[collectd] [PATCH] iptables plugin, utils_ignorelist: Fixed an off-by-one error each.

Sebastian Harl sh at tokkee.org
Thu Oct 2 14:53:06 CEST 2008


Those were introduced when unifying the string handling in commit 5f9ec13b in
cases where the exact length of the string to be copied is passed to sstrncpy
instead of the size of the destination buffer.

In case of the iptables plugin this prevented the table or chain name to match
correctly as the user configuration was truncated. In case of the ignorelist a
given regex was truncated.

Signed-off-by: Sebastian Harl <sh at tokkee.org>
---
 src/iptables.c         |    8 ++++----
 src/utils_ignorelist.c |    3 ++-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/iptables.c b/src/iptables.c
index 4d15c6e..e1694af 100644
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -107,8 +107,8 @@ static int iptables_config (const char *key, const char *value)
 		table = fields[0];
 		chain = fields[1];
 
-		table_len = strlen (table);
-		if ((unsigned int)table_len >= sizeof(temp.table))
+		table_len = strlen (table) + 1;
+		if ((unsigned int)table_len > sizeof(temp.table))
 		{
 			ERROR ("Table `%s' too long.", table);
 			free (value_copy);
@@ -116,8 +116,8 @@ static int iptables_config (const char *key, const char *value)
 		}
 		sstrncpy (temp.table, table, table_len);
 
-		chain_len = strlen (chain);
-		if ((unsigned int)chain_len >= sizeof(temp.chain))
+		chain_len = strlen (chain) + 1;
+		if ((unsigned int)chain_len > sizeof(temp.chain))
 		{
 			ERROR ("Chain `%s' too long.", chain);
 			free (value_copy);
diff --git a/src/utils_ignorelist.c b/src/utils_ignorelist.c
index 518715b..db679da 100644
--- a/src/utils_ignorelist.c
+++ b/src/utils_ignorelist.c
@@ -310,7 +310,8 @@ int ignorelist_add (ignorelist_t *il, const char *entry)
 		/* We need to copy `entry' since it's const */
 		entry_copy = smalloc (entry_len);
 		memset (entry_copy, '\0', entry_len);
-		sstrncpy (entry_copy, entry + 1, entry_len - 2);
+		/* sstrncpy() overwrites the trailing '/' */
+		sstrncpy (entry_copy, entry + 1, entry_len - 1);
 
 		DEBUG("I'm about to add regex entry: %s", entry_copy);
 		ret = ignorelist_append_regex(il, entry_copy);
-- 
1.6.0.1.216.g1b23a

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.verplant.org/pipermail/collectd/attachments/20081002/c2241536/attachment.pgp 


More information about the collectd mailing list