arp: fix buffer overflow. Closes 9071

function old new delta arp_main 1910 1898 -12 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Denys Vlasenko <vda.linux@googlemail.com> 2016-07-04 17:38:01 +0200
committer: Denys Vlasenko <vda.linux@googlemail.com> 2016-07-04 17:38:01 +0200
commit: ee772a0d90e2775cbe40072fd5217552c260a9aa (patch)
tree: e677e9289b7d4aa4a0e8835020c86fe2221988b0
parent: 44399e00ffa73270cd7fc108c983d3b1705b9d86 (diff)
download: busybox-w32-ee772a0d90e2775cbe40072fd5217552c260a9aa.tar.gz
busybox-w32-ee772a0d90e2775cbe40072fd5217552c260a9aa.tar.bz2
busybox-w32-ee772a0d90e2775cbe40072fd5217552c260a9aa.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/networking/arp.c b/networking/arp.c
index 9381eb53a..69a5816eb 100644
--- a/networking/arp.c
+++ b/networking/arp.c
@@ -178,7 +178,7 @@ static int arp_del(char **args)
        if (flags == 0)
                flags = 3;
-        strncpy(req.arp_dev, device, sizeof(req.arp_dev));
+        strncpy_IFNAMSIZ(req.arp_dev, device);
        err = -1;
@@ -219,7 +219,7 @@ static void arp_getdevhw(char *ifname, struct sockaddr *sa)
        struct ifreq ifr;
        const struct hwtype *xhw;
-        strcpy(ifr.ifr_name, ifname);
+        strncpy_IFNAMSIZ(ifr.ifr_name, ifname);
        ioctl_or_perror_and_die(sockfd, SIOCGIFHWADDR, &ifr,
                                        "can't get HW-Address for '%s'", ifname);
        if (hw_set && (ifr.ifr_hwaddr.sa_family != hw->type)) {
@@ -332,7 +332,7 @@ static int arp_set(char **args)
        /* Fill in the remainder of the request. */
        req.arp_flags = flags;
-        strncpy(req.arp_dev, device, sizeof(req.arp_dev));
+        strncpy_IFNAMSIZ(req.arp_dev, device);
        /* Call the kernel. */
        if (option_mask32 & ARP_OPT_v)
author	Denys Vlasenko <vda.linux@googlemail.com>	2016-07-04 17:38:01 +0200
committer	Denys Vlasenko <vda.linux@googlemail.com>	2016-07-04 17:38:01 +0200
commit	ee772a0d90e2775cbe40072fd5217552c260a9aa (patch)
tree	e677e9289b7d4aa4a0e8835020c86fe2221988b0
parent	44399e00ffa73270cd7fc108c983d3b1705b9d86 (diff)
download	busybox-w32-ee772a0d90e2775cbe40072fd5217552c260a9aa.tar.gz busybox-w32-ee772a0d90e2775cbe40072fd5217552c260a9aa.tar.bz2 busybox-w32-ee772a0d90e2775cbe40072fd5217552c260a9aa.zip

diff --git a/networking/arp.c b/networking/arp.c index 9381eb53a..69a5816eb 100644 --- a/networking/arp.c +++ b/networking/arp.c
@@ -178,7 +178,7 @@ static int arp_del(char **args)
178	if (flags == 0)	178	if (flags == 0)
179	flags = 3;	179	flags = 3;
180		180
181	strncpy(req.arp_dev, device, sizeof(req.arp_dev));	181	strncpy_IFNAMSIZ(req.arp_dev, device);
182		182
183	err = -1;	183	err = -1;
184		184
@@ -219,7 +219,7 @@ static void arp_getdevhw(char ifname, struct sockaddr sa)
219	struct ifreq ifr;	219	struct ifreq ifr;
220	const struct hwtype *xhw;	220	const struct hwtype *xhw;
221		221
222	strcpy(ifr.ifr_name, ifname);	222	strncpy_IFNAMSIZ(ifr.ifr_name, ifname);
223	ioctl_or_perror_and_die(sockfd, SIOCGIFHWADDR, &ifr,	223	ioctl_or_perror_and_die(sockfd, SIOCGIFHWADDR, &ifr,
224	"can't get HW-Address for '%s'", ifname);	224	"can't get HW-Address for '%s'", ifname);
225	if (hw_set && (ifr.ifr_hwaddr.sa_family != hw->type)) {	225	if (hw_set && (ifr.ifr_hwaddr.sa_family != hw->type)) {
@@ -332,7 +332,7 @@ static int arp_set(char **args)
332	/* Fill in the remainder of the request. */	332	/* Fill in the remainder of the request. */
333	req.arp_flags = flags;	333	req.arp_flags = flags;
334		334
335	strncpy(req.arp_dev, device, sizeof(req.arp_dev));	335	strncpy_IFNAMSIZ(req.arp_dev, device);
336		336
337	/* Call the kernel. */	337	/* Call the kernel. */
338	if (option_mask32 & ARP_OPT_v)	338	if (option_mask32 & ARP_OPT_v)