libxt_string: fix undefined behavior/incorrect patlen calculation

strlen ran over the end of the string. Use strnlen to bound it. Reference: http://bugs.debian.org/513516 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
author: Jan Engelhardt <jengelh@medozas.de> 2009-02-12 01:18:35 +0100
committer: Jan Engelhardt <jengelh@medozas.de> 2009-02-12 07:15:07 +0100
commit: 37b4bde745698bf140d74e59a2561f34deeb8726 (patch)
tree: a6bff16379a6bc6b0698d7e6316fadeb07f2effe /extensions/libxt_string.c
parent: 41f03ba382dfd26e7db939fd02447058b1c56f7b (diff)
download: iptables-37b4bde745698bf140d74e59a2561f34deeb8726.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index 6bd27c0b..aa52fa8d 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -20,6 +20,7 @@
  *             updated to work with slightly modified
  *             ipt_string_info.
  */
+#define _GNU_SOURCE 1
 #include <stdio.h>
 #include <netdb.h>
 #include <string.h>
@@ -207,7 +208,8 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
 			else
 				stringinfo->u.v1.flags |= XT_STRING_FLAG_INVERT;
 		}
-		stringinfo->patlen=strlen((char *)&stringinfo->pattern);
+		stringinfo->patlen = strnlen((char *)&stringinfo->pattern,
+			sizeof(stringinfo->patlen));
 		*flags |= STRING;
 		break;
author	Jan Engelhardt <jengelh@medozas.de>	2009-02-12 01:18:35 +0100
committer	Jan Engelhardt <jengelh@medozas.de>	2009-02-12 07:15:07 +0100
commit	37b4bde745698bf140d74e59a2561f34deeb8726 (patch)
tree	a6bff16379a6bc6b0698d7e6316fadeb07f2effe /extensions/libxt_string.c
parent	41f03ba382dfd26e7db939fd02447058b1c56f7b (diff)
download	iptables-37b4bde745698bf140d74e59a2561f34deeb8726.tar.gz