diff options
| author | Greg Hudson <ghudson@mit.edu> | 2008-11-05 16:19:01 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2008-11-05 16:19:01 +0000 |
| commit | 6d38cab0b686e49b3a72e02e29099cd491e052cb (patch) | |
| tree | 0095bfb30797e75bef5d6e4c01b4586a48e1cbfb | |
| parent | 6566763d0c306ad4dca003f2c4b9dd354d3d14fb (diff) | |
| download | krb5-6d38cab0b686e49b3a72e02e29099cd491e052cb.tar.gz krb5-6d38cab0b686e49b3a72e02e29099cd491e052cb.tar.xz krb5-6d38cab0b686e49b3a72e02e29099cd491e052cb.zip | |
Convert many uses of strcpy/strcat (and sometimes sprintf) to accepted
string-handling functions.
ticket: 6200
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21001 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/appl/bsd/krsh.c | 16 | ||||
| -rw-r--r-- | src/appl/bsd/krshd.c | 37 | ||||
| -rw-r--r-- | src/appl/gssftp/ftp/ftp.c | 5 | ||||
| -rw-r--r-- | src/appl/gssftp/ftp/glob.c | 3 | ||||
| -rw-r--r-- | src/appl/gssftp/ftpd/ftpcmd.y | 4 | ||||
| -rw-r--r-- | src/appl/telnet/libtelnet/gettytab.c | 2 | ||||
| -rw-r--r-- | src/kadmin/cli/kadmin.c | 19 | ||||
| -rw-r--r-- | src/kadmin/server/ipropd_svc.c | 17 | ||||
| -rw-r--r-- | src/kdc/kdc_util.c | 33 | ||||
| -rw-r--r-- | src/kdc/kerberos_v4.c | 3 | ||||
| -rw-r--r-- | src/lib/krb5/krb/parse.c | 2 | ||||
| -rw-r--r-- | src/lib/krb5/os/dnssrv.c | 29 | ||||
| -rw-r--r-- | src/lib/krb5/os/hst_realm.c | 20 | ||||
| -rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c | 12 | ||||
| -rw-r--r-- | src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 15 | ||||
| -rw-r--r-- | src/tests/asn.1/ktest.c | 47 | ||||
| -rw-r--r-- | src/util/profile/prof_file.c | 2 |
17 files changed, 125 insertions, 141 deletions
diff --git a/src/appl/bsd/krsh.c b/src/appl/bsd/krsh.c index b12e253257..6441891ee0 100644 --- a/src/appl/bsd/krsh.c +++ b/src/appl/bsd/krsh.c @@ -128,7 +128,7 @@ main(argc, argv0) char **argv0; { int rem, pid = 0; - char *host=0, *cp, **ap, buf[RCMD_BUFSIZ], *args, **argv = argv0, *user = 0; + char *host=0, **ap, buf[RCMD_BUFSIZ], *args, **argv = argv0, *user = 0; register int cc; struct passwd *pwd; fd_set readfrom, ready; @@ -320,17 +320,13 @@ main(argc, argv0) cc += strlen(*ap) + 1; if (encrypt_flag) cc += 3; - cp = args = (char *) malloc((unsigned) cc); - if (encrypt_flag) { - strcpy(args, "-x "); - cp += 3; - } + args = (char *) malloc((unsigned) cc); + if (encrypt_flag) + strlcpy(args, "-x ", cc); for (ap = argv; *ap; ap++) { - (void) strcpy(cp, *ap); - while (*cp) - cp++; + (void) strlcat(args, *ap, cc); if (ap[1]) - *cp++ = ' '; + strlcat(args, " ", cc); } if(debug_port == 0) { diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c index 0c2c82eab4..2b4c383bf1 100644 --- a/src/appl/bsd/krshd.c +++ b/src/appl/bsd/krshd.c @@ -1522,19 +1522,18 @@ void doit(f, fromp) offst = 3; } - strcpy((char *) cmdbuf + offst, kprogdir); + strlcpy(cmdbuf + offst, kprogdir, sizeof(cmdbuf) - offst); cp = copy + 3 + offst; - cmdbuf[sizeof(cmdbuf) - 1] = '\0'; - if (auth_sys == KRB5_RECVAUTH_V4) { - strncat(cmdbuf, "/v4rcp", sizeof(cmdbuf) - 1 - strlen(cmdbuf)); - } else { - strncat(cmdbuf, "/rcp", sizeof(cmdbuf) - 1 - strlen(cmdbuf)); - } + if (auth_sys == KRB5_RECVAUTH_V4) + strlcat(cmdbuf, "/v4rcp", sizeof(cmdbuf)); + else + strlcat(cmdbuf, "/rcp", sizeof(cmdbuf)); + if (stat((char *)cmdbuf + offst, &s2) >= 0) - strncat(cmdbuf, cp, sizeof(cmdbuf) - 1 - strlen(cmdbuf)); + strlcat(cmdbuf, cp, sizeof(cmdbuf)); else - strncpy(cmdbuf, copy, sizeof(cmdbuf) - 1 - strlen(cmdbuf)); + strlcpy(cmdbuf, copy, sizeof(cmdbuf)); free(copy); } #endif @@ -1948,27 +1947,17 @@ recvauth(netfd, peersin, valid_checksum) struct sockaddr_storage adr; unsigned int adr_length = sizeof(adr); int e; - unsigned int buflen = strlen(cmdbuf)+strlen(locuser)+32; - char * chksumbuf = (char *) malloc(buflen); + char namebuf[32], *chksumbuf = NULL; - if (chksumbuf == 0) - goto error_cleanup; if (getsockname(netfd, (struct sockaddr *) &adr, &adr_length) != 0) goto error_cleanup; e = getnameinfo((struct sockaddr *)&adr, adr_length, 0, 0, - chksumbuf, buflen, NI_NUMERICSERV); - if (e) { - free(chksumbuf); + namebuf, sizeof(namebuf), NI_NUMERICSERV); + if (e) fatal(netfd, "local error: can't examine port number"); - } - if (strlen(chksumbuf) > 30) { - free(chksumbuf); - fatal(netfd, "wacky local port number?!"); - } - strcat(chksumbuf, ":"); - strcat(chksumbuf,cmdbuf); - strcat(chksumbuf,locuser); + if (asprintf(&chksumbuf, "%s:%s%s", namebuf, cmdbuf, locuser) < 0) + goto error_cleanup; status = krb5_verify_checksum(bsd_context, authenticator->checksum->checksum_type, diff --git a/src/appl/gssftp/ftp/ftp.c b/src/appl/gssftp/ftp/ftp.c index 1e4a0dcb4a..af5732c584 100644 --- a/src/appl/gssftp/ftp/ftp.c +++ b/src/appl/gssftp/ftp/ftp.c @@ -719,7 +719,8 @@ int getreply(int expecteof) if(msg_data.app_length < sizeof(ibuf) - 2) { memmove(ibuf, msg_data.app_data, msg_data.app_length); - strcpy(&ibuf[msg_data.app_length], "\r\n"); + memcpy(&ibuf[msg_data.app_length], "\r\n", + 3); } else { printf("Message too long!"); } @@ -747,7 +748,7 @@ int getreply(int expecteof) if(msg_buf.length < sizeof(ibuf) - 2 - 1) { memcpy(ibuf, msg_buf.value, msg_buf.length); - strcpy(&ibuf[msg_buf.length], "\r\n"); + memcpy(&ibuf[msg_buf.length], "\r\n", 3); } else { user_gss_error(maj_stat, min_stat, "reply was too long"); diff --git a/src/appl/gssftp/ftp/glob.c b/src/appl/gssftp/ftp/glob.c index 2b7839205b..bbbcb4457c 100644 --- a/src/appl/gssftp/ftp/glob.c +++ b/src/appl/gssftp/ftp/glob.c @@ -213,7 +213,8 @@ expand(as) *gpathp = 0; if (gethdir(gpath + 1)) globerr = "Unknown user name after ~"; - (void) strcpy(gpath, gpath + 1); + (void) memmove(gpath, gpath + 1, + strlen(gpath)); } else (void) strncpy(gpath, home, FTP_BUFSIZ - 1); gpath[FTP_BUFSIZ - 1] = '\0'; diff --git a/src/appl/gssftp/ftpd/ftpcmd.y b/src/appl/gssftp/ftpd/ftpcmd.y index f304541a94..73655a4aaf 100644 --- a/src/appl/gssftp/ftpd/ftpcmd.y +++ b/src/appl/gssftp/ftpd/ftpcmd.y @@ -1108,7 +1108,7 @@ ftpd_getline(s, n, iop) return(s); } (void) memcpy(s, msg_data.app_data, msg_data.app_length); - (void) strcpy(s+msg_data.app_length, "\r\n"); + (void) memcpy(s+msg_data.app_length, "\r\n", 3); } #endif /* KRB5_KRB4_COMPAT */ #ifdef GSSAPI @@ -1140,7 +1140,7 @@ ftpd_getline(s, n, iop) } memcpy(s, msg_buf.value, msg_buf.length); - strcpy(s+msg_buf.length-(s[msg_buf.length-1]?0:1), "\r\n"); + memcpy(s+msg_buf.length-(s[msg_buf.length-1]?0:1), "\r\n", 3); gss_release_buffer(&min_stat, &msg_buf); } #endif /* GSSAPI */ diff --git a/src/appl/telnet/libtelnet/gettytab.c b/src/appl/telnet/libtelnet/gettytab.c index aaad43aad7..d50f8797eb 100644 --- a/src/appl/telnet/libtelnet/gettytab.c +++ b/src/appl/telnet/libtelnet/gettytab.c @@ -117,7 +117,7 @@ nchktc() write(2, "Gettytab entry too long\n", 24); q[TABBUFSIZ - (p-tbuf)] = 0; } - strcpy(p, q+1); + strlcpy(p, q+1, TABBUFSIZ - (p-tbuf)); tbuf = holdtbuf; return(1); } diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c index e5a336aa05..ea64826d32 100644 --- a/src/kadmin/cli/kadmin.c +++ b/src/kadmin/cli/kadmin.c @@ -161,23 +161,22 @@ kadmin_parse_name(name, principal) { char *cp, *fullname; krb5_error_code retval; + int result; /* assumes def_realm is initialized! */ - fullname = (char *)malloc(strlen(name) + 1 + strlen(def_realm) + 1); - if (fullname == NULL) - return ENOMEM; - strcpy(fullname, name); - cp = strchr(fullname, '@'); + cp = strchr(name, '@'); while (cp) { - if (cp - fullname && *(cp - 1) != '\\') + if (cp - name && *(cp - 1) != '\\') break; else cp = strchr(cp + 1, '@'); } - if (cp == NULL) { - strcat(fullname, "@"); - strcat(fullname, def_realm); - } + if (cp == NULL) + result = asprintf(&fullname, "%s@%s", name, def_realm); + else + fullname = strdup(name); + if (result < 0) + return ENOMEM; retval = krb5_parse_name(context, fullname, principal); free(fullname); return retval; diff --git a/src/kadmin/server/ipropd_svc.c b/src/kadmin/server/ipropd_svc.c index b834425b38..a76057cbe8 100644 --- a/src/kadmin/server/ipropd_svc.c +++ b/src/kadmin/server/ipropd_svc.c @@ -33,14 +33,15 @@ extern gss_name_t rqst2name(struct svc_req *rqstp); extern int setup_gss_names(struct svc_req *, gss_buffer_desc *, gss_buffer_desc *); -extern char *client_addr(struct svc_req *, char *); extern void *global_server_handle; extern int nofork; extern short l_port; static char abuf[33]; -char *client_addr(struct svc_req *svc, char *buf) { - return strcpy(buf, inet_ntoa(svc->rq_xprt->xp_raddr.sin_addr)); +/* Result is stored in a static buffer and is invalidated by the next call. */ +static const char *client_addr(struct svc_req *svc) { + strlcpy(abuf, inet_ntoa(svc->rq_xprt->xp_raddr.sin_addr), sizeof(abuf)); + return abuf; } static char *reply_ok_str = "UPDATE_OK"; @@ -183,7 +184,7 @@ iprop_get_updates_1_svc(kdb_last_t *arg, struct svc_req *rqstp) krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, whoami, "<null>", client_name, service_name, - client_addr(rqstp, abuf)); + client_addr(rqstp)); goto out; } @@ -206,7 +207,7 @@ iprop_get_updates_1_svc(kdb_last_t *arg, struct svc_req *rqstp) obuf, ((kret == 0) ? "success" : error_message(kret)), client_name, service_name, - client_addr(rqstp, abuf)); + client_addr(rqstp)); out: if (nofork) @@ -222,7 +223,7 @@ out: * Return arg cl str ptr on success, else NULL. */ static char * -getclhoststr(char *clprinc, char *cl, int len) +getclhoststr(char *clprinc, char *cl, size_t len) { char *s; if ((s = strchr(clprinc, '/')) != NULL) { @@ -301,7 +302,7 @@ iprop_full_resync_1_svc(/* LINTED */ void *argp, struct svc_req *rqstp) krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, whoami, "<null>", client_name, service_name, - client_addr(rqstp, abuf)); + client_addr(rqstp)); goto out; } @@ -406,7 +407,7 @@ iprop_full_resync_1_svc(/* LINTED */ void *argp, struct svc_req *rqstp) "<null>", "success", client_name, service_name, - client_addr(rqstp, abuf)); + client_addr(rqstp)); goto out; } diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 4b2ce474e4..d66832bbe4 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -567,6 +567,7 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans, char *realm; char *trans; char *otrans, *otrans_ptr; + size_t bufsize; /* The following are for stepping through the transited field */ @@ -595,7 +596,10 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans, /* +1 for null, +1 for extra comma which may be added between +1 for potential space when leading slash in realm */ - if (!(trans = (char *) malloc(strlen(realm) + strlen(otrans) + 3))) { + bufsize = strlen(realm) + strlen(otrans) + 3; + if (bufsize > MAX_REALM_LN) + bufsize = MAX_REALM_LN; + if (!(trans = (char *) malloc(bufsize))) { retval = ENOMEM; goto fail; } @@ -783,17 +787,15 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans, } if (new_trans->length != 0) { - if (strlen(trans) + 2 >= MAX_REALM_LN) { + if (strlcat(trans, ",", bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, ","); } - if (strlen(trans) + strlen(current) + 1 >= MAX_REALM_LN) { + if (strlcat(trans, current, bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, current); new_trans->length = strlen(trans); strncpy(prev, exp, sizeof(prev) - 1); @@ -804,24 +806,21 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans, if (!added) { if (new_trans->length != 0) { - if (strlen(trans) + 2 >= MAX_REALM_LN) { + if (strlcat(trans, ",", bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, ","); } if((realm[0] == '/') && trans[0]) { - if (strlen(trans) + 2 >= MAX_REALM_LN) { + if (strlcat(trans, " ", bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, " "); } - if (strlen(trans) + strlen(realm) + 1 >= MAX_REALM_LN) { + if (strlcat(trans, realm, bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, realm); new_trans->length = strlen(trans); } @@ -1532,7 +1531,7 @@ ktypes2str(char *s, size_t len, int nktypes, krb5_enctype *ktype) snprintf(stmp, sizeof(stmp), "%s%ld", i ? " " : "", (long)ktype[i]); if (strlen(s) + strlen(stmp) + sizeof("}") > len) break; - strcat(s, stmp); + strlcat(s, stmp, len); } if (i < nktypes) { /* @@ -1547,9 +1546,9 @@ ktypes2str(char *s, size_t len, int nktypes, krb5_enctype *ktype) continue; } } - strcat(s, "..."); + strlcat(s, "...", len); } - strcat(s, "}"); + strlcat(s, "}", len); return; } @@ -1569,7 +1568,7 @@ rep_etypes2str(char *s, size_t len, krb5_kdc_rep *rep) if (rep->ticket != NULL) { snprintf(stmp, sizeof(stmp), " tkt=%ld", (long)rep->ticket->enc_part.enctype); - strcat(s, stmp); + strlcat(s, stmp, len); } if (rep->ticket != NULL @@ -1577,9 +1576,9 @@ rep_etypes2str(char *s, size_t len, krb5_kdc_rep *rep) && rep->ticket->enc_part2->session != NULL) { snprintf(stmp, sizeof(stmp), " ses=%ld", (long)rep->ticket->enc_part2->session->enctype); - strcat(s, stmp); + strlcat(s, stmp, len); } - strcat(s, "}"); + strlcat(s, "}", len); return; } diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c index 8ac015b7f3..a0c74a18b2 100644 --- a/src/kdc/kerberos_v4.c +++ b/src/kdc/kerberos_v4.c @@ -1012,8 +1012,7 @@ kerb_err_reply(struct sockaddr_in *client, KTEXT pkt, long int err, char *string KTEXT e_pkt = &e_pkt_st; static char e_msg[128]; - strcpy(e_msg, "\nKerberos error -- "); - strncat(e_msg, string, sizeof(e_msg) - 1 - 19); + snprintf(e_msg, sizeof(e_msg), "\nKerberos error -- %s", string); cr_err_reply(e_pkt, req_name_ptr, req_inst_ptr, req_realm_ptr, req_time_ws, err, e_msg); return make_response((char *) e_pkt->dat, e_pkt->length); diff --git a/src/lib/krb5/krb/parse.c b/src/lib/krb5/krb/parse.c index fbcc49db0d..c6b1f6ebe6 100644 --- a/src/lib/krb5/krb/parse.c +++ b/src/lib/krb5/krb/parse.c @@ -270,7 +270,7 @@ krb5_parse_name(krb5_context context, const char *name, krb5_principal *nprincip } *q++ = '\0'; if (!parsed_realm) - strcpy(krb5_princ_realm(context, principal)->data, default_realm); + strlcpy(krb5_princ_realm(context, principal)->data, default_realm, realmsize + 1); /* * Alright, we're done. Now stuff a pointer to this monstrosity * into the return variable, and let's get out of here. diff --git a/src/lib/krb5/os/dnssrv.c b/src/lib/krb5/os/dnssrv.c index d726fb7e54..e10d01d04b 100644 --- a/src/lib/krb5/os/dnssrv.c +++ b/src/lib/krb5/os/dnssrv.c @@ -60,10 +60,11 @@ krb5int_make_srv_query_realm(const krb5_data *realm, struct srv_dns_entry **answers) { const unsigned char *p = NULL, *base = NULL; - char host[MAXDNAME], *h; - int size, ret, rdlen, nlen; + char host[MAXDNAME]; + int size, ret, rdlen, nlen, len; unsigned short priority, weight, port; struct krb5int_dns_state *ds = NULL; + struct k5buf buf; struct srv_dns_entry *head = NULL; struct srv_dns_entry *srv = NULL, *entry = NULL; @@ -81,13 +82,9 @@ krb5int_make_srv_query_realm(const krb5_data *realm, if (memchr(realm->data, 0, realm->length)) return 0; - if ( strlen(service) + strlen(protocol) + realm->length + 6 - > MAXDNAME ) - return 0; - if (snprintf(host, sizeof(host), "%s.%s.%.*s", - service, protocol, (int) realm->length, - realm->data) >= sizeof(host)) - return 0; + krb5int_buf_init_fixed(&buf, host, sizeof(host)); + krb5int_buf_add_fmt(&buf, "%s.%s.", service, protocol); + krb5int_buf_add_len(&buf, realm->data, realm->length); /* Realm names don't (normally) end with ".", but if the query doesn't end with "." and doesn't get an answer as is, the @@ -98,9 +95,12 @@ krb5int_make_srv_query_realm(const krb5_data *realm, a search on the prefix alone then the intention is to allow the local domain or domain search lists to be expanded. */ - h = host + strlen (host); - if ((h[-1] != '.') && ((h - host + 1) < sizeof(host))) - strcpy (h, "."); + len = krb5int_buf_len(&buf); + if (len > 0 && host[len - 1] != '.') + krb5int_buf_add(&buf, "."); + + if (krb5int_buf_cstr(&buf) == NULL) + return 0; #ifdef TEST fprintf (stderr, "sending DNS SRV query for %s\n", host); @@ -144,10 +144,7 @@ krb5int_make_srv_query_realm(const krb5_data *realm, srv->port = port; /* The returned names are fully qualified. Don't let the local resolver code do domain search path stuff. */ - if (strlen(host) + 2 < sizeof(host)) - strcat(host, "."); - srv->host = strdup(host); - if (srv->host == NULL) { + if (asprintf(&srv->host, "%s.", host) < 0) { free(srv); goto out; } diff --git a/src/lib/krb5/os/hst_realm.c b/src/lib/krb5/os/hst_realm.c index 27641f73ad..038348eaef 100644 --- a/src/lib/krb5/os/hst_realm.c +++ b/src/lib/krb5/os/hst_realm.c @@ -90,22 +90,20 @@ krb5_try_realm_txt_rr(const char *prefix, const char *name, char **realm) { krb5_error_code retval = KRB5_ERR_HOST_REALM_UNKNOWN; const unsigned char *p, *base; - char host[MAXDNAME], *h; + char host[MAXDNAME]; int ret, rdlen, len; struct krb5int_dns_state *ds = NULL; + struct k5buf buf; /* * Form our query, and send it via DNS */ + krb5int_buf_init_fixed(&buf, host, sizeof(host)); if (name == NULL || name[0] == '\0') { - if (strlcpy(host, prefix, sizeof(host)) >= sizeof(host)) - return KRB5_ERR_HOST_REALM_UNKNOWN; + krb5int_buf_add(&buf, prefix); } else { - if ( strlen(prefix) + strlen(name) + 3 > MAXDNAME ) - return KRB5_ERR_HOST_REALM_UNKNOWN; - if (snprintf(host, sizeof(host), "%s.%s", prefix, name) >= sizeof(host)) - return KRB5_ERR_HOST_REALM_UNKNOWN; + krb5int_buf_add_fmt(&buf, "%s.%s", prefix, name); /* Realm names don't (normally) end with ".", but if the query doesn't end with "." and doesn't get an answer as is, the @@ -117,10 +115,12 @@ krb5_try_realm_txt_rr(const char *prefix, const char *name, char **realm) the local domain or domain search lists to be expanded. */ - h = host + strlen (host); - if ((h > host) && (h[-1] != '.') && ((h - host + 1) < sizeof(host))) - strcpy (h, "."); + len = krb5int_buf_len(&buf); + if (len > 0 && host[len - 1] != '.') + krb5int_buf_add(&buf, "."); } + if (krb5int_buf_cstr(&buf) == NULL) + return KRB5_ERR_HOST_REALM_UNKNOWN; ret = krb5int_dns_init(&ds, host, C_IN, T_TXT); if (ret < 0) goto errout; diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c index f95105678a..f3cf219cad 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c @@ -125,16 +125,16 @@ krb5_ldap_readpassword(context, ldap_context, password) /* Check if the entry has the path of a certificate */ if (!strncmp(start, "{FILE}", strlen("{FILE}"))) { /* Set *password = {FILE}<path to cert>\0<cert password> */ - /*ptr = strchr(start, ':'); - if (ptr == NULL) { */ - *password = (unsigned char *)malloc(strlen(start) + 2); + size_t len = strlen(start); + + *password = (unsigned char *)malloc(len + 2); if (*password == NULL) { st = ENOMEM; goto rp_exit; } - (*password)[strlen(start) + 1] = '\0'; - (*password)[strlen(start)] = '\0'; - strcpy((char *)(*password), start); + memcpy((char *)(*password), start, len); + (*password)[len] = '\0'; + (*password)[len + 1] = '\0'; goto got_password; } else { CT.value = (unsigned char *)start; diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c index 2ab23b03a4..2c1ec38a7f 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c @@ -3200,6 +3200,7 @@ pkinit_login(krb5_context context, { krb5_data rdat; char *prompt; + const char *warning; krb5_prompt kprompt; krb5_prompt_type prompt_type; int r = 0; @@ -3208,15 +3209,17 @@ pkinit_login(krb5_context context, rdat.data = NULL; rdat.length = 0; } else { - if ((prompt = (char *) malloc(sizeof (tip->label) + 32)) == NULL) - return ENOMEM; - sprintf(prompt, "%.*s PIN", sizeof (tip->label), tip->label); if (tip->flags & CKF_USER_PIN_LOCKED) - strcat(prompt, " (Warning: PIN locked)"); + warning = " (Warning: PIN locked)"; else if (tip->flags & CKF_USER_PIN_FINAL_TRY) - strcat(prompt, " (Warning: PIN final try)"); + warning = " (Warning: PIN final try)"; else if (tip->flags & CKF_USER_PIN_COUNT_LOW) - strcat(prompt, " (Warning: PIN count low)"); + warning = " (Warning: PIN count low)"; + else + warning = ""; + if (asprintf(&prompt, "%.*s PIN%s", (int) sizeof (tip->label), + tip->label, warning) < 0) + return ENOMEM; rdat.data = (char *)malloc(tip->ulMaxPinLen + 2); rdat.length = tip->ulMaxPinLen + 1; diff --git a/src/tests/asn.1/ktest.c b/src/tests/asn.1/ktest.c index 76120744ad..3418f2c49e 100644 --- a/src/tests/asn.1/ktest.c +++ b/src/tests/asn.1/ktest.c @@ -637,8 +637,8 @@ krb5_error_code ktest_make_sample_etype_info(p) krb5_etype_info_entry *** p; { krb5_etype_info_entry **info; - int i; - char buf[80]; + int i, len; + char *str; info = malloc(sizeof(krb5_etype_info_entry *) * 4); if (!info) @@ -650,11 +650,11 @@ krb5_error_code ktest_make_sample_etype_info(p) if (info[i] == 0) goto memfail; info[i]->etype = i; - sprintf(buf, "Morton's #%d", i); - info[i]->length = strlen(buf); - info[i]->salt = (unsigned char *) strdup(buf); - if (info[i]->salt == 0) + len = asprintf(&str, "Morton's #%d", i); + if (len < 0) goto memfail; + info[i]->salt = (krb5_octet *) str; + info[i]->length = len; info[i]->s2kparams.data = NULL; info[i]->s2kparams.length = 0; info[i]->magic = KV5M_ETYPE_INFO_ENTRY; @@ -674,8 +674,8 @@ krb5_error_code ktest_make_sample_etype_info2(p) krb5_etype_info_entry *** p; { krb5_etype_info_entry **info; - int i; - char buf[80]; + int i, len; + char *str; info = malloc(sizeof(krb5_etype_info_entry *) * 4); if (!info) @@ -687,17 +687,15 @@ krb5_error_code ktest_make_sample_etype_info2(p) if (info[i] == 0) goto memfail; info[i]->etype = i; - sprintf(buf, "Morton's #%d", i); - info[i]->length = strlen(buf); - info[i]->salt = (unsigned char *) strdup(buf); - if (info[i]->salt == 0) + len = asprintf(&str, "Morton's #%d", i); + if (len < 0) goto memfail; - sprintf(buf, "s2k: %d", i); - info[i]->s2kparams.data = malloc(strlen(buf)+1); - if (info[i]->s2kparams.data == NULL) + info[i]->salt = (krb5_octet *) str; + info[i]->length = (unsigned int) len; + len = asprintf(&info[i]->s2kparams.data, "s2k: %d", i); + if (len < 0) goto memfail; - strcpy( info[i]->s2kparams.data, buf); - info[i]->s2kparams.length = strlen(buf); + info[i]->s2kparams.length = (unsigned int) len; info[i]->magic = KV5M_ETYPE_INFO_ENTRY; } free(info[1]->salt); @@ -830,17 +828,18 @@ krb5_error_code ktest_make_sample_enc_sam_response_enc_2(p) #ifdef ENABLE_LDAP static krb5_error_code ktest_make_sample_key_data(krb5_key_data *p, int i) { - char buf[10]; + char *str; + int len; p->key_data_ver = 2; p->key_data_kvno = 42; - sprintf(buf, "key%d", i); + len = asprintf(&str, "key%d", i); p->key_data_type[0] = 2; - p->key_data_length[0] = strlen(buf); - p->key_data_contents[0] = strdup(buf); - sprintf(buf, "salt%d", i); + p->key_data_length[0] = (unsigned int) len; + p->key_data_contents[0] = (krb5_octet *) str; + len = asprintf(&str, "salt%d", i); p->key_data_type[1] = i; - p->key_data_length[1] = strlen(buf); - p->key_data_contents[1] = strdup(buf); + p->key_data_length[1] = (unsigned int) len; + p->key_data_contents[1] = (krb5_octet *) str; if (p->key_data_contents[0] == NULL || p->key_data_contents[1] == NULL) return ENOMEM; return 0; diff --git a/src/util/profile/prof_file.c b/src/util/profile/prof_file.c index 4851788e66..fad1b28710 100644 --- a/src/util/profile/prof_file.c +++ b/src/util/profile/prof_file.c @@ -182,7 +182,7 @@ profile_make_prf_data(const char *filename) memset(d, 0, len); fcopy = (char *) d + slen; assert(fcopy == d->filespec); - strcpy(fcopy, filename); + strlcpy(fcopy, filename, flen + 1); d->refcount = 1; d->comment = NULL; d->magic = PROF_MAGIC_FILE_DATA; |