Fix some buffer overruns.
Add support to netstat for GRE and ESP.
# -------- end of user definitions --------
MAINTAINER = Philip.Blundell@pobox.com
-RELEASE = 1.52
+RELEASE = 1.53
.EXPORT_ALL_VARIABLES:
README
- Information about the net-tools package
+ Information about the net-tools package
+
NET-TOOLS A collection of programs that form the base set of the
NET-3 networking distribution for the Linux operating
system.
Notes
-----
-This is net-tools 1.52. Notable changes since 1.51 include:
+This is net-tools 1.53. Notable changes since 1.52 include:
+
+ - a bunch of buffer overrun vulnerabilities are fixed (thanks to
+ David Wagner)
+ - Meelis Roos contributed an Estonian translation
+ - netstat recognizes ESP and GRE protocols, courtesy John D. Hardin.
+
+Notable changes since 1.51 include:
- Jean-Michel Vansteene updated the French translation.
- Dag Brattli contributed support for IrDA
* NET-3 Networking Distribution for the LINUX operating
* system.
*
- * Version: $Id: arp.c,v 1.12 1999/03/24 09:49:43 philip Exp $
+ * Version: $Id: arp.c,v 1.13 1999/06/12 23:04:14 philip Exp $
*
* Maintainer: Bernd 'eckes' Eckenfels, <net-tools@lina.inka.de>
*
ap->herror(host);
return (-1);
}
- strcpy(host, ap->sprint(&sa, 1));
+ safe_strncpy(host, ap->sprint(&sa, 1), sizeof(host));
}
/* Open the PROCps kernel table. */
if ((fp = fopen(_PATH_PROCNET_ARP, "r")) == NULL) {
#include "intl.h"
#include "net-support.h"
#include "version.h"
+#include "util.h"
#undef GRE_CSUM
#define GRE_CSUM htons(0x8000)
p->iph.saddr = get_addr32(*argv);
} else if (strcmp(*argv, "dev") == 0) {
NEXT_ARG();
- strncpy(medium, *argv, IFNAMSIZ-1);
+ safe_strncpy(medium, *argv, IFNAMSIZ-1);
} else if (strcmp(*argv, "ttl") == 0) {
unsigned uval;
NEXT_ARG();
} else {
if (p->name[0])
usage();
- strncpy(p->name, *argv, IFNAMSIZ);
+ safe_strncpy(p->name, *argv, IFNAMSIZ);
}
argc--; argv++;
}
* support functions for the net-tools.
* (NET-3 base distribution).
*
- * Version: $Id: inet.c,v 1.11 1999/03/03 21:43:08 philip Exp $
+ * Version: $Id: inet.c,v 1.12 1999/06/12 23:04:18 philip Exp $
*
* Author: Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
* Copyright 1993 MicroWalt Corporation
/* Try the NETWORKS database to see if this is a known network. */
if ((np = getnetbyname(name)) != (struct netent *) NULL) {
sin->sin_addr.s_addr = htonl(np->n_net);
- strcpy(name, np->n_name);
return 1;
}
#ifdef DEBUG
errno = h_errno;
return -1;
}
- memcpy((char *) &sin->sin_addr, (char *) hp->h_addr_list[0], hp->h_length);
- strcpy(name, hp->h_name);
+ memcpy((char *) &sin->sin_addr, (char *) hp->h_addr_list[0],
+ sizeof(struct in_addr));
+
return 0;
}
-static int INET_rresolve(char *name, struct sockaddr_in *sin, int numeric,
- unsigned int netmask)
+static int INET_rresolve(char *name, size_t len, struct sockaddr_in *sin,
+ int numeric, unsigned int netmask)
{
struct hostent *ent;
struct netent *np;
if (ad == INADDR_ANY) {
if ((numeric & 0x7FFF) == 0) {
if (numeric & 0x8000)
- strcpy(name, "default");
+ safe_strncpy(name, "default", len);
else
- strcpy(name, "*");
+ safe_strncpy(name, "*", len);
return (0);
}
}
if (numeric & 0x7FFF) {
- strcpy(name, inet_ntoa(sin->sin_addr));
+ safe_strncpy(name, inet_ntoa(sin->sin_addr), len);
return (0);
}
#if 0
pn = INET_nn;
while (pn != NULL) {
if (pn->addr.sin_addr.s_addr == ad) {
- strcpy(name, pn->name);
+ safe_strncpy(name, pn->name, len);
return (0);
}
pn = pn->next;
if ((ad & (~ netmask)) != 0) {
ent = gethostbyaddr((char *) &ad, 4, AF_INET);
if (ent != NULL)
- strcpy(name, ent->h_name);
+ safe_strncpy(name, ent->h_name, len);
} else {
np = getnetbyaddr(host_ad, AF_INET);
- if (np != NULL) {
- strcpy(name, np->n_name);
- }
- }
- if ((ent == NULL) && (np == NULL)) {
- strcpy(name, inet_ntoa(sin->sin_addr));
+ if (np != NULL)
+ safe_strncpy(name, np->n_name, len);
}
+ if ((ent == NULL) && (np == NULL))
+ safe_strncpy(name, inet_ntoa(sin->sin_addr), len);
pn = (struct addr *) malloc(sizeof(struct addr));
pn->addr = *sin;
pn->next = INET_nn;
if (sap->sa_family == 0xFFFF || sap->sa_family == 0)
return safe_strncpy(buff, _("[NONE SET]"), sizeof(buff));
- if (INET_rresolve(buff, (struct sockaddr_in *) sap, numeric,
- 0xffffff00) != 0)
+
+ if (INET_rresolve(buff, sizeof(buff), (struct sockaddr_in *) sap,
+ numeric, 0xffffff00) != 0)
return (NULL);
+
return (buff);
}
if (sap->sa_family == 0xFFFF || sap->sa_family == 0)
return safe_strncpy(buff, _("[NONE SET]"), sizeof(buff));
- if (INET_rresolve(buff, (struct sockaddr_in *) sap, numeric,
- netmask) != 0)
+ if (INET_rresolve(buff, sizeof(buff), (struct sockaddr_in *) sap,
+ numeric, netmask) != 0)
return (NULL);
return (buff);
}
* NET-3 Networking Distribution for the LINUX operating
* system. (net-tools, net-drivers)
*
- * Version: $Id: masq_info.c,v 1.5 1999/02/23 12:46:31 philip Exp $
+ * Version: $Id: masq_info.c,v 1.6 1999/06/12 23:04:19 philip Exp $
*
* Author: Bernd 'eckes' Eckenfels <net-tools@lina.inka.de>
* Copyright 1999 Bernd Eckenfels, Germany
ms->proto = "udp";
else if (strcmp("ICMP", buf) == 0)
ms->proto = "icmp";
+ else if (strcmp("GRE", buf) == 0)
+ ms->proto = "gre";
+ else if (strcmp("ESP", buf) == 0)
+ ms->proto = "esp";
else {
EINTERN("masq_info.c", "ip_masquerade unknown type");
return (-1);
* NET-3 Networking Distribution for the LINUX operating
* system.
*
- * Version: $Id: netstat.c,v 1.27 1999/04/20 14:28:14 philip Exp $
+ * Version: $Id: netstat.c,v 1.28 1999/06/12 23:04:15 philip Exp $
*
* Authors: Fred Baumgarten, <dc6iq@insu1.etec.uni-karlsruhe.de>
* Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
((struct sockaddr *) &mcastaddr)->sa_family);
return;
}
- strcpy(mcast_addr, ap->sprint((struct sockaddr *) &mcastaddr,
- flag_not));
+ safe_strncpy(mcast_addr, ap->sprint((struct sockaddr *) &mcastaddr,
+ flag_not), sizeof(mcast_addr));
printf("%-15s %-6d %s\n", device, refcnt, mcast_addr);
#endif
} else { /* IPV4 */
((struct sockaddr *) &mcastaddr)->sa_family);
return;
}
- strcpy(mcast_addr, ap->sprint((struct sockaddr *) &mcastaddr,
- flag_not) );
+ safe_strncpy(mcast_addr, ap->sprint((struct sockaddr *) &mcastaddr,
+ flag_not), sizeof(mcast_addr));
printf("%-15s %-6d %s\n", device, refcnt, mcast_addr );
#endif
} /* IPV4 */
rxq = 0L;
txq = 0L;
}
- strcpy(local_addr, ap->sprint((struct sockaddr *) &localaddr, flag_not));
- strcpy(rem_addr, ap->sprint((struct sockaddr *) &remaddr, flag_not));
+ safe_strncpy(local_addr, ap->sprint((struct sockaddr *) &localaddr,
+ flag_not), sizeof(local_addr));
+ safe_strncpy(rem_addr, ap->sprint((struct sockaddr *) &remaddr, flag_not),
+ sizeof(rem_addr));
if (flag_all || (flag_lst && !rem_port) || (!flag_lst && rem_port)) {
snprintf(buffer, sizeof(buffer), "%s", get_sname(htons(local_port), "tcp", flag_not));
if (flag_all || (notnull(remaddr) && !flag_lst) || (!notnull(remaddr) && flag_lst))
{
- strcpy(local_addr, ap->sprint((struct sockaddr *) &localaddr, flag_not));
+ safe_strncpy(local_addr, ap->sprint((struct sockaddr *) &localaddr,
+ flag_not), sizeof(local_addr));
snprintf(buffer, sizeof(buffer), "%s", get_sname(htons(local_port), "udp", flag_not));
if ((strlen(local_addr) + strlen(buffer)) > 22)
local_addr[22 - strlen(buffer)] = '\0';
strcat(local_addr, buffer);
snprintf(buffer, sizeof(buffer), "%s", get_sname(htons(rem_port), "udp", flag_not));
- strcpy(rem_addr, ap->sprint((struct sockaddr *) &remaddr, flag_not));
+ safe_strncpy(rem_addr, ap->sprint((struct sockaddr *) &remaddr,
+ flag_not), sizeof(rem_addr));
if ((strlen(rem_addr) + strlen(buffer)) > 22)
rem_addr[22 - strlen(buffer)] = '\0';
strcat(rem_addr, ":");
if (flag_all || (notnull(remaddr) && !flag_lst) || (!notnull(remaddr) && flag_lst))
{
snprintf(buffer, sizeof(buffer), "%s", get_sname(htons(local_port), "raw", flag_not));
- strcpy(local_addr, ap->sprint((struct sockaddr *) &localaddr, flag_not));
+ safe_strncpy(local_addr, ap->sprint((struct sockaddr *) &localaddr,
+ flag_not), sizeof(local_addr));
if ((strlen(local_addr) + strlen(buffer)) > 22)
local_addr[22 - strlen(buffer)] = '\0';
strcat(local_addr, ":");
strcat(local_addr, buffer);
snprintf(buffer, sizeof(buffer), "%s", get_sname(htons(rem_port), "raw", flag_not));
- strcpy(rem_addr, ap->sprint((struct sockaddr *) &remaddr, flag_not));
+ safe_strncpy(rem_addr, ap->sprint((struct sockaddr *) &remaddr,
+ flag_not), sizeof(rem_addr));
if ((strlen(rem_addr) + strlen(buffer)) > 22)
rem_addr[22 - strlen(buffer)] = '\0';
strcat(rem_addr, ":");
/* Fetch and resolve the Source */
(void) ap->input(4, sad, &sa);
- strcpy(buf, ap->sprint(&sa, flag_not));
+ safe_strncpy(buf, ap->sprint(&sa, flag_not), sizeof(buf));
snprintf(sad, sizeof(sad), "%s:%04X", buf, sport);
if (!nc) {
/* Fetch and resolve the Destination */
(void) ap->input(4, dad, &sa);
- strcpy(buf, ap->sprint(&sa, flag_not));
+ safe_strncpy(buf, ap->sprint(&sa, flag_not), sizeof(buf));
snprintf(dad, sizeof(dad), "%s:%04X", buf, dport);
} else
strcpy(dad, "-");
#include "version.h"
#include "config.h"
#include "intl.h"
+#include "util.h"
#ifndef _PATH_LOCKD
#define _PATH_LOCKD "/var/lock" /* lock files */
/* Is a terminal given? */
if (optind != (argc - 1)) usage();
- strncpy(path, argv[optind], 128);
+ safe_strncpy(path, argv[optind], sizeof(path));
if (!strcmp(path, "-")) {
opt_e = 1;
sp = NULL;