pullup from 1.2-beta4

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12499 dc483132-0cff-0310-8789-dd5450dbe970
author: Ken Raeburn <raeburn@mit.edu> 2000-07-01 01:14:04 +0000
committer: Ken Raeburn <raeburn@mit.edu> 2000-07-01 01:14:04 +0000
commit: 723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad (patch)
tree: 465b4fe51a5e3705258e64255635d78d96dd6be6
parent: 35414838ecf54b3598f2711d79b2feaf2e75ed2b (diff)
download: krb5-723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad.tar.gz
krb5-723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad.tar.xz
krb5-723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad.zip
9 files changed, 80 insertions, 38 deletions
diff --git a/src/windows/ChangeLog b/src/windows/ChangeLog
index ce20631b5e..23bc3ec305 100644
--- a/src/windows/ChangeLog
+++ b/src/windows/ChangeLog
@@ -1,3 +1,7 @@
+2000-04-25  Danilo Almeida  <dalmeida@mit.edu>
+
+	* version.rc: Bump version to 1.2 beta.
+
 2000-02-06  Danilo Almeida  <dalmeida@mit.edu>
 
 	* README: Add documentation about debug vs. release builds.
diff --git a/src/windows/cns/ChangeLog b/src/windows/cns/ChangeLog
index f99c56a53a..b420e42d56 100644
--- a/src/windows/cns/ChangeLog
+++ b/src/windows/cns/ChangeLog
@@ -1,3 +1,12 @@
+2000-05-08  Ken Raeburn  <raeburn@mit.edu>
+	    Nalin Dahyabhai  <nalin@redhat.com>
+	
+	* cns.c (kwin_push_login): Don't overflow buffer "fullname".
+	(kwin_command): Don't overflow buffer "copyright".
+	* cns_reg.c (cns_load_registry): Don't overflow buffer
+	"cns_res.def_confname".
+	* tktlist.c (ticket_init_list): Don't overflow buffer "buf".
+
 1999-12-03  Danilo Almeida  <dalmeida@mit.edu>
 
 	* Makefile.in: Windows fix for updated win-pre.in.
diff --git a/src/windows/cns/cns.c b/src/windows/cns/cns.c
index 7af81fc6ad..512f2f5c36 100644
--- a/src/windows/cns/cns.c
+++ b/src/windows/cns/cns.c
@@ -384,12 +384,13 @@ kwin_push_login(HWND hwnd, char *name, char *instance, char *realm)
   char menuitem[MAX_K_NAME_SZ + 3];
   BOOL rc;
 
-  strcpy(fullname, "&x ");
-  strcat(fullname, name);
-  strcat(fullname, ".");
-  strcat(fullname, instance);
-  strcat(fullname, "@");
-  strcat(fullname, realm);
+  fullname[sizeof(fullname) - 1] = '\0';
+  strncpy(fullname, "&x ", sizeof(fullname) - 1);
+  strncat(fullname, name, sizeof(fullname) - 1 - strlen(fullname));
+  strncat(fullname, ".", sizeof(fullname) - 1 - strlen(fullname));
+  strncat(fullname, instance, sizeof(fullname) - 1 - strlen(fullname));
+  strncat(fullname, "@", sizeof(fullname) - 1 - strlen(fullname));
+  strncat(fullname, realm, sizeof(fullname) - 1 - strlen(fullname));
 
   hmenu = GetMenu(hwnd);
   assert(hmenu != NULL);
@@ -1339,14 +1340,16 @@ kwin_command(HWND hwnd, int cid, HWND hwndCtl, UINT codeNotify)
     strcpy(copyright, "        Kerberos V5 for Windows ");
 #endif
 #ifdef _WIN32
-    strcat(copyright, "32-bit\n");
+    strncat(copyright, "32-bit\n", sizeof(copyright) - 1 - strlen(copyright));
 #else
-    strcat(copyright, "16-bit\n");
+    strncat(copyright, "16-bit\n", sizeof(copyright) - 1 - strlen(copyright));
 #endif
-    strcat(copyright, "\n                Version 1.12\n\n");
+    strncat(copyright, "\n                Version 1.12\n\n",
+            sizeof(copyright) - 1 - strlen(copyright));
 #ifdef ORGANIZATION
-    strcat(copyright, "          For information, contact:\n");
-    strcat(copyright, ORGANIZATION);
+    strncat(copyright, "          For information, contact:\n",
+	    sizeof(copyright) - 1 - strlen(copyright));
+    strncat(copyright, ORGANIZATION, sizeof(copyright) - 1 - strlen(copyright));
 #endif
     MessageBox(hwnd, copyright, KWIN_DIALOG_NAME, MB_OK);
 
@@ -1469,8 +1472,9 @@ kwin_paint(HWND hwnd)
       sprintf(buf, "%s - %ld hr", KWIN_DIALOG_NAME, dt);
     }
 
+    buf[sizeof(buf) - 1] = '\0';
     if (dt > 1)
-      strcat(buf, "s");
+      strncat(buf, "s", sizeof(buf) - 1 - strlen(buf));
   }
 
   DrawIcon(hdc, r.left, r.top, hicon);
diff --git a/src/windows/cns/cns_reg.c b/src/windows/cns/cns_reg.c
index 400d72d235..160eb15e3f 100644
--- a/src/windows/cns/cns_reg.c
+++ b/src/windows/cns/cns_reg.c
@@ -74,8 +74,12 @@ cns_load_registry(void)
   if (key != INVALID_HANDLE_VALUE) {
 	if (registry_string_get(key, KERBNET_HOME, &ts) == 0) {
 		cns_res.conf_override = 0;
-		strcpy(cns_res.def_confname, ts);
-		strcat(cns_res.def_confname, "\\etc\\krb5.conf");
+		cns_res.def_confname[sizeof(cns_res.def_confname) - 1];
+		strncpy(cns_res.def_confname, ts,
+		        sizeof(cns_res.def_confname) - 1);
+		strncat(cns_res.def_confname, "\\etc\\krb5.conf",
+			sizeof(cns_res.def_confname) - 1 -
+			strlen(cns_res.def_confname));
 		free(ts);
 	  }
 
diff --git a/src/windows/cns/tktlist.c b/src/windows/cns/tktlist.c
index 62b6eb8d6c..5e1520120b 100644
--- a/src/windows/cns/tktlist.c
+++ b/src/windows/cns/tktlist.c
@@ -122,11 +122,12 @@ ticket_init_list (HWND hwnd)
     krb_get_nth_cred(service, instance, realm, i);
     krb_get_cred(service, instance, realm, &c);
     strcpy(buf, " ");
-    strcat(buf, short_date(c.issue_date - kwin_get_epoch()));
+    strncat(buf, short_date(c.issue_date - kwin_get_epoch()),
+            sizeof(buf) - 1 - strlen(buf));
     expiration = c.issue_date - kwin_get_epoch() + (long) c.lifetime * 5L * 60L;
-    strcat (buf, "      ");
-    strcat(buf, short_date(expiration));
-    strcat (buf, "      ");
+    strncat(buf, "      ", sizeof(buf) - 1 - strlen(buf));
+    strncat(buf, short_date(expiration), sizeof(buf) - 1 - strlen(buf));
+    strncat(buf, "      ", sizeof(buf) - 1 - strlen(buf));
     l = strlen(buf);
     sprintf(&buf[l], "%s%s%s%s%s (%d)",
 	    c.service, (c.instance[0] ? "." : ""), c.instance,
@@ -172,10 +173,12 @@ ticket_init_list (HWND hwnd)
       
       ncred++;
       strcpy (buf, "  ");
-      strcat (buf, short_date (c.times.starttime - kwin_get_epoch()));
-      strcat (buf, "      ");
-      strcat (buf, short_date (c.times.endtime - kwin_get_epoch()));
-      strcat (buf, "      ");
+      strncat(buf, short_date (c.times.starttime - kwin_get_epoch()),
+	      sizeof(buf) - 1 - strlen(buf));
+      strncat(buf, "      ", sizeof(buf) - 1 - strlen(buf));
+      strncat(buf, short_date (c.times.endtime - kwin_get_epoch()),
+	      sizeof(buf) - 1 - strlen(buf));
+      strncat(buf, "      ", sizeof(buf) - 1 - strlen(buf));
       
       /* Add ticket service name and realm */
       code = krb5_unparse_name (k5_context, c.server, &sname);
@@ -183,9 +186,9 @@ ticket_init_list (HWND hwnd)
 	com_err (NULL, code, "while unparsing server name");
 	break;
       }
-      strcat (buf, sname);
+      strncat (buf, sname, sizeof(buf) - 1 - strlen(buf));
 
-      strcat (buf, flags_string (&c)); /* Add flag info */
+      strncat (buf, flags_string (&c), sizeof(buf) - 1 - strlen(buf)); /* Add flag info */
       
       l = strlen(buf);
       lpinfo = (LPTICKETINFO) malloc(sizeof(TICKETINFO) + l + 1);
diff --git a/src/windows/version.rc b/src/windows/version.rc
index 67660fc42b..ba5e1a1ff5 100644
--- a/src/windows/version.rc
+++ b/src/windows/version.rc
@@ -5,6 +5,16 @@
  * BEGIN COMMON VERSION INFO for GSS and Kerberos version resources
  */
 
+#define PRE_RELEASE
+
+#ifdef PRE_RELEASE
+#define BETA_STR  " beta"
+#define BETA_FLAG VS_FF_PRERELEASE
+#else
+#define BETA_STR  ""
+#define BETA_FLAG 0
+#endif
+
 #if !defined(_WIN32)
 #define Targ_OS VOS__WINDOWS16
 #else
@@ -13,10 +23,10 @@
 
 /* we're going to stamp all the DLLs with the same version number */
 
-#define K5_PRODUCT_VERSION_STRING "1.1.1\0"
-#define K5_PRODUCT_VERSION        1, 1, 1, 0
+#define K5_PRODUCT_VERSION_STRING "1.2" BETA_STR "\0"
+#define K5_PRODUCT_VERSION        1, 2, 0, 0
 
-#define K5_COPYRIGHT "Copyright (C) 1997-1999 by the Massachusetts Institute of Technology\0"
+#define K5_COPYRIGHT "Copyright (C) 1997-2000 by the Massachusetts Institute of Technology\0"
 #define K5_COMPANY_NAME "Massachusetts Institute of Technology.\0"
 
 /* 
@@ -134,7 +144,7 @@ VS_VERSION_INFO VERSIONINFO
 FILEVERSION	K5_PRODUCT_VERSION
 PRODUCTVERSION	K5_PRODUCT_VERSION
 FILEFLAGSMASK   VS_FFI_FILEFLAGSMASK
-FILEFLAGS	(VS_FF_DEBUG | VS_FF_PRIVATEBUILD)
+FILEFLAGS	(VS_FF_DEBUG | VS_FF_PRIVATEBUILD | BETA_FLAG)
 FILEOS		Targ_OS
 FILETYPE        K5_FILETYPE
 BEGIN
diff --git a/src/windows/wintel/ChangeLog b/src/windows/wintel/ChangeLog
index a9d6900902..f8526d9bc8 100644
--- a/src/windows/wintel/ChangeLog
+++ b/src/windows/wintel/ChangeLog
@@ -1,3 +1,9 @@
+2000-05-08  Nalin Dahyabhai  <nalin@redhat.com>
+
+	* auth.c (auth_abort): Don't overflow buffer "strTmp".
+	(k4_auth_send): Don't overflow buffer "dbgbuf".
+	* encrypt.c (printsub): Don't overflow buffer "p".
+
 1999-12-03  Danilo Almeida  <dalmeida@mit.edu>
 
 	* Makefile.in: Windows fix for updated win-pre.in.
diff --git a/src/windows/wintel/auth.c b/src/windows/wintel/auth.c
index 5e9d1d2efc..28f515b6c6 100644
--- a/src/windows/wintel/auth.c
+++ b/src/windows/wintel/auth.c
@@ -151,10 +151,11 @@ auth_abort(kstream ks, char *errmsg, long r)
   TelnetSend(ks, (LPSTR)buf, 8, 0);
   
   if (errmsg != NULL) {
-    strcpy(strTmp, errmsg);
+    strTmp[sizeof(strTmp) - 1] = '\0';
+    strncpy(strTmp, errmsg, sizeof(strTmp) - 1);
     
     if (r != KSUCCESS) {
-      strcat(strTmp, "\n");
+      strncat(strTmp, "\n", sizeof(strTmp) - 1 - strlen(strTmp));
 #ifdef KRB4
       lstrcat(strTmp, krb_get_err_text((int)r));
 #endif
@@ -423,8 +424,8 @@ k4_auth_send(kstream ks)
 
   if (!realm) {
     strcpy(buf, "Can't find realm for host \"");
-    strcat(buf, szHostName);
-    strcat(buf, "\"");
+    strncat(buf, szHostName, sizeof(buf) - 1 - strlen(buf));
+    strncat(buf, "\"", sizeof(buf) - 1 - strlen(buf));
     auth_abort(ks, buf, 0);
     return KFAILURE;
   }
@@ -436,14 +437,14 @@ k4_auth_send(kstream ks)
 
   if (r) {
     strcpy(buf, "Can't get \"");
-    strcat(buf, KRB_SERVICE_NAME);
+    strncat(buf, KRB_SERVICE_NAME, sizeof(buf) - 1 - strlen(buf));
     if (instance[0] != 0) {
-      strcat(buf, ".");
+      strncat(buf, ".", sizeof(buf) - 1 - strlen(buf));
       lstrcat(buf, instance);
     }
-    strcat(buf, "@");
+    strncat(buf, "@", sizeof(buf) - 1 - strlen(buf));
     lstrcat(buf, realm);
-    strcat(buf, "\" ticket");
+    strncat(buf, "\" ticket", sizeof(buf) - 1 - strlen(buf));
     auth_abort(ks, buf, r);
 
     return r;
diff --git a/src/windows/wintel/encrypt.c b/src/windows/wintel/encrypt.c
index f1a1301fb0..bbb5496d6b 100644
--- a/src/windows/wintel/encrypt.c
+++ b/src/windows/wintel/encrypt.c
@@ -230,10 +230,11 @@ printsub(char c, unsigned char *s, size_t len)
 
   *p++ = c;
 
-  for (i = 0 ; i < len ; i++)
+  for (i = 0 ; (i < len) && (p - dbgbuf + 3 < sizeof(dbgbuf)) ; i++)
     p += sprintf(p, "%02x ", s[i]);
+  dbgbuf[sizeof(dbgbuf) - 1] = '\0';
 
-  strcat(p, "\n");
+  strncat(p, "\n", sizeof(dbgbuf) - 1 - (p - dbgbuf));
 
   OutputDebugString(dbgbuf);
author	Ken Raeburn <raeburn@mit.edu>	2000-07-01 01:14:04 +0000
committer	Ken Raeburn <raeburn@mit.edu>	2000-07-01 01:14:04 +0000
commit	723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad (patch)
tree	465b4fe51a5e3705258e64255635d78d96dd6be6
parent	35414838ecf54b3598f2711d79b2feaf2e75ed2b (diff)
download	krb5-723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad.tar.gz krb5-723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad.tar.xz krb5-723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad.zip