[quagga-dev 3096] Re: bugs related to length of interface names
Andrew J. Schorr
aschorr at telemetry-investments.com
Sun Apr 3 04:18:14 BST 2005
This looks to me like a bug in zebra/if_proc.c:ifaddr_proc_ipv6():
n = sscanf (buf, "%32s %02x %02x %02x %02x %20s",
addr, &ifindex, &plen, &scope, &status, ifname);
If ifname has 20 chars, then doesn't scanf("%20s",ifname) risk
overflowing ifname (putting '\0' in ifname)?
Is that 20 supposed to correspond to INTERFACE_NAMSIZ? Or is there
some other (more meaningful?) reason for using a value of 20?
More information about the Quagga-dev