--- net-tools-20181103_0eebece/lib/interface.c.orig	2019-07-22 20:31:05.000000000 +0200
+++ net-tools-20181103_0eebece/lib/interface.c	2026-06-16 16:46:13.324696508 +0200
@@ -210,8 +210,17 @@
     return err;
 }
 
-static const char *get_name(char *name, const char *p)
+static const char *get_name(char *name, size_t size, const char *p)
 {
+    /*
+     * This is only called once from if_readlist_proc() and the size
+     * to be passed should always be IFNAMSIZ.
+     */	
+    if(size-- <= 0) abort();
+
+    /* last octet of if name is always NUL */ 
+    name[size] = '\0';
+
     while (isspace(*p))
 	p++;
     while (*p) {
@@ -223,8 +232,15 @@
 		if (*p == ':') {
 			/* Yes it is, backup and copy it. */
 			p = dot;
+			/*
+			 * Overflow happens when /proc contains garbage
+			 * instead of valid kernel data, no reason to
+			 * continue execution then.
+			 */
+		        if(size-- <= 0) abort();
 			*name++ = *p++;
 			while (*p && isdigit(*p)) {
+				if(size-- <= 0) abort();
 				*name++ = *p++;
 			}
 		} else {
@@ -234,9 +250,10 @@
 	    p++;
 	    break;
 	}
+	if(size-- <= 0) abort();
 	*name++ = *p++;
     }
-    *name++ = '\0';
+    *name = '\0';
     return p;
 }
 
@@ -361,7 +378,7 @@
     while (fgets(buf, sizeof buf, fh)) {
 	const char *s;
 	char name[IFNAMSIZ];
-	s = get_name(name, buf);
+	s = get_name(name, sizeof name, buf);
 	ife = if_cache_add(name);
 	get_dev_fields(s, ife);
 	ife->statistics_valid = 1;