jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-18 23:10:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

upserver: Don't overflow file and hostname buffers

Browse Source 
If the user specifies a ridiculously long command line, don't
overflow the filename or hostname buffers with what they supply.

Caught by coverity (#985911)

Change-Id: Ia73f9fb94491f5691358eec1d13dbdd2651a604c
Reviewed-on: http://gerrit.openafs.org/9546
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
This commit is contained in:
Simon Wilkinson 2013-03-04 16:22:08 +00:00 committed by Derrick Brashear
parent ceac74a6ba
commit d672d5ee78
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/update/client.c
View File

@ -177,10 +177,18 @@ main(int argc, char **argv)
("Usage: upclient <hostname> [-crypt] [-clear] [-t <retry time>] [-verbose]* <dir>+ [-help]\n"); ("Usage: upclient <hostname> [-crypt] [-clear] [-t <retry time>] [-verbose]* <dir>+ [-help]\n");
exit(1); exit(1);
} }
} else if (strlen(hostname) == 0) } else if (strlen(hostname) == 0) {
strcpy(hostname, argv[a]); if (strlcpy(hostname, argv[a], sizeof(hostname))
else { >= sizeof(hostname)) {
strcpy(filename, argv[a]); fprintf(stderr, "Supplied hostname is too long\n");
exit(1);
}
} else {
if (strlcpy(filename, argv[a], sizeof(filename))
>= sizeof(filename)) {
fprintf(stderr, "Supplied filename is too long\n");
exit(1);
}
FilepathNormalize(filename); FilepathNormalize(filename);
AddToList(&dirname, filename); AddToList(&dirname, filename);
} }