bfdd: fix coverity memory overrun

Use the destination for the operator `sizeof()` instead of the source
which could (and is) be bigger than destination.

We are not truncating any data here it just happens that the zebra
interface data structure hardware address can be bigger due to different
types of interface.

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
This commit is contained in:
Rafael Zalamena 2022-07-06 07:52:17 -03:00
parent 500fe387a0
commit f14233edbd

View File

@ -219,8 +219,8 @@ void ptm_bfd_echo_fp_snd(struct bfd_session *bfd)
/* add eth hdr */
eth = (struct ethhdr *)(sendbuff);
memcpy(eth->h_source, bfd->ifp->hw_addr, sizeof(bfd->ifp->hw_addr));
memcpy(eth->h_dest, bfd->peer_hw_addr, sizeof(bfd->peer_hw_addr));
memcpy(eth->h_source, bfd->ifp->hw_addr, sizeof(eth->h_source));
memcpy(eth->h_dest, bfd->peer_hw_addr, sizeof(eth->h_dest));
total_len += sizeof(struct ethhdr);