libnftnl/bufferov.diff

From: Jan Engelhardt <jengelh@inai.de>
Date: 2017-10-13 02:43:06.480980575 +0200
X-Upstream: reported

resolve a potential buffer overflow when i > 9
[reg->len > 36].


expr/data_reg.c:69:27: warning: '%d' directive writing between 1 and
10 bytes into a region of size 2 [-Wformat-overflow=]
   sprintf(node_name, "data%d", i);

---
 src/expr/data_reg.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Index: libnftnl-1.0.9/src/expr/data_reg.c
===================================================================
--- libnftnl-1.0.9.orig/src/expr/data_reg.c
+++ libnftnl-1.0.9/src/expr/data_reg.c
@@ -59,7 +59,7 @@ static int nftnl_data_reg_verdict_json_p
 static int nftnl_data_reg_value_json_parse(union nftnl_data_reg *reg, json_t *data,
 					 struct nftnl_parse_err *err)
 {
-	char node_name[8] = {};	/* strlen("data256") + 1 == 8 */
+	char node_name[16] = {};	/* strlen("data256") + 1 == 8 */
 	int ret, remain = sizeof(node_name), offset = 0, i;
 
 	if (nftnl_jansson_parse_val(data, "len", NFTNL_TYPE_U8, &reg->len, err) < 0)
- Update to new upstream release 1.0.8 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/libnftnl?expand=0&rev=28 2017-10-13 02:46:55 +02:00			`From: Jan Engelhardt <jengelh@inai.de>`
			`Date: 2017-10-13 02:43:06.480980575 +0200`
			`X-Upstream: reported`

			`resolve a potential buffer overflow when i > 9`
			`[reg->len > 36].`


			`expr/data_reg.c:69:27: warning: '%d' directive writing between 1 and`
			`10 bytes into a region of size 2 [-Wformat-overflow=]`
			`sprintf(node_name, "data%d", i);`

			`---`
			`src/expr/data_reg.c \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

libnftnl-1.0.9 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/libnftnl?expand=0&rev=30 2018-01-02 22:10:35 +01:00			`Index: libnftnl-1.0.9/src/expr/data_reg.c`
- Update to new upstream release 1.0.8 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/libnftnl?expand=0&rev=28 2017-10-13 02:46:55 +02:00			`===================================================================`
libnftnl-1.0.9 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/libnftnl?expand=0&rev=30 2018-01-02 22:10:35 +01:00			`--- libnftnl-1.0.9.orig/src/expr/data_reg.c`
			`+++ libnftnl-1.0.9/src/expr/data_reg.c`
			`@@ -59,7 +59,7 @@ static int nftnl_data_reg_verdict_json_p`
			`static int nftnl_data_reg_value_json_parse(union nftnl_data_reg reg, json_t data,`
- Update to new upstream release 1.0.8 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/libnftnl?expand=0&rev=28 2017-10-13 02:46:55 +02:00			`struct nftnl_parse_err *err)`
			`{`
libnftnl-1.0.9 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/libnftnl?expand=0&rev=30 2018-01-02 22:10:35 +01:00			`- char node_name[8] = {}; /* strlen("data256") + 1 == 8 */`
			`+ char node_name[16] = {}; /* strlen("data256") + 1 == 8 */`
			`int ret, remain = sizeof(node_name), offset = 0, i;`
- Update to new upstream release 1.0.8 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/libnftnl?expand=0&rev=28 2017-10-13 02:46:55 +02:00
			`if (nftnl_jansson_parse_val(data, "len", NFTNL_TYPE_U8, &reg->len, err) < 0)`