From 2388b2f4d4481c69935abdc9c3ed9928d1f15a46 Mon Sep 17 00:00:00 2001
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Wed, 2 Mar 2016 15:43:41 -0500
Subject: networkctl: avoid reading past end of input buffer

name is IFNAMSIZ bytes, but we would copy sizeof(info->name) bytes,
which is IFNAMSIZ + 1. In effect we would go outside of the source
buffer and possibly leave a non-null terminated string in info->name.

CID #1351754.
---
 src/network/networkctl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/network/networkctl.c')

diff --git a/src/network/networkctl.c b/src/network/networkctl.c
index e5b08d4826..6ec7a911ca 100644
--- a/src/network/networkctl.c
+++ b/src/network/networkctl.c
@@ -45,6 +45,7 @@
 #include "string-table.h"
 #include "string-util.h"
 #include "strv.h"
+#include "strxcpyx.h"
 #include "terminal-util.h"
 #include "util.h"
 #include "verbs.h"
@@ -173,7 +174,7 @@ static int decode_link(sd_netlink_message *m, LinkInfo *info) {
         if (r < 0)
                 return r;
 
-        strncpy(info->name, name, sizeof(info->name));
+        strscpy(info->name, sizeof info->name, name);
 
         info->has_mac_address =
                 sd_netlink_message_read_ether_addr(m, IFLA_ADDRESS, &info->mac_address) >= 0 &&
-- 
cgit v1.2.3-54-g00ecf