The destination space of ifname copy must be initialized to '\0' to make the overflow check correct. Also fix the callers to get_next_iface() to use all of the ifname space.
Signed-off-by: Vitezslav Samel vitezslav@samel.cz --- src/ifaces.c | 1 + src/ifstats.c | 2 +- src/promisc.c | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/ifaces.c b/src/ifaces.c index efc3106..2e6e780 100644 --- a/src/ifaces.c +++ b/src/ifaces.c @@ -68,6 +68,7 @@ int get_next_iface(FILE * fd, char *ifname, int n) strcpy(buf, ""); fgets(buf, 160, fd); if (strcmp(buf, "") != 0) { + memset(ifname, 0, n); strncpy(ifname, ltrim(strtok(buf, ":")), n); if (ifname[n - 1] != '\0') strcpy(ifname, ""); diff --git a/src/ifstats.c b/src/ifstats.c index 18ca3dd..d516585 100644 --- a/src/ifstats.c +++ b/src/ifstats.c @@ -115,7 +115,7 @@ void initiflist(struct iflist **list) return; }
- while (get_next_iface(fd, ifname, 12)) { + while (get_next_iface(fd, ifname, sizeof(ifname))) { if (strcmp(ifname, "") != 0) { if (ifinlist(*list, ifname)) /* ignore entry if already in */ continue; /* interface list */ diff --git a/src/promisc.c b/src/promisc.c index 53e56d4..167695c 100644 --- a/src/promisc.c +++ b/src/promisc.c @@ -50,7 +50,7 @@ void init_promisc_list(struct promisc_states **list) *list = NULL; fd = open_procnetdev();
- while (get_next_iface(fd, buf, 12)) { + while (get_next_iface(fd, buf, sizeof(buf))) { if (strcmp(buf, "") != 0) { ptmp = xmalloc(sizeof(struct promisc_states)); strcpy(ptmp->params.ifname, buf);