[Python-checkins] cpython: Make sure that *really* no more than sizeof(ifr.ifr_name) chars are strcpy-ed

christian.heimes python-checkins at python.org
Mon Sep 10 01:25:59 CEST 2012


http://hg.python.org/cpython/rev/80909b23ca1e
changeset:   78932:80909b23ca1e
parent:      78930:f962ec8e47a1
user:        Christian Heimes <christian at cheimes.de>
date:        Mon Sep 10 01:25:50 2012 +0200
summary:
  Make sure that *really* no more than sizeof(ifr.ifr_name) chars are strcpy-ed to ifr.ifr_name and that the string is *always* NUL terminated. New code shouldn't use strcpy(), too. CID 719692

files:
  Modules/socketmodule.c |  3 ++-
  1 files changed, 2 insertions(+), 1 deletions(-)


diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
--- a/Modules/socketmodule.c
+++ b/Modules/socketmodule.c
@@ -1674,7 +1674,8 @@
             if (len == 0) {
                 ifr.ifr_ifindex = 0;
             } else if (len < sizeof(ifr.ifr_name)) {
-                strcpy(ifr.ifr_name, PyBytes_AS_STRING(interfaceName));
+                strncpy(ifr.ifr_name, PyBytes_AS_STRING(interfaceName), sizeof(ifr.ifr_name));
+                ifr.ifr_name[(sizeof(ifr.ifr_name))-1] = '\0';
                 if (ioctl(s->sock_fd, SIOCGIFINDEX, &ifr) < 0) {
                     s->errorhandler();
                     Py_DECREF(interfaceName);

-- 
Repository URL: http://hg.python.org/cpython


More information about the Python-checkins mailing list