netstat: increase address buffers to avoid and overflow

We use scanf %64[...] to get local addresses, but then we store the result into a char[64] buffer. Since scanf always writes a terminating NUL, we overflow the buffer by a single byte. Use a buffer of 128 bytes to match the style of other funcs in this file. Reported-by: Maxim Ostapenko <m.ostapenko@partner.samsung.com>

netstat: increase address buffers to avoid and overflow
We use scanf %64[...] to get local addresses, but then we store the result into a char[64] buffer. Since scanf always writes a terminating NUL, we overflow the buffer by a single byte. Use a buffer of 128 bytes to match the style of other funcs in this file. Reported-by: Maxim Ostapenko <m.ostapenko@partner.samsung.com>
3f170bff · Mike Frysinger · 1cec84c4 · 3f170bff
Commit 3f170bff authored Jan 27, 2016 by Mike Frysinger
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

netstat.c netstat.c +2 -2

No files found.
--- a/netstat.c
+++ b/netstat.c
@@ -1177,7 +1177,7 @@ static int notnull(const struct sockaddr_storage *sas)

 static void udp_do_one(int lnr, const char *line,const char *prot)
 {
-    char local_addr[64], rem_addr[64];
+    char local_addr[128], rem_addr[128];
    char *udp_state, timers[64];
    int num, local_port, rem_port, d, state, timer_run, uid, timeout;
    struct sockaddr_storage localsas, remsas;
@@ -1291,7 +1291,7 @@ static int udplite_info(void)

 static void raw_do_one(int lnr, const char *line,const char *prot)
 {
-    char local_addr[64], rem_addr[64];
+    char local_addr[128], rem_addr[128];
    char timers[64];
    int num, local_port, rem_port, d, state, timer_run, uid, timeout;
    struct sockaddr_storage localsas, remsas;