bad use of memcpy in ospf6d

bug-zebra

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bad use of memcpy in ospf6d

From:	Anil Madhavapeddy
Subject:	bad use of memcpy in ospf6d
Date:	Thu, 19 Jun 2003 02:37:19 +0100
User-agent:	Mutt/1.4.1i

Hi, noticed this during an OpenBSD security audit against zebra-0.93a.
Using memcpy here will copy a load of unwanted stuff into src_name.

--- ospf6d/ospf6_message.c.orig Wed Jun 18 03:00:14 2003
+++ ospf6d/ospf6_message.c      Thu Jun 19 02:18:41 2003
@@ -1421,7 +1421,7 @@ ospf6_message_send (unsigned char type,
       if (o6i->lladdr)
         inet_ntop (AF_INET6, o6i->lladdr, src_name, sizeof (src_name));
       else
-        memcpy (src_name, "Unknown", sizeof (src_name));
+        strcpy (src_name, "Unknown");
       zlog_info ("Send %s on %s",
                  ospf6_message_type_string[type], o6i->interface->name);
       zlog_info ("    %s -> %s", src_name, dst_name);

-- 
Anil Madhavapeddy                               http://anil.recoil.org
University of Cambridge                        http://www.cl.cam.ac.uk

[Prev in Thread]

Current Thread

[Next in Thread]

bad use of memcpy in ospf6d, Anil Madhavapeddy <=
- Re: bad use of memcpy in ospf6d, Paul Jakma, 2003/06/18
  - Re: bad use of memcpy in ospf6d, Anil Madhavapeddy, 2003/06/20
    - Re: bad use of memcpy in ospf6d, Paul Jakma, 2003/06/20

Prev by Date: Re: IPV6
Next by Date: Re: bad use of memcpy in ospf6d
Previous by thread: Re: IPV6
Next by thread: Re: bad use of memcpy in ospf6d
Index(es):
- Date
- Thread