Possible bug in libipt_psd.c
Steven Coenen
steven@easics.be
Mon, 11 Feb 2002 19:40:31 +0100
This is a cryptographically signed message in MIME format.
--------------msB2DE81D11E9E20AC2C073B3B
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hello,
I tried out the psd target and I noticed I could not set
the psd-delay-threshold higher than 100. I browsed a bit
through the code and saw that acceptable values should
be between 0 and 10000. But setting it to any value > 100
always results in value 100 ('iptables -L' shows this).
I started looking in libipt_psd.c and found some 'strange' code
in the beginning of the parse function :
char storage[sizeof(optarg) + 1];
/* string_to_number needs this */
storage[0] = ' ';
strncpy(&storage[1], optarg, (size_t) sizeof(optarg));
storage[sizeof(optarg)] = 0;
The variable storage always get 5 bytes (on i386/Linux), because
sizeof(optarg) = sizeof(char*) = 4 ( != length of optarg )
Then 4 bytes from optarg are copied into storage.
Shouldn't this be :
char storage[strlen(optarg) + 1];
storage[0] = ' ';
strcpy(&storage[1], optarg);
If I apply this patch, it works for me. ( I don't know if the
first line is a GCC extension or not).
Regards,
Steven.
--
===================================================================
Steven Coenen === Easics NV
Design Engineer === a TranSwitch Company
Tel: +32-16-395 615 === System-on-Chip Design
Fax: +32-16-395 619 Interleuvenlaan 86, B-3001 Leuven, BELGIUM
mailto:steven@easics.be http://www.easics.com
--------------msB2DE81D11E9E20AC2C073B3B
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIILYwYJKoZIhvcNAQcCoIILVDCCC1ACAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
CWUwggJpMIIB0qADAgECAgsBAAAAAADoAu0S+DANBgkqhkiG9w0BAQUFADBdMQswCQYDVQQG
EwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTETMBEGA1UECxMKQ2xhc3MgMiBDQTEe
MBwGA1UEAxMVR2xvYmFsU2lnbiBDbGFzcyAyIENBMB4XDTAxMDczMDA4MjUwM1oXDTAyMDcz
MDA4MjUwM1owRjELMAkGA1UEBhMCQkUxFjAUBgNVBAMTDVN0ZXZlbiBDb2VuZW4xHzAdBgkq
hkiG9w0BCQEWEHN0ZXZlbkBlYXNpY3MuYmUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
AM3sdcbtqeNZqE6IStqQ7hMHBEGl2g3sIaF/shOQ062nc+QkUEVqlkafiGsvkJ9wSLNiLP32
2RyNET6kle4PmuVx9rWR11Cmhj3LNPljW0LNGm660Kf8JlcTVljemMHj4bdXZELxdfYRSKSm
722DPK7mBS1qp08UjVjVG2JBcaf/AgMBAAGjRjBEMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNV
HQ8BAf8EBAMCBPAwHwYDVR0jBBgwFoAUEW7XkWDLBuRXAFeonIC9djPlWVEwDQYJKoZIhvcN
AQEFBQADgYECe/PQgFf5SufPLtZQomNkUbJh3IWrokaj+D/da/sqlX4lVTMWZUuDUtRbfE21
duGUioZQhuBQ7wQFQ20tNtAtW/4l7zadRtENL3WMjjOxOdasNrSrInA5hPPlbev/s2g9Vtnl
QMm+mPiVIDy12nrjGuC5LyIMQG7gy15PdNn+XZQwggNEMIICLKADAgECAgsCAAAAAADWeLqi
5jANBgkqhkiG9w0BAQQFADBtMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
di1zYTEbMBkGA1UECxMSUHJpbWFyeSBDbGFzcyAyIENBMSYwJAYDVQQDEx1HbG9iYWxTaWdu
IFByaW1hcnkgQ2xhc3MgMiBDQTAeFw05OTAxMjgxMjAwMDFaFw0wNDAxMjgxMjAwMDBaMF0x
CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRMwEQYDVQQLEwpDbGFz
cyAyIENBMR4wHAYDVQQDExVHbG9iYWxTaWduIENsYXNzIDIgQ0EwgZ8wDQYJKoZIhvcNAQEB
BQADgY0AMIGJAoGBANhRWw+Tx0lgd1EUjuOddXUeyYUOf0wDGRl2pO56K/yDBgPHnBaavo5O
EQpAf6wyidPBefz5RNGHU8/b07stXym5+roR+1Si28bT5rXAiC+1TgKH3MubGXn2v900et4z
hVroMnXPQ2FFDePIhztHEKHl3y1sBwZH+U7Y+/aEngzDAgMBAAGjeTB3MA4GA1UdDwEB/wQE
AwIABjAdBgNVHQ4EFgQUEW7XkWDLBuRXAFeonIC9djPlWVEwHwYDVR0jBBgwFoAUfOeysSze
sadr6XYM4aP9TmzHufYwEQYJYIZIAYb4QgEBBAQDAgAGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
DQYJKoZIhvcNAQEEBQADggEBAARDHuS6wKQebCQDOctCH6ksMwzv/BsHSKduR7cItVq4lbEt
Jc4CdpJwbtqOEMf8HckyrYpVIdnHVgT38m/Q4nvBlUXmyXcfNUwQB/JzAkwPcED4PBumsCIi
l3Sd875h+Y7gVBY0am+USHyuBQX6V/j0mHTUk/XsEJlMY7fp6RFh0dRI0LIjohG8qDgYDRA4
/FvF3qNiMsp28AbZbgw2wUAmh0dRL5z4XmK99jI2jBSmR2L6XcWi2lkZUNJgHb9EEk890XTB
13zjZlzuRQsJqRzfiCQQ3nYgfM0U3Y1as1a+IJzcDHZav4JS/PK8FjNEVgfTFTaqV0G90YWQ
cbDD3HMwggOsMIIClKADAgECAgsCAAAAAADWeLiNjTANBgkqhkiG9w0BAQQFADBXMQswCQYD
VQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UECxMHUm9vdCBDQTEb
MBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTk5MDEyODEyMDAwMFoXDTA5MDEyODEy
MDAwMFowbTELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExGzAZBgNV
BAsTElByaW1hcnkgQ2xhc3MgMiBDQTEmMCQGA1UEAxMdR2xvYmFsU2lnbiBQcmltYXJ5IENs
YXNzIDIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSjP7v9EWOF0Fu/Ni/
IW+rBp1SwSwAnT+Ohbh/So+9oGMqykknrlqC9HTiVZL/wtGqeaK2+tWdggRPxrLGXmOnOrrY
7uuKb5+2uyhBwCL7TkgaBpLXv9fPudm9OE87DURuVUH+/Anb2L/zjiHx6BK19hOl08ZMkyKw
Av/uHQzEqGtPdWhW6NwoElD3qCSdLiQ5+wkF3uWjZEkh0Gh+cTCRsWDgOfRQ+HpNmABrfHm6
Ts5K4ro2HbfFNhWVnGRC6l/EuvVABb7hOlm9hKcZuN5NU1DOB9HSUdPvDYFs5udty118P3zM
7E+DJyX/cFD2g1l1hAZmWCzeiY0Apkn5pUN3AgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIABjAd
BgNVHQ4EFgQUfOeysSzesadr6XYM4aP9TmzHufYwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99
BM00qP/8/UswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAY91Zzop5qpid
TsWJZDd+ipNnLxDqbyfDjXdt8lxWlBkaaWAwRl2P8m1FPI41l3wvuFHi6Im9iM8nHAg0XIjB
aCTbkYXkz/v7Q43oJQEbxA73AEJIhh8kCFhajI3ya0csaJGxaUL9DY3JJuaShqZkbpLFzj48
fXHjI6Srx9Woqd+CpzvohtXDTxjjRNDg3PPFaC7+pS8FhMh+R0JTa4dK/jL/Xj5wjLeoFcwX
wv9G7NDsLbRuEiip+UDp69Rml1OpaVXAqaqyLs3RafS++Lt8ae5Uptue+1qmPv6a75RRS3Xu
2NThmvECVhOJDqdCi5aLhQwbhb4mrqummbwi8XPfQjGCAcYwggHCAgEBMGwwXTELMAkGA1UE
BhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEzARBgNVBAsTCkNsYXNzIDIgQ0Ex
HjAcBgNVBAMTFUdsb2JhbFNpZ24gQ2xhc3MgMiBDQQILAQAAAAAA6ALtEvgwCQYFKw4DAhoF
AKCBsTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wMjAyMTEx
ODQwMzFaMCMGCSqGSIb3DQEJBDEWBBTiNkt9tK9QI04dI7uz2cHIRR4ovDBSBgkqhkiG9w0B
CQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDAHBgUrDgMCBzANBggqhkiG9w0D
AgIBQDANBggqhkiG9w0DAgIBKDANBgkqhkiG9w0BAQEFAASBgG0zseHd+hOuMFeGXOr8LNY0
uULrsNv5kEfBoCRI5eVa/8mA6eByQBZdmPcd0rkatcgVFZpZX+tMugfXoV4r+Voh/oVndsbe
QJk+jU+ZZuB6qGgxxjJxm/Ix5LSSwJBhLt9DKkwE1X4gSLioof9hirMvTi8+SO6/JhX/8o6L
qkby
--------------msB2DE81D11E9E20AC2C073B3B--