMGvIG6lDJNM09zrN+M03l2iTXEofYCX0TPXN8S/y/WUvGhW3XFocCYN88gH/YP0rX emvtHkBdChzt9LqcO/2lhOxmbxRjQLpRVXS2Royue13xiLkCoWINL2dzhqMcNMcY6tDD2Z EHOTHoIx6zyvWg9epc/z/lsTHd1VXPxB7ivEHNxyyvAvwZa8ALSnqL1kyvXhsCi//XSQXy 0jvbhdflPPL49k3VFpAKUr7Jm40oG082xjhr7roSZ6FSP8n3Tl14LfAfMjnJBA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1731976006; a=rsa-sha256; cv=none; b=rRam0uypzs8hAp15473VVsNUhVpY+3LqwRLKQ37dyTqaAOsXvQu1MbDxZiO4LinG8kwlaa ekYjRNB0ZRax7m4nRS68/kmLXK+HHgmpA8+G7W+b8mMuvCs8rgFMY20zKZOaiKInFALKbW AXlQo4Zo5eJ9mxc7lNEjFqixNRSrzFePbAcU1cnEywLURNSmkxsKEgRVmiJgmeG8ROMRBr YRVYt9K7g0UY6b20VFQpK3rpg4exj0ZZRusdAjVImK5ZP+dD9SCZf17oq7rAyZGFyZLSyJ NfYV2imF9EIVafMlCFplB+4vIr+RZgsH2WT37HPV+NWU7RIj6Ec+F22VQsCbxQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Xslft1vphz12Vb; Tue, 19 Nov 2024 00:26:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AJ0QkTk063631; Tue, 19 Nov 2024 00:26:46 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AJ0QkpF063628; Tue, 19 Nov 2024 00:26:46 GMT (envelope-from git) Date: Tue, 19 Nov 2024 00:26:46 GMT Message-Id: <202411190026.4AJ0QkpF063628@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Cy Schubert Subject: git: d46948338cd2 - stable/14 - ipfilter: Avoid overrunning the message buffer List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: d46948338cd2565f4845ac53ddd810bf47068a2f Auto-Submitted: auto-generated The branch stable/14 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=d46948338cd2565f4845ac53ddd810bf47068a2f commit d46948338cd2565f4845ac53ddd810bf47068a2f Author: Cy Schubert AuthorDate: 2024-11-07 01:22:57 +0000 Commit: Cy Schubert CommitDate: 2024-11-19 00:26:04 +0000 ipfilter: Avoid overrunning the message buffer Avoid overrunning the message buffer when printing an ippool btree error. We do this in two ways. First we increase the message buffer from 80 to 255 bytes and secondly we replace strcat(3) with strlcat(3). (cherry picked from commit 42935716286e7887bfeb9dd8daea72d6a5d40908) --- sbin/ipf/libipf/load_poolnode.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sbin/ipf/libipf/load_poolnode.c b/sbin/ipf/libipf/load_poolnode.c index 5c9fd838bfa0..8d65f019da43 100644 --- a/sbin/ipf/libipf/load_poolnode.c +++ b/sbin/ipf/libipf/load_poolnode.c @@ -52,11 +52,11 @@ load_poolnode(int role, char *name, ip_pool_node_t *node, int ttl, if (err != 0) { if ((opts & OPT_DONOTHING) == 0) { - char msg[80]; + char msg[255]; snprintf(msg, sizeof(msg), "%s pool node(%s/", what, inet_ntoa(pn.ipn_addr.adf_addr.in4)); - strcat(msg, inet_ntoa(pn.ipn_mask.adf_addr.in4)); + strlcat(msg, inet_ntoa(pn.ipn_mask.adf_addr.in4), sizeof(msg)); return (ipf_perror_fd(pool_fd(), iocfunc, msg)); } }