summaryrefslogtreecommitdiff
path: root/libc
diff options
context:
space:
mode:
authorWaldemar Brodkorb <wbrodkorb@conet.de>2018-12-14 10:53:22 +0100
committerWaldemar Brodkorb <wbrodkorb@conet.de>2018-12-14 10:53:22 +0100
commit365d19dfec4437b7a8227f594953a54c76863278 (patch)
treec504d9ba1694c91b6838e825330d49f528c2f6cf /libc
parent51e75b39838427f5eb66b0038672b2ca8ced8e93 (diff)
fix issues in ethers.c
Old version manages strings the regular way (i.e. counting on zero-ended sequences). In fact strings captured from the /etc/ethers file are '\n'-ended. So, for example, using strchr function could lead to buffer overflow. Reported-by: "Andrey V. Zhmurin" <zhmurin_a@mcst.ru
Diffstat (limited to 'libc')
-rw-r--r--libc/inet/ethers.c10
1 files changed, 4 insertions, 6 deletions
diff --git a/libc/inet/ethers.c b/libc/inet/ethers.c
index 857e5d165..caa4a644c 100644
--- a/libc/inet/ethers.c
+++ b/libc/inet/ethers.c
@@ -32,11 +32,11 @@ static const char *__ether_line(const char *line, struct ether_addr *addr)
if (!res)
return NULL;
- while (*line && (*line != ' ') && (*line != '\t'))
+ while (*line && (*line != '\n') && (*line != ' ') && (*line != '\t'))
line++;
- while (*line && ((*line == ' ') || (*line == '\t')))
+ while (*line && (*line != '\n') && ((*line == ' ') || (*line == '\t')))
line++;
- return (*line) ? line : NULL;
+ return (*line && (*line != '\n')) ? line : NULL;
}
/*
@@ -45,9 +45,7 @@ static const char *__ether_line(const char *line, struct ether_addr *addr)
*/
static const char *__ether_line_w(char *line, struct ether_addr *addr)
{
- char *end = strchr(line, '#');
- if (!end)
- end = strchr(line, '\n');
+ char *end = strpbrk(line, "#\n");
if (end)
*end = '\0';
return __ether_line(line, addr);