diff options
| author | Greg Hudson <ghudson@mit.edu> | 2008-10-24 20:07:00 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2008-10-24 20:07:00 +0000 |
| commit | fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6 (patch) | |
| tree | 9ce89cc387b4bee641f0f25e818371b90731fdb6 /src/kadmin/server | |
| parent | 4d901a092a69a69be251131174166fc661d13633 (diff) | |
| download | krb5-fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6.tar.gz krb5-fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6.tar.xz krb5-fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6.zip | |
Use strlcpy instead of strcpy in many places
ticket: 6200
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/server')
| -rw-r--r-- | src/kadmin/server/ipropd_svc.c | 3 | ||||
| -rw-r--r-- | src/kadmin/server/schpw.c | 47 |
2 files changed, 31 insertions, 19 deletions
diff --git a/src/kadmin/server/ipropd_svc.c b/src/kadmin/server/ipropd_svc.c index 673d2a9af0..b834425b38 100644 --- a/src/kadmin/server/ipropd_svc.c +++ b/src/kadmin/server/ipropd_svc.c @@ -229,9 +229,8 @@ getclhoststr(char *clprinc, char *cl, int len) /* XXX "!++s"? */ if (!++s) return NULL; - if (strlen(s) >= len) + if (strlcpy(cl, s, len) >= len) return NULL; - strcpy(cl, s); /* XXX Copy with @REALM first, with bounds check, then chop off the realm?? */ if ((s = strchr(cl, '@')) != NULL) { diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c index 76aa2ca852..e8a6896e7a 100644 --- a/src/kadmin/server/schpw.c +++ b/src/kadmin/server/schpw.c @@ -58,7 +58,7 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, or the caller passed in garbage */ ret = KRB5KRB_AP_ERR_MODIFIED; numresult = KRB5_KPASSWD_MALFORMED; - strcpy(strresult, "Request was truncated"); + strlcpy(strresult, "Request was truncated", sizeof(strresult)); goto chpwfail; } @@ -93,7 +93,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (ptr + ap_req.length >= req->data + req->length) { ret = KRB5KRB_AP_ERR_MODIFIED; numresult = KRB5_KPASSWD_MALFORMED; - strcpy(strresult, "Request was truncated in AP-REQ"); + strlcpy(strresult, "Request was truncated in AP-REQ", + sizeof(strresult)); goto chpwfail; } @@ -105,7 +106,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, ret = krb5_auth_con_init(context, &auth_context); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed initializing auth context"); + strlcpy(strresult, "Failed initializing auth context", + sizeof(strresult)); goto chpwfail; } @@ -113,7 +115,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, KRB5_AUTH_CONTEXT_DO_SEQUENCE); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed initializing auth context"); + strlcpy(strresult, "Failed initializing auth context", + sizeof(strresult)); goto chpwfail; } @@ -121,7 +124,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, "kadmin", "changepw", NULL); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed building kadmin/changepw principal"); + strlcpy(strresult, "Failed building kadmin/changepw principal", + sizeof(strresult)); goto chpwfail; } @@ -130,7 +134,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (ret) { numresult = KRB5_KPASSWD_AUTHERROR; - strcpy(strresult, "Failed reading application request"); + strlcpy(strresult, "Failed reading application request", + sizeof(strresult)); goto chpwfail; } @@ -141,7 +146,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (getsockname(s, &local_addr, &addrlen) < 0) { ret = errno; numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed getting server internet address"); + strlcpy(strresult, "Failed getting server internet address", + sizeof(strresult)); goto chpwfail; } @@ -173,7 +179,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (getpeername(s, &remote_addr, &addrlen) < 0) { ret = errno; numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed getting client internet address"); + strlcpy(strresult, "Failed getting client internet address", + sizeof(strresult)); goto chpwfail; } @@ -205,7 +212,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, &remote_kaddr); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed storing client internet address"); + strlcpy(strresult, "Failed storing client internet address", + sizeof(strresult)); goto chpwfail; } @@ -213,7 +221,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (!(ticket->enc_part2->flags & TKT_FLG_INITIAL)) { numresult = KRB5_KPASSWD_AUTHERROR; - strcpy(strresult, "Ticket must be derived from a password"); + strlcpy(strresult, "Ticket must be derived from a password", + sizeof(strresult)); goto chpwfail; } @@ -222,7 +231,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, ret = krb5_mk_rep(context, auth_context, &ap_rep); if (ret) { numresult = KRB5_KPASSWD_AUTHERROR; - strcpy(strresult, "Failed replying to application request"); + strlcpy(strresult, "Failed replying to application request", + sizeof(strresult)); goto chpwfail; } @@ -234,14 +244,15 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, ret = krb5_rd_priv(context, auth_context, &cipher, &clear, &replay); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed decrypting request"); + strlcpy(strresult, "Failed decrypting request", sizeof(strresult)); goto chpwfail; } ret = krb5_unparse_name(context, ticket->enc_part2->client, &clientstr); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed unparsing client name for log"); + strlcpy(strresult, "Failed unparsing client name for log", + sizeof(strresult)); goto chpwfail; } /* change the password */ @@ -282,7 +293,7 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, /* success! */ numresult = KRB5_KPASSWD_SUCCESS; - strcpy(strresult, ""); + strlcpy(strresult, "", sizeof(strresult)); chpwfail: @@ -303,14 +314,16 @@ chpwfail: NULL); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, - "Failed storing client and server internet addresses"); + strlcpy(strresult, + "Failed storing client and server internet addresses", + sizeof(strresult)); } else { ret = krb5_mk_priv(context, auth_context, &clear, &cipher, &replay); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed encrypting reply"); + strlcpy(strresult, "Failed encrypting reply", + sizeof(strresult)); } } } |