jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-18 15:00:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

auth: Don't overflow buffer in CompFindUser

Browse Source 
The fullname buffer in CompFindUser is theoretically big enough
to take the data usually supplied to it. However, play it safe by
using strlcat and strlcpy to catch buffer overflows.

Caught by coverity (#985771)

Change-Id: Icc80d012b61ae90e1a62a814f7a6d552bb264294
Reviewed-on: http://gerrit.openafs.org/9543
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
This commit is contained in:
Simon Wilkinson 2013-03-02 13:01:14 +00:00 committed by Derrick Brashear
parent 8c664a8c0f
commit cc95fca8e1
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/auth/userok.c
View File

@ -553,7 +553,9 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst,
if (!name || !name[0]) {
return 0;
}
strcpy(fullname, name);
if (strlcpy(fullname, name, sizeof(fullname)) >= sizeof(fullname))
return 0;
/* might have instance */
if (inst && inst[0]) {
@ -561,14 +563,20 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst,
return 0;
}
strcat(fullname, sep);
strcat(fullname, inst);
if (strlcat(fullname, sep, sizeof(fullname)) >= sizeof(fullname))
return 0;
if (strlcat(fullname, inst, sizeof(fullname)) >= sizeof(fullname))
return 0;
}
/* might have realm */
if (realm && realm[0]) {
strcat(fullname, "@");
strcat(fullname, realm);
if (strlcat(fullname, "@", sizeof(fullname)) >= sizeof(fullname))
return 0;
if (strlcat(fullname, realm, sizeof(fullname)) >= sizeof(fullname))
return 0;
}
testId = rx_identity_new(RX_ID_KRB4, fullname, fullname, strlen(fullname));