From 786cb132e8f27e58e3ac90889f6ea1c997441bd6 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Fri, 30 Mar 2012 21:21:57 -0700
Subject: Fix an IPv6 breakage I introduced by adding an strlcpy truncation
 check. Found by Matthieu Patou <mat@samba.org>.

The truncate of the strlcpy() here was a *desired* side effect.
strlcpy()/strlcat() should never be used like that. Be more
explicit about the truncation and don't use strlcpy here.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Mar 31 07:59:16 CEST 2012 on sn-devel-104
---
 lib/util/util_net.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/util/util_net.c b/lib/util/util_net.c
index 69e5324180..36b3fcbc4a 100644
--- a/lib/util/util_net.c
+++ b/lib/util/util_net.c
@@ -107,11 +107,18 @@ static bool interpret_string_addr_pref(struct sockaddr_storage *pss,
 		 */
 
 		if (p && (p > str) && ((scope_id = if_nametoindex(p+1)) != 0)) {
-			size_t len = MIN(PTR_DIFF(p,str)+1, sizeof(addr));
-			if (strlcpy(addr, str, len) >= len) {
-				/* Truncate. */
+			/* Length of string we want to copy.
+			   This is IP:v6:addr (removing the %ifname).
+			 */
+			size_t len = PTR_DIFF(p,str);
+
+			if (len+1 > sizeof(addr)) {
+				/* string+nul too long for array. */
 				return false;
 			}
+			memcpy(addr, str, len);
+			addr[len] = '\0';
+
 			str = addr;
 		}
 	}
-- 
cgit