diff options
author | Ken Raeburn <raeburn@mit.edu> | 2000-07-01 00:51:58 +0000 |
---|---|---|
committer | Ken Raeburn <raeburn@mit.edu> | 2000-07-01 00:51:58 +0000 |
commit | b63a75c40310afc82e4af5372f92bec2e0a4c67e (patch) | |
tree | 21afaf6fefb69b3e9692ac78785e8023904713c1 /src/kadmin/v4server/acl_files.c | |
parent | 7d348b141e39e286d544f0d72173a1a60f6ce434 (diff) | |
download | krb5-b63a75c40310afc82e4af5372f92bec2e0a4c67e.tar.gz krb5-b63a75c40310afc82e4af5372f92bec2e0a4c67e.tar.xz krb5-b63a75c40310afc82e4af5372f92bec2e0a4c67e.zip |
pullup from 1.2-beta4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12497 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/v4server/acl_files.c')
-rw-r--r-- | src/kadmin/v4server/acl_files.c | 67 |
1 files changed, 54 insertions, 13 deletions
diff --git a/src/kadmin/v4server/acl_files.c b/src/kadmin/v4server/acl_files.c index 22a0007de..3e3bbe6d9 100644 --- a/src/kadmin/v4server/acl_files.c +++ b/src/kadmin/v4server/acl_files.c @@ -69,7 +69,8 @@ void acl_canonicalize_principal(principal, canon) char *principal; char *canon; { - char *dot, *atsign, *end; + char *dot, *atsign, *end, *canon_save = canon; + char realm[REALM_SZ]; int len; dot = strchr(principal, INST_SEP); @@ -94,18 +95,33 @@ char *canon; /* Get the principal name */ len = MIN(ANAME_SZ, COR(dot, COR(atsign, end)) - principal); - strncpy(canon, principal, len); - canon += len; + if(canon + len < canon_save + MAX_PRINCIPAL_SIZE) { + strncpy(canon, principal, len); + canon += len; + } else { + strcpy(canon, ""); + return; + } /* Add INST_SEP */ - *canon++ = INST_SEP; + if(canon + 1 < canon_save + MAX_PRINCIPAL_SIZE) { + *canon++ = INST_SEP; + } else { + strcpy(canon, ""); + return; + } /* Get the instance, if it exists */ if(dot != NULL) { ++dot; len = MIN(INST_SZ, COR(atsign, end) - dot); - strncpy(canon, dot, len); - canon += len; + if(canon + len < canon_save + MAX_PRINCIPAL_SIZE) { + strncpy(canon, dot, len); + canon += len; + } else { + strcpy(canon, ""); + return; + } } /* Add REALM_SEP */ @@ -116,11 +132,21 @@ char *canon; if(atsign != NULL) { ++atsign; len = MIN(REALM_SZ, end - atsign); - strncpy(canon, atsign, len); - canon += len; - *canon++ = '\0'; - } else if(krb_get_lrealm(canon, 1) != KSUCCESS) { - strcpy(canon, KRB_REALM); + if(canon + len + 1 < canon_save + MAX_PRINCIPAL_SIZE) { + strncpy(canon, atsign, len); + canon += len; + *canon++ = '\0'; + } else { + strcpy(canon, ""); + return; + } + } else if(krb_get_lrealm(realm, 1) != KSUCCESS) { + if(canon + strlen(realm) < canon_save + MAX_PRINCIPAL_SIZE) { + strcpy(canon, KRB_REALM); + } else { + strcpy(canon, ""); + return; + } } } @@ -399,7 +425,11 @@ char *name; } /* Set up the acl */ - strcpy(acl_cache[i].filename, name); + if (strlen (name) >= sizeof (acl_cache[i].filename) - 1) { + return -1; + } + strncpy(acl_cache[i].filename, name, sizeof(acl_cache[i].filename) - 1); + acl_cache[i].filename[sizeof(acl_cache[i].filename) - 1] = '\0'; if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1); /* Force reload */ acl_cache[i].acl = (struct hashtbl *) 0; @@ -426,7 +456,9 @@ char *name; while(fgets(buf, sizeof(buf), f) != NULL) { nuke_whitespace(buf); acl_canonicalize_principal(buf, canon); - add_hash(acl_cache[i].acl, canon); + if(strlen(canon) > 0) { + add_hash(acl_cache[i].acl, canon); + } } fclose(f); acl_cache[i].status = s; @@ -459,6 +491,9 @@ char *principal; acl_canonicalize_principal(principal, canon); + /* Is it an invalid principal name? */ + if(strlen(canon) == 0) return(0); + /* Is it there? */ if(acl_exact_match(acl, canon)) return(1); @@ -489,6 +524,9 @@ char *principal; acl_canonicalize_principal(principal, canon); + /* Is it an invalid principal name? */ + if(strlen(canon) == 0) return(-1); + if((new = acl_lock_file(acl)) == NULL) return(-1); if((acl_exact_match(acl, canon)) || (idx = acl_load(acl)) < 0) { @@ -523,6 +561,9 @@ char *principal; acl_canonicalize_principal(principal, canon); + /* Is it an invalid principal name? */ + if(strlen(canon) == 0) return(-1); + if((new = acl_lock_file(acl)) == NULL) return(-1); if((!acl_exact_match(acl, canon)) || (idx = acl_load(acl)) < 0) { |