merge from krb5-1-2-beta4

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12426 dc483132-0cff-0310-8789-dd5450dbe970
author: Ken Raeburn <raeburn@mit.edu> 2000-06-23 22:43:59 +0000
committer: Ken Raeburn <raeburn@mit.edu> 2000-06-23 22:43:59 +0000
commit: c83b145bce9ead5008064c710c17bf66915cda88 (patch)
tree: 5db746494fffe49b8d6d5cb5d4f6312a7f6b1305 /src
parent: 0071e97edc0d4daa7fc3cf2b46cbdfe823072e55 (diff)
download: krb5-c83b145bce9ead5008064c710c17bf66915cda88.tar.gz
krb5-c83b145bce9ead5008064c710c17bf66915cda88.tar.xz
krb5-c83b145bce9ead5008064c710c17bf66915cda88.zip
11 files changed, 61 insertions, 27 deletions
diff --git a/src/util/db2/ChangeLog b/src/util/db2/ChangeLog
index 7972728d64..9ce240aecb 100644
--- a/src/util/db2/ChangeLog
+++ b/src/util/db2/ChangeLog
@@ -1,3 +1,7 @@
+2000-05-01  Nalin Dahyabhai  <nalin@redhat.com>
+
+	* hash/dbm.c (kdb2_dbm_open): Don't overflow buffer "path".
+
 1999-08-15  Tom Yu  <tlyu@mit.edu>
 
 	* README.NOT.SLEEPYCAT.DB: New file; pointer to README to
diff --git a/src/util/db2/hash/dbm.c b/src/util/db2/hash/dbm.c
index 50921de84a..aa9676632b 100644
--- a/src/util/db2/hash/dbm.c
+++ b/src/util/db2/hash/dbm.c
@@ -168,8 +168,9 @@ kdb2_dbm_open(file, flags, mode)
 	info.cachesize = 0;
 	info.hash = NULL;
 	info.lorder = 0;
-	(void)strcpy(path, file);
-	(void)strcat(path, DBM_SUFFIX);
+	(void)strncpy(path, file, sizeof(path) - 1);
+	path[sizeof(path) - 1] = '\0';
+	(void)strncat(path, DBM_SUFFIX, sizeof(path) - 1 - strlen(path));
 	return ((DBM *)__hash_open(path, flags, mode, &info, 0));
 }
 
diff --git a/src/util/et/ChangeLog b/src/util/et/ChangeLog
index 6202dd2db5..e0f979369b 100644
--- a/src/util/et/ChangeLog
+++ b/src/util/et/ChangeLog
@@ -1,3 +1,13 @@
+2000-05-07  Miro Jurisic  <meeroh@mit.edu>
+
+	* com_err.c (default_com_err_proc): use strncpy
+	where strncpy was meant (typo in Nalin's patch)
+
+2000-05-01  Nalin Dahyabhai  <nalin@redhat.com>
+
+	* com_err.c (default_com_err_proc) [_MSDOS || _WIN32 ||
+	macintosh]: Don't overflow buffer "errbuf".
+
 2000-02-23  Ken Raeburn  <raeburn@mit.edu>
 
 	* Makefile.in (com_err.o): Depends on com_err.c.
diff --git a/src/util/et/com_err.c b/src/util/et/com_err.c
index 31da130db2..7bb081048d 100644
--- a/src/util/et/com_err.c
+++ b/src/util/et/com_err.c
@@ -50,15 +50,18 @@ static void default_com_err_proc(whoami, code, fmt, ap)
 	char errbuf[1024] = "";
 
 	if (whoami) {
-		strcat (errbuf, whoami);
-		strcat (errbuf, ": ");
+		errbuf[sizeof(errbuf) - 1] = '\0';
+		strncat (errbuf, whoami, sizeof(errbuf) - 1 - strlen(errbuf));
+		strncat (errbuf, ": ", sizeof(errbuf) - 1 - strlen(errbuf));
 	}
 	if (code) {
-		strcat (errbuf, error_message(code));
-		strcat (errbuf, " ");
+		errbuf[sizeof(errbuf) - 1] = '\0';
+		strncat (errbuf, error_message(code), sizeof(errbuf) - 1 - strlen(errbuf));
+		strncat (errbuf, " ", sizeof(errbuf) - 1 - strlen(errbuf));
 	}
 	if (fmt)
 		vsprintf (errbuf + strlen (errbuf), fmt, ap);
+	errbuf[sizeof(errbuf) - 1] = '\0';
 
 #ifdef macintosh
 	MacMessageBox(errbuf);
diff --git a/src/util/pty/ChangeLog b/src/util/pty/ChangeLog
index 4a3fb97fb7..de572707be 100644
--- a/src/util/pty/ChangeLog
+++ b/src/util/pty/ChangeLog
@@ -1,3 +1,8 @@
+1999-10-26  Tom Yu  <tlyu@mit.edu>
+
+	* configure.in: Check for alpha*-dec-osf* instead of
+	alpha-dec-osf*.
+
 1999-10-26  Wilfredo Sanchez  <tritan@mit.edu>
 
 	* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
diff --git a/src/util/pty/configure.in b/src/util/pty/configure.in
index 398b1827f2..58ceb83695 100644
--- a/src/util/pty/configure.in
+++ b/src/util/pty/configure.in
@@ -30,7 +30,7 @@ ac_cv_func_setsid=no # setsid doesn't do the right thing under Ultrix even thoug
 # Moreover, strops.h trashes sys/ioctl.h
 krb5_cv_has_streams=no
 ;;
-alpha-dec-osf*)
+alpha*-dec-osf*)
 	AC_CHECK_LIB(security,main,
 		AC_DEFINE(HAVE_SETLUID)
 		LOGINLIBS="$LOGINLIBS -lsecurity"
diff --git a/src/util/ss/ChangeLog b/src/util/ss/ChangeLog
index 0b209c38dd..475549aaf8 100644
--- a/src/util/ss/ChangeLog
+++ b/src/util/ss/ChangeLog
@@ -1,3 +1,11 @@
+2000-05-01  Nalin Dahyabhai  <nalin@redhat.com>
+
+	* help.c (ss_help): Don't overflow buffers "buffer" or "buf".
+	* list_rqs.c (ss_list_requests): Don't overflow buffer "buffer".
+	* mk_cmds.c (main): Don't overflow buffer "c_file".
+	* utils.c (generate_rqte): Update lengths of constant strings in
+	computing buffer size.
+
 2000-02-01  Ken Raeburn  <raeburn@mit.edu>
 
 	* listen.c (ss_listen): Local var END should be volatile.
diff --git a/src/util/ss/help.c b/src/util/ss/help.c
index e09b777158..3c9cbec518 100644
--- a/src/util/ss/help.c
+++ b/src/util/ss/help.c
@@ -53,16 +53,18 @@ void ss_help (argc, argv, sci_idx, info_ptr)
 	return;
     }
     for (idx = 0; info->info_dirs[idx] != (char *)NULL; idx++) {
-	(void) strcpy(buffer, info->info_dirs[idx]);
-	(void) strcat(buffer, "/");
-	(void) strcat(buffer, argv[1]);
-	(void) strcat(buffer, ".info");
+	(void) strncpy(buffer, info->info_dirs[idx], sizeof(buffer) - 1);
+	buffer[sizeof(buffer) - 1] = '\0';
+	(void) strncat(buffer, "/", sizeof(buffer) - 1 - strlen(buffer));
+	(void) strncat(buffer, argv[1], sizeof(buffer) - 1 - strlen(buffer));
+	(void) strncat(buffer, ".info", sizeof(buffer) - 1 - strlen(buffer));
 	if ((fd = open(&buffer[0], O_RDONLY)) >= 0) goto got_it;
     }
     if ((fd = open(&buffer[0], O_RDONLY)) < 0) {
 	char buf[MAXPATHLEN];
-	strcpy(buf, "No info found for ");
-	strcat(buf, argv[1]);
+	strncpy(buf, "No info found for ", sizeof(buf) - 1);
+	buf[sizeof(buf) - 1] = '\0';
+	strncat(buf, argv[1], sizeof(buf) - 1 - strlen(buf));
 	ss_perror(sci_idx, 0, buf);
 	return;
     }
diff --git a/src/util/ss/list_rqs.c b/src/util/ss/list_rqs.c
index cf2c9312fd..045a0c82bd 100644
--- a/src/util/ss/list_rqs.c
+++ b/src/util/ss/list_rqs.c
@@ -87,23 +87,24 @@ ss_list_requests(argc, argv, sci_idx, info_ptr)
             buffer[0] = '\0';
             if (entry->flags & SS_OPT_DONT_LIST)
                 continue;
+            buffer[sizeof(buffer) - 1] = '\0';
             for (name = entry->command_names; *name; name++) {
                 register int len = strlen(*name);
-                strncat(buffer, *name, len);
+                strncat(buffer, *name, sizeof(buffer) - 1 - strlen(buffer));
                 spacing += len + 2;
                 if (name[1]) {
-                    strcat(buffer, ", ");
+                    strncat(buffer, ", ", sizeof(buffer) - 1 - strlen(buffer));
                 }
             }
             if (spacing > 23) {
-                strcat(buffer, NL);
+                strncat(buffer, NL, sizeof(buffer) - 1 - strlen(buffer));
                 fputs(buffer, output);
                 spacing = 0;
                 buffer[0] = '\0';
             }
-            strncat(buffer, twentyfive_spaces, 25-spacing);
-            strcat(buffer, entry->info_string);
-            strcat(buffer, NL);
+            strncat(buffer, twentyfive_spaces, sizeof(buffer) - 1 - (25-spacing));
+            strncpy(buffer + 25, entry->info_string, sizeof(buffer) - 1 - 25);
+            strncat(buffer, NL, sizeof(buffer) - 1 - strlen(buffer));
             fputs(buffer, output);
         }
     }
diff --git a/src/util/ss/mk_cmds.c b/src/util/ss/mk_cmds.c
index 0bcd77061a..bba5edd2ff 100644
--- a/src/util/ss/mk_cmds.c
+++ b/src/util/ss/mk_cmds.c
@@ -62,8 +62,9 @@ int main(argc, argv)
     p = strrchr(path, '.');
     *p = '\0';
     q = rindex(path, '/');
-    strcpy(c_file, (q) ? q + 1 : path);
-    strcat(c_file, ".c");
+    strncpy(c_file, (q) ? q + 1 : path, sizeof(c_file) - 1);
+    c_file[sizeof(c_file) - 1] = '\0';
+    strncat(c_file, ".c", sizeof(c_file) - 1 - strlen(c_file));
     *p = '.';
 
     output_file = fopen(c_file, "w+");
diff --git a/src/util/ss/utils.c b/src/util/ss/utils.c
index 9698e7043f..c578001574 100644
--- a/src/util/ss/utils.c
+++ b/src/util/ss/utils.c
@@ -61,13 +61,12 @@ char * generate_rqte(func_name, info_string, cmds, options)
     var_name = generate_cmds_string(cmds);
     generate_function_definition(func_name);
     size = 6;		/* "    { " */
-    size += strlen(var_name)+7; /* "quux, " */
-    size += strlen(func_name)+7; /* "foo, " */
-    size += strlen(info_string)+9; /* "\"Info!\", " */
+    size += strlen(var_name)+8; /* "quux, " */
+    size += strlen(func_name)+8; /* "foo, " */
+    size += strlen(info_string)+8; /* "\"Info!\", " */
     sprintf(numbuf, "%d", options);
-    size += strlen(numbuf);
-    size += 4;		/* " }," + NL */
-    string = malloc(size * sizeof(char *));
+    size += strlen(numbuf)+5;		/* " }," + NL + NUL */
+    string = malloc(size);
     strcpy(string, "    { ");
     strcat(string, var_name);
     strcat(string, ",\n      ");
author	Ken Raeburn <raeburn@mit.edu>	2000-06-23 22:43:59 +0000
committer	Ken Raeburn <raeburn@mit.edu>	2000-06-23 22:43:59 +0000
commit	c83b145bce9ead5008064c710c17bf66915cda88 (patch)
tree	5db746494fffe49b8d6d5cb5d4f6312a7f6b1305 /src
parent	0071e97edc0d4daa7fc3cf2b46cbdfe823072e55 (diff)
download	krb5-c83b145bce9ead5008064c710c17bf66915cda88.tar.gz krb5-c83b145bce9ead5008064c710c17bf66915cda88.tar.xz krb5-c83b145bce9ead5008064c710c17bf66915cda88.zip