aboutsummaryrefslogtreecommitdiff
path: root/libbb
diff options
context:
space:
mode:
authorEric Andersen <andersen@codepoet.org>2003-07-28 06:37:04 +0000
committerEric Andersen <andersen@codepoet.org>2003-07-28 06:37:04 +0000
commitf96675bc50ec6b4a7a43866525bf575bf741ae73 (patch)
tree6ae2f7e9fb53942c022159ef233c3cce69650646 /libbb
parent727f529211b68cdde88b724c2c1112acbc076bf2 (diff)
downloadbusybox-f96675bc50ec6b4a7a43866525bf575bf741ae73.tar.gz
James Petterson writes:
I've found a possible bug in libbb/interface.c, in function if_readlist_proc(). This function calls get_name(), and passes as an argument 'name', a buffer of 16 bytes (IFNAMSIZ). The function get_name(), however, may use more than 16 bytes, when it is searching for aliases. Even if you don't have an alias interface, you can run into trouble if the interface has received more than 99999999 bytes, in which case the space between the interface name and the rx stats disappears, as in the /proc/net/dev example below: wan0.200:264573315 462080 ... In this case get_name() correctly identifies the interface name as "wan0.200", but to do that it uses 18 bytes of the 'name' buffer, which could lead to an unpredictable error. A simple solution would be to increase the size of the buffer:
Diffstat (limited to 'libbb')
-rw-r--r--libbb/interface.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/libbb/interface.c b/libbb/interface.c
index 46c3ba96c..47358fe0d 100644
--- a/libbb/interface.c
+++ b/libbb/interface.c
@@ -15,7 +15,7 @@
* that either displays or sets the characteristics of
* one or more of the system's networking interfaces.
*
- * Version: $Id: interface.c,v 1.17 2003/07/22 08:56:46 andersen Exp $
+ * Version: $Id: interface.c,v 1.18 2003/07/28 06:35:32 andersen Exp $
*
* Author: Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
* and others. Copyright 1993 MicroWalt Corporation
@@ -1134,7 +1134,7 @@ static int if_readlist_proc(char *target)
err = 0;
while (fgets(buf, sizeof buf, fh)) {
- char *s, name[IFNAMSIZ];
+ char *s, name[128];
s = get_name(name, buf);
ife = add_interface(name);