diff options
author | Niranjan Pendharkar <npendhar@codeaurora.org> | 2017-07-26 18:03:13 +0000 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2017-07-26 18:03:13 +0000 |
commit | 7c8ac32ad7a888fedb440af2b28e90b14625a35c (patch) | |
tree | 507b37cab62172d64d6970066944c22df86c5825 | |
parent | 95eafbe1a0858c3ae5adf98790a49bd36d87bcda (diff) | |
parent | d772782af329301ccb551636d8ad18cd4755c09f (diff) | |
download | ipacfg-mgr-7c8ac32ad7a888fedb440af2b28e90b14625a35c.tar.gz |
IPACM: fix the security issue in ConntrackClient
am: d772782af3
Change-Id: I5885c024b8846dba0a52fa9c25d49623d9767368
-rw-r--r-- | msm8998/ipacm/src/IPACM_ConntrackClient.cpp | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/msm8998/ipacm/src/IPACM_ConntrackClient.cpp b/msm8998/ipacm/src/IPACM_ConntrackClient.cpp index 10154ea..ffb0088 100644 --- a/msm8998/ipacm/src/IPACM_ConntrackClient.cpp +++ b/msm8998/ipacm/src/IPACM_ConntrackClient.cpp @@ -173,10 +173,18 @@ int IPACM_ConntrackClient::IPA_Conntrack_Filters_Ignore_Bridge_Addrs uint32_t ipv4_addr; struct ifreq ifr; + if(strlen(IPACM_Iface::ipacmcfg->ipa_virtual_iface_name) >= sizeof(ifr.ifr_name)) + { + IPACMERR("interface name overflows: len %d\n", + strlen(IPACM_Iface::ipacmcfg->ipa_virtual_iface_name)); + close(fd); + return -1; + } + /* retrieve bridge interface ipv4 address */ memset(&ifr, 0, sizeof(struct ifreq)); ifr.ifr_addr.sa_family = AF_INET; - (void)strncpy(ifr.ifr_name, IPACM_Iface::ipacmcfg->ipa_virtual_iface_name, sizeof(ifr.ifr_name)); + (void)strlcpy(ifr.ifr_name, IPACM_Iface::ipacmcfg->ipa_virtual_iface_name, sizeof(ifr.ifr_name)); IPACMDBG("bridge interface name (%s)\n", ifr.ifr_name); ret = ioctl(fd, SIOCGIFADDR, &ifr); |