[oe] [meta-openwrt][PATCH] odhcpd: Fix strncpy bounds in gcc-8

Hoang Anh Tuan tuanhoanganh.dev at gmail.com
Thu Feb 28 10:19:24 UTC 2019 

Backport from git://git.openwrt.org/project/odhcpd.git
Commit 4983ee551a743e55bb2f2ec12ceab0ddba13eb2d

Signed-off-by: Hoang Anh Tuan <tuanha at viosoft.com>
---
 .../odhcpd/0001-odhcpd-fix-strncpy-bounds.patch    | 51 ++++++++++++++++++++++
 recipes-core/odhcpd/odhcpd_git.bb                  |  1 +
 2 files changed, 52 insertions(+)
 create mode 100644 recipes-core/odhcpd/odhcpd/0001-odhcpd-fix-strncpy-bounds.patch

diff --git a/recipes-core/odhcpd/odhcpd/0001-odhcpd-fix-strncpy-bounds.patch b/recipes-core/odhcpd/odhcpd/0001-odhcpd-fix-strncpy-bounds.patch
new file mode 100644
index 0000000..2438d64
--- /dev/null
+++ b/recipes-core/odhcpd/odhcpd/0001-odhcpd-fix-strncpy-bounds.patch
@@ -0,0 +1,51 @@
+From 4983ee551a743e55bb2f2ec12ceab0ddba13eb2d Mon Sep 17 00:00:00 2001
+From: Hans Dedecker <dedeckeh at gmail.com>
+Date: Thu, 3 May 2018 17:21:15 +0200
+Subject: [PATCH] odhcpd: fix strncpy bounds
+
+Fix strncpy bounds as reported by Coverity in CID 1412278 and 1412293
+
+Signed-off-by: Hans Dedecker <dedeckeh at gmail.com>
+---
+ src/dhcpv4.c | 6 ++++--
+ src/odhcpd.c | 4 +++-
+ 2 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/src/dhcpv4.c b/src/dhcpv4.c
+index db5f138..35a3ad0 100644
+--- a/src/dhcpv4.c
++++ b/src/dhcpv4.c
+@@ -779,8 +779,10 @@ static void handle_dhcpv4(void *addr, void *data, size_t len,
+ 		}
+ 	}
+ 
+-	struct ifreq ifr = {.ifr_name = ""};
+-	strncpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name));
++	struct ifreq ifr;
++
++	memset(&ifr, 0, sizeof(ifr));
++	strncpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name) - 1);
+ 
+ 	if (!ioctl(sock, SIOCGIFMTU, &ifr)) {
+ 		uint16_t mtu = htons(ifr.ifr_mtu);
+diff --git a/src/odhcpd.c b/src/odhcpd.c
+index 71b803d..8aa4571 100644
+--- a/src/odhcpd.c
++++ b/src/odhcpd.c
+@@ -143,10 +143,12 @@ int odhcpd_get_interface_config(const char *ifname, const char *what)
+ int odhcpd_get_mac(const struct interface *iface, uint8_t mac[6])
+ {
+ 	struct ifreq ifr;
++
+ 	memset(&ifr, 0, sizeof(ifr));
+-	strncpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name));
++	strncpy(ifr.ifr_name, iface->ifname, sizeof(ifr.ifr_name) - 1);
+ 	if (ioctl(ioctl_sock, SIOCGIFHWADDR, &ifr) < 0)
+ 		return -1;
++
+ 	memcpy(mac, ifr.ifr_hwaddr.sa_data, 6);
+ 	return 0;
+ }
+-- 
+2.7.4
+
diff --git a/recipes-core/odhcpd/odhcpd_git.bb b/recipes-core/odhcpd/odhcpd_git.bb
index 745ee6f..e220bda 100644
--- a/recipes-core/odhcpd/odhcpd_git.bb
+++ b/recipes-core/odhcpd/odhcpd_git.bb
@@ -13,6 +13,7 @@ FILESEXTRAPATHS_prepend = "${THIDIR}/${PN}:"
 SRC_URI = "\
     git://git.openwrt.org/project/odhcpd.git;name=odhcpd \
     file://0100-OE-build-fails-due-to-libnl-tiny-dependency-in-CMakeLists.patch \
+    file://0001-odhcpd-fix-strncpy-bounds.patch \
 "
 
 SRCREV_odhcpd = "750e457e3000187b85906814a2529ede24775325"
-- 
2.7.4

More information about the Openembedded-devel mailing list