312043 |
13-Jan-2017 |
ngie |
MFC r311290,r311293,r311294:
r311290:
Use strlcpy instead of strcpy when copying the bridge name to ifr.ifr_name to avoid buffer overflows
CID: 1006735, 1006737, 1006738
r311293:
bridge_do_pfctl: allocate mib_name dynamically using asprintf
This is being done to reduce wasted space, simplify complexity in the code, and to quell a Coverity warning about buffer overruns. warning about buffer overruns.
CID: 1006736
r311294:
style cleanup
- bridge_pf_dump: use nitems instead of spelling it out longhand - bridge_do_pfctl: sort variables by alignment for type |
165046 |
09-Dec-2006 |
syrinx |
Instead of explicitly initializing variables to avoid compiler warnings, add a default case to handle the situation when the variables are not initialized. Furthermore, abort() if the snmp agent passes an invalid option to the bridge module. As the option (SET, GET, GETNEXT, COMMIT, ROLLBACK) is determined by the snmp agent based on the operation requested by user, this behaviour is unlikely to be abused as a source for a DoS, but if ever hit will likely reveal a problem in the snmp agent or bridge module.
Approved by: bz (mentor)
|