From f14233edbded0f2acccdf491b2173debd5c836e6 Mon Sep 17 00:00:00 2001 From: Rafael Zalamena Date: Wed, 6 Jul 2022 07:52:17 -0300 Subject: [PATCH] bfdd: fix coverity memory overrun Use the destination for the operator `sizeof()` instead of the source which could (and is) be bigger than destination. We are not truncating any data here it just happens that the zebra interface data structure hardware address can be bigger due to different types of interface. Signed-off-by: Rafael Zalamena --- bfdd/bfd_packet.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bfdd/bfd_packet.c b/bfdd/bfd_packet.c index 23778c82d5..d34d642762 100644 --- a/bfdd/bfd_packet.c +++ b/bfdd/bfd_packet.c @@ -219,8 +219,8 @@ void ptm_bfd_echo_fp_snd(struct bfd_session *bfd) /* add eth hdr */ eth = (struct ethhdr *)(sendbuff); - memcpy(eth->h_source, bfd->ifp->hw_addr, sizeof(bfd->ifp->hw_addr)); - memcpy(eth->h_dest, bfd->peer_hw_addr, sizeof(bfd->peer_hw_addr)); + memcpy(eth->h_source, bfd->ifp->hw_addr, sizeof(eth->h_source)); + memcpy(eth->h_dest, bfd->peer_hw_addr, sizeof(eth->h_dest)); total_len += sizeof(struct ethhdr);