[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Q:How can I determine if an if is up in C/C++ only?
- To: Gilad Ben-Yossef <gilad(at-nospam)benyossef.com>
- Subject: Re: Q:How can I determine if an if is up in C/C++ only?
- From: mulix <mulix(at-nospam)actcom.co.il>
- Date: Fri, 15 Dec 2000 00:00:47 +0200
- CC: linux-il(at-nospam)linux.org.il
- Delivered-To: linux.org.il-linux-il@linux.org.il
- References: <3A387F45.1A9F2C0B@internet-zahav.net> <3A391F17.1070509@benyossef.com>
- Sender: mulix(at-nospam)lmail.actcom.co.il
- Sender: linux-il-bounce(at-nospam)cs.huji.ac.il
Gilad Ben-Yossef wrote:
<ifstat source snipped>
> strcpy(ifr.ifr_name, argv[1]);
this is broken. ifr.ifr_name is a char array of size IFNAMSIZ (which is
defined to 16 in net/if.h- not a very long buffer). if the user supplies
a long enough argv[1], you have your classic buffer overflow here,
easily overwriting EIP.
you want to do
strncpy(ifr.ifr_name, argv[1], IFNAMSIZ-2);
ifr.ifr_name[IFNAMSIZ-1] = '\0';
<more ifstat source snipped>
--
mulix
linux/reboot.h: #define LINUX_REBOOT_MAGIC1 0xfee1dead
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il