diff options
| author | Greg Hudson <ghudson@mit.edu> | 2008-11-05 16:19:01 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2008-11-05 16:19:01 +0000 |
| commit | 6d38cab0b686e49b3a72e02e29099cd491e052cb (patch) | |
| tree | 0095bfb30797e75bef5d6e4c01b4586a48e1cbfb /src/kdc | |
| parent | 6566763d0c306ad4dca003f2c4b9dd354d3d14fb (diff) | |
| download | krb5-6d38cab0b686e49b3a72e02e29099cd491e052cb.tar.gz krb5-6d38cab0b686e49b3a72e02e29099cd491e052cb.tar.xz krb5-6d38cab0b686e49b3a72e02e29099cd491e052cb.zip | |
Convert many uses of strcpy/strcat (and sometimes sprintf) to accepted
string-handling functions.
ticket: 6200
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21001 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc')
| -rw-r--r-- | src/kdc/kdc_util.c | 33 | ||||
| -rw-r--r-- | src/kdc/kerberos_v4.c | 3 |
2 files changed, 17 insertions, 19 deletions
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 4b2ce474e..d66832bbe 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -567,6 +567,7 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans, char *realm; char *trans; char *otrans, *otrans_ptr; + size_t bufsize; /* The following are for stepping through the transited field */ @@ -595,7 +596,10 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans, /* +1 for null, +1 for extra comma which may be added between +1 for potential space when leading slash in realm */ - if (!(trans = (char *) malloc(strlen(realm) + strlen(otrans) + 3))) { + bufsize = strlen(realm) + strlen(otrans) + 3; + if (bufsize > MAX_REALM_LN) + bufsize = MAX_REALM_LN; + if (!(trans = (char *) malloc(bufsize))) { retval = ENOMEM; goto fail; } @@ -783,17 +787,15 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans, } if (new_trans->length != 0) { - if (strlen(trans) + 2 >= MAX_REALM_LN) { + if (strlcat(trans, ",", bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, ","); } - if (strlen(trans) + strlen(current) + 1 >= MAX_REALM_LN) { + if (strlcat(trans, current, bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, current); new_trans->length = strlen(trans); strncpy(prev, exp, sizeof(prev) - 1); @@ -804,24 +806,21 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans, if (!added) { if (new_trans->length != 0) { - if (strlen(trans) + 2 >= MAX_REALM_LN) { + if (strlcat(trans, ",", bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, ","); } if((realm[0] == '/') && trans[0]) { - if (strlen(trans) + 2 >= MAX_REALM_LN) { + if (strlcat(trans, " ", bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, " "); } - if (strlen(trans) + strlen(realm) + 1 >= MAX_REALM_LN) { + if (strlcat(trans, realm, bufsize) >= bufsize) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; goto fail; } - strcat(trans, realm); new_trans->length = strlen(trans); } @@ -1532,7 +1531,7 @@ ktypes2str(char *s, size_t len, int nktypes, krb5_enctype *ktype) snprintf(stmp, sizeof(stmp), "%s%ld", i ? " " : "", (long)ktype[i]); if (strlen(s) + strlen(stmp) + sizeof("}") > len) break; - strcat(s, stmp); + strlcat(s, stmp, len); } if (i < nktypes) { /* @@ -1547,9 +1546,9 @@ ktypes2str(char *s, size_t len, int nktypes, krb5_enctype *ktype) continue; } } - strcat(s, "..."); + strlcat(s, "...", len); } - strcat(s, "}"); + strlcat(s, "}", len); return; } @@ -1569,7 +1568,7 @@ rep_etypes2str(char *s, size_t len, krb5_kdc_rep *rep) if (rep->ticket != NULL) { snprintf(stmp, sizeof(stmp), " tkt=%ld", (long)rep->ticket->enc_part.enctype); - strcat(s, stmp); + strlcat(s, stmp, len); } if (rep->ticket != NULL @@ -1577,9 +1576,9 @@ rep_etypes2str(char *s, size_t len, krb5_kdc_rep *rep) && rep->ticket->enc_part2->session != NULL) { snprintf(stmp, sizeof(stmp), " ses=%ld", (long)rep->ticket->enc_part2->session->enctype); - strcat(s, stmp); + strlcat(s, stmp, len); } - strcat(s, "}"); + strlcat(s, "}", len); return; } diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c index 8ac015b7f..a0c74a18b 100644 --- a/src/kdc/kerberos_v4.c +++ b/src/kdc/kerberos_v4.c @@ -1012,8 +1012,7 @@ kerb_err_reply(struct sockaddr_in *client, KTEXT pkt, long int err, char *string KTEXT e_pkt = &e_pkt_st; static char e_msg[128]; - strcpy(e_msg, "\nKerberos error -- "); - strncat(e_msg, string, sizeof(e_msg) - 1 - 19); + snprintf(e_msg, sizeof(e_msg), "\nKerberos error -- %s", string); cr_err_reply(e_pkt, req_name_ptr, req_inst_ptr, req_realm_ptr, req_time_ws, err, e_msg); return make_response((char *) e_pkt->dat, e_pkt->length); |