Thu Aug 27 02:50:44 2020 UTC ()
Paranoia: use strlcpy rather than strcpy here and detect truncation.

Not an issue for the one caller in tree, but let's not leave rakes to
step on.


(riastradh)
diff -r1.1 -r1.2 src/sys/rump/net/lib/libwg/wg_user.c
cvs diff -r1.1 -r1.2 src/sys/rump/net/lib/libwg/wg_user.c (expand / switch to unified diff)

--- src/sys/rump/net/lib/libwg/wg_user.c 2020/08/26 16:03:42 1.1
+++ src/sys/rump/net/lib/libwg/wg_user.c 2020/08/27 02:50:44 1.2
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: wg_user.c,v 1.1 2020/08/26 16:03:42 riastradh Exp $ */ 1/* $NetBSD: wg_user.c,v 1.2 2020/08/27 02:50:44 riastradh Exp $ */
2 2
3/* 3/*
4 * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com> 4 * Copyright (C) Ryota Ozaki <ozaki.ryota@gmail.com>
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * Based on wg_user.c by Antti Kantee. 7 * Based on wg_user.c by Antti Kantee.
8 * 8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
11 * are met: 11 * are met:
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright 14 * 2. Redistributions in binary form must reproduce the above copyright
@@ -19,27 +19,27 @@ @@ -19,27 +19,27 @@
19 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 19 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 20 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
21 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
24 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE. 28 * SUCH DAMAGE.
29 */ 29 */
30 30
31#include <sys/cdefs.h> 31#include <sys/cdefs.h>
32__KERNEL_RCSID(0, "$NetBSD: wg_user.c,v 1.1 2020/08/26 16:03:42 riastradh Exp $"); 32__KERNEL_RCSID(0, "$NetBSD: wg_user.c,v 1.2 2020/08/27 02:50:44 riastradh Exp $");
33 33
34#ifndef _KERNEL 34#ifndef _KERNEL
35#include <sys/types.h> 35#include <sys/types.h>
36#include <sys/ioctl.h> 36#include <sys/ioctl.h>
37#include <sys/uio.h> 37#include <sys/uio.h>
38#include <sys/socket.h> 38#include <sys/socket.h>
39#include <sys/param.h> 39#include <sys/param.h>
40 40
41#include <net/if.h> 41#include <net/if.h>
42#include <net/if_tun.h> 42#include <net/if_tun.h>
43 43
44#include <netinet/in.h> 44#include <netinet/in.h>
45 45
@@ -233,33 +233,38 @@ rumpuser_wg_create(const char *tun_name, @@ -233,33 +233,38 @@ rumpuser_wg_create(const char *tun_name,
233{ 233{
234 struct wg_user *wgu = NULL; 234 struct wg_user *wgu = NULL;
235 void *cookie; 235 void *cookie;
236 int rv; 236 int rv;
237 237
238 cookie = rumpuser_component_unschedule(); 238 cookie = rumpuser_component_unschedule();
239 239
240 wgu = malloc(sizeof(*wgu)); 240 wgu = malloc(sizeof(*wgu));
241 if (wgu == NULL) { 241 if (wgu == NULL) {
242 rv = errno; 242 rv = errno;
243 goto oerr1; 243 goto oerr1;
244 } 244 }
245 245
 246 if (strlcpy(wgu->wgu_tun_name, tun_name, sizeof(wgu->wgu_tun_name))
 247 >= sizeof(wgu->wgu_tun_name)) {
 248 rv = EINVAL;
 249 goto oerr2;
 250 }
 251 wgu->wgu_sc = wg;
 252
246 wgu->wgu_fd = open_tun(tun_name); 253 wgu->wgu_fd = open_tun(tun_name);
247 if (wgu->wgu_fd == -1) { 254 if (wgu->wgu_fd == -1) {
248 rv = errno; 255 rv = errno;
249 goto oerr2; 256 goto oerr2;
250 } 257 }
251 strcpy(wgu->wgu_tun_name, tun_name); 
252 wgu->wgu_sc = wg; 
253 258
254 if (pipe(wgu->wgu_pipe) == -1) { 259 if (pipe(wgu->wgu_pipe) == -1) {
255 rv = errno; 260 rv = errno;
256 goto oerr3; 261 goto oerr3;
257 } 262 }
258 263
259 wgu->wgu_sock4 = socket(AF_INET, SOCK_DGRAM, 0); 264 wgu->wgu_sock4 = socket(AF_INET, SOCK_DGRAM, 0);
260 wgu->wgu_sock6 = socket(AF_INET6, SOCK_DGRAM, 0); 265 wgu->wgu_sock6 = socket(AF_INET6, SOCK_DGRAM, 0);
261 if (wgu->wgu_sock4 == -1 || wgu->wgu_sock6 == -1) { 266 if (wgu->wgu_sock4 == -1 || wgu->wgu_sock6 == -1) {
262 rv = errno; 267 rv = errno;
263 goto oerr4; 268 goto oerr4;
264 } 269 }
265 270