diff options
| author | Greg Hudson <ghudson@mit.edu> | 2008-10-24 20:07:00 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2008-10-24 20:07:00 +0000 |
| commit | fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6 (patch) | |
| tree | 9ce89cc387b4bee641f0f25e818371b90731fdb6 /src/lib | |
| parent | 4d901a092a69a69be251131174166fc661d13633 (diff) | |
| download | krb5-fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6.tar.gz krb5-fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6.tar.xz krb5-fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6.zip | |
Use strlcpy instead of strcpy in many places
ticket: 6200
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/crypto/cksumtype_to_string.c | 5 | ||||
| -rw-r--r-- | src/lib/crypto/enctype_to_string.c | 5 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/Makefile.in | 4 | ||||
| -rw-r--r-- | src/lib/kadm5/srv/Makefile.in | 4 | ||||
| -rw-r--r-- | src/lib/kadm5/str_conv.c | 4 | ||||
| -rw-r--r-- | src/lib/kdb/kdb5.c | 4 | ||||
| -rw-r--r-- | src/lib/kdb/keytab.c | 3 | ||||
| -rw-r--r-- | src/lib/krb5/krb/conv_princ.c | 3 | ||||
| -rw-r--r-- | src/lib/krb5/krb/gic_pwd.c | 11 | ||||
| -rw-r--r-- | src/lib/krb5/krb/str_conv.c | 8 | ||||
| -rw-r--r-- | src/lib/krb5/os/an_to_ln.c | 9 | ||||
| -rw-r--r-- | src/lib/krb5/os/hst_realm.c | 3 | ||||
| -rw-r--r-- | src/lib/krb5/os/ktdefname.c | 12 | ||||
| -rw-r--r-- | src/lib/krb5/os/sendto_kdc.c | 4 |
14 files changed, 33 insertions, 46 deletions
diff --git a/src/lib/crypto/cksumtype_to_string.c b/src/lib/crypto/cksumtype_to_string.c index 54a0f3aec..ee1d50ba5 100644 --- a/src/lib/crypto/cksumtype_to_string.c +++ b/src/lib/crypto/cksumtype_to_string.c @@ -34,10 +34,9 @@ krb5_cksumtype_to_string(krb5_cksumtype cksumtype, char *buffer, size_t buflen) for (i=0; i<krb5_cksumtypes_length; i++) { if (krb5_cksumtypes_list[i].ctype == cksumtype) { - if ((strlen(krb5_cksumtypes_list[i].out_string)+1) > buflen) + if (strlcpy(buffer, krb5_cksumtypes_list[i].out_string, + buflen) >= buflen) return(ENOMEM); - - strcpy(buffer, krb5_cksumtypes_list[i].out_string); return(0); } } diff --git a/src/lib/crypto/enctype_to_string.c b/src/lib/crypto/enctype_to_string.c index f77dbff1c..28fa63ee1 100644 --- a/src/lib/crypto/enctype_to_string.c +++ b/src/lib/crypto/enctype_to_string.c @@ -34,10 +34,9 @@ krb5_enctype_to_string(krb5_enctype enctype, char *buffer, size_t buflen) for (i=0; i<krb5_enctypes_length; i++) { if (krb5_enctypes_list[i].etype == enctype) { - if ((strlen(krb5_enctypes_list[i].out_string)+1) > buflen) + if (strlcpy(buffer, krb5_enctypes_list[i].out_string, + buflen) >= buflen) return(ENOMEM); - - strcpy(buffer, krb5_enctypes_list[i].out_string); return(0); } } diff --git a/src/lib/kadm5/clnt/Makefile.in b/src/lib/kadm5/clnt/Makefile.in index 36c663f43..3fb46e09b 100644 --- a/src/lib/kadm5/clnt/Makefile.in +++ b/src/lib/kadm5/clnt/Makefile.in @@ -14,8 +14,8 @@ SHLIB_EXPDEPS=\ $(TOPLIBD)/libgssapi_krb5$(SHLIBEXT) \ $(TOPLIBD)/libkrb5$(SHLIBEXT) \ $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ - $(COM_ERR_DEPLIB) -SHLIB_EXPLIBS=-lgssrpc -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err + $(COM_ERR_DEPLIB) $(SUPPORT_LIBDEP) +SHLIB_EXPLIBS=-lgssrpc -lgssapi_krb5 -lkrb5 -lk5crypto $(SUPPORT_LIB) -lcom_err SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) RELDIR=kadm5/clnt diff --git a/src/lib/kadm5/srv/Makefile.in b/src/lib/kadm5/srv/Makefile.in index e6410f2bf..33d8af788 100644 --- a/src/lib/kadm5/srv/Makefile.in +++ b/src/lib/kadm5/srv/Makefile.in @@ -22,9 +22,9 @@ SHLIB_EXPDEPS=\ $(TOPLIBD)/libkdb5$(SHLIBEXT) \ $(TOPLIBD)/libkrb5$(SHLIBEXT) \ $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ - $(COM_ERR_DEPLIB) + $(COM_ERR_DEPLIB) $(SUPPORT_LIBDEP) SHLIB_EXPLIBS = -lgssrpc -lgssapi_krb5 -lkdb5 $(KDB5_DB_LIB) \ - -lkrb5 -lk5crypto -lcom_err @GEN_LIB@ + -lkrb5 -lk5crypto $(SUPPORT_LIB) -lcom_err @GEN_LIB@ SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) RELDIR=kadm5/srv diff --git a/src/lib/kadm5/str_conv.c b/src/lib/kadm5/str_conv.c index 0d142d6de..b9e58aac6 100644 --- a/src/lib/kadm5/str_conv.c +++ b/src/lib/kadm5/str_conv.c @@ -221,8 +221,8 @@ krb5_input_flag_to_string(flag, buffer, buflen) size_t buflen; { if(flag < 0 || flag >= flags_table_nents) return ENOENT; /* End of list */ - if(strlen(flags_table[flag].fl_specifier) > buflen) return ENOMEM; - strcpy(buffer, flags_table[flag].fl_specifier); + if(strlcpy(buffer, flags_table[flag].fl_specifier, buflen) >= buflen) + return ENOMEM; return 0; } diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index eb68f22fd..9c18e5dd8 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -251,7 +251,7 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library * lib) goto clean_n_exit; } - strcpy((*lib)->name, lib_name); + strlcpy((*lib)->name, lib_name, sizeof((*lib)->name)); #if !defined(KDB5_USE_LIB_KDB_DB2) && !defined(KDB5_USE_LIB_TEST) #error No database module defined @@ -341,7 +341,7 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library * lib) goto clean_n_exit; } - strcpy((*lib)->name, lib_name); + strlcpy((*lib)->name, lib_name, sizeof((*lib)->name)); /* Fetch the list of directories specified in the config file(s) first. */ diff --git a/src/lib/kdb/keytab.c b/src/lib/kdb/keytab.c index 227a42e08..fa95e4851 100644 --- a/src/lib/kdb/keytab.c +++ b/src/lib/kdb/keytab.c @@ -41,9 +41,8 @@ static krb5_error_code krb5_ktkdb_get_name(krb5_context context, krb5_keytab keytab, char *name, unsigned int namelen) { - if (namelen < sizeof("KDB:")) + if (strlcpy(name, "KDB:", namelen) >= namelen); return KRB5_KT_NAME_TOOLONG; - strcpy(name, "KDB:"); return 0; } diff --git a/src/lib/krb5/krb/conv_princ.c b/src/lib/krb5/krb/conv_princ.c index 3a1ca63b9..60c811513 100644 --- a/src/lib/krb5/krb/conv_princ.c +++ b/src/lib/krb5/krb/conv_princ.c @@ -169,9 +169,8 @@ krb5_524_conv_principal(krb5_context context, krb5_const_principal princ, * It is, so set the new name now, and chop off * instance's domain name if requested. */ - if (strlen (p->v4_str) > ANAME_SZ - 1) + if (strlcpy(name, p->v4_str, ANAME_SZ) >= ANAME_SZ) return KRB5_INVALID_PRINCIPAL; - strcpy(name, p->v4_str); if (p->flags & DO_REALM_CONVERSION) { compo = krb5_princ_component(context, princ, 1); c = strnchr(compo->data, '.', compo->length); diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index ab491105e..716d3cc43 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -112,11 +112,11 @@ krb5_get_init_creds_password(krb5_context context, pw0.data = pw0array; if (password && password[0]) { - if ((pw0.length = strlen(password)) > sizeof(pw0array)) { - ret = EINVAL; - goto cleanup; + if (strlcpy(pw0.data, password, sizeof(pw0array)) >= sizeof(pw0array)) { + ret = EINVAL; + goto cleanup; } - strcpy(pw0.data, password); + pw0.length = strlen(password); } else { pw0.data[0] = '\0'; pw0.length = sizeof(pw0array); @@ -238,7 +238,8 @@ krb5_get_init_creds_password(krb5_context context, prompt[1].reply = &pw1; prompt_types[1] = KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN; - strcpy(banner, "Password expired. You must change it now."); + strlcpy(banner, "Password expired. You must change it now.", + sizeof(banner)); for (tries = 3; tries; tries--) { pw0.length = sizeof(pw0array); diff --git a/src/lib/krb5/krb/str_conv.c b/src/lib/krb5/krb/str_conv.c index 986274d40..2413cebcd 100644 --- a/src/lib/krb5/krb/str_conv.c +++ b/src/lib/krb5/krb/str_conv.c @@ -118,11 +118,9 @@ krb5_salttype_to_string(krb5_int32 salttype, char *buffer, size_t buflen) } } if (out) { - if (buflen > strlen(out)) - strcpy(buffer, out); - else - out = (char *) NULL; - return((out) ? 0 : ENOMEM); + if (strlcpy(buffer, out, buflen) >= buflen) + return(ENOMEM); + return(0); } else return(EINVAL); diff --git a/src/lib/krb5/os/an_to_ln.c b/src/lib/krb5/os/an_to_ln.c index 6e6dadc57..83bce2bab 100644 --- a/src/lib/krb5/os/an_to_ln.c +++ b/src/lib/krb5/os/an_to_ln.c @@ -600,9 +600,7 @@ rule_an_to_ln(krb5_context context, char *rule, krb5_const_principal aname, cons kret = aname_replacer(selstring, ¤t, &outstring); if (outstring) { /* Copy out the value if there's enough room */ - if (strlen(outstring)+1 <= (size_t) lnsize) - strcpy(lname, outstring); - else + if (strlcpy(lname, outstring, lnsize) >= lnsize) kret = KRB5_CONFIG_NOTENUFSPACE; free(outstring); } @@ -728,9 +726,8 @@ krb5_aname_to_localname(krb5_context context, krb5_const_principal aname, int ln } /* Copy out the value if there's enough room */ - if (strlen(mapping_values[nvalid-1])+1 <= (size_t) lnsize) - strcpy(lname, mapping_values[nvalid-1]); - else + if (strlcpy(lname, mapping_values[nvalid-1], + lnsize) >= lnsize) kret = KRB5_CONFIG_NOTENUFSPACE; /* Free residue */ diff --git a/src/lib/krb5/os/hst_realm.c b/src/lib/krb5/os/hst_realm.c index 258288d93..27641f73a 100644 --- a/src/lib/krb5/os/hst_realm.c +++ b/src/lib/krb5/os/hst_realm.c @@ -99,9 +99,8 @@ krb5_try_realm_txt_rr(const char *prefix, const char *name, char **realm) */ if (name == NULL || name[0] == '\0') { - if (strlen (prefix) >= sizeof(host)-1) + if (strlcpy(host, prefix, sizeof(host)) >= sizeof(host)) return KRB5_ERR_HOST_REALM_UNKNOWN; - strcpy(host,prefix); } else { if ( strlen(prefix) + strlen(name) + 3 > MAXDNAME ) return KRB5_ERR_HOST_REALM_UNKNOWN; diff --git a/src/lib/krb5/os/ktdefname.c b/src/lib/krb5/os/ktdefname.c index 022d93cc5..89bb35fcf 100644 --- a/src/lib/krb5/os/ktdefname.c +++ b/src/lib/krb5/os/ktdefname.c @@ -44,22 +44,19 @@ krb5_kt_default_name(krb5_context context, char *name, int name_size) unsigned int namesize = (name_size < 0 ? 0 : name_size); if (krb5_overridekeyname) { - if (namesize < (strlen(krb5_overridekeyname)+1)) + if (strlcpy(name, krb5_overridekeyname, namesize) >= namesize) return KRB5_CONFIG_NOTENUFSPACE; - strcpy(name, krb5_overridekeyname); } else if ((context->profile_secure == FALSE) && (cp = getenv("KRB5_KTNAME"))) { - if (namesize < (strlen(cp)+1)) + if (strlcpy(name, cp, namesize) >= namesize) return KRB5_CONFIG_NOTENUFSPACE; - strcpy(name, cp); } else if ((profile_get_string(context->profile, "libdefaults", "default_keytab_name", NULL, NULL, &retval) == 0) && retval) { - if (namesize < (strlen(retval)+1)) + if (strlcpy(name, retval, namesize) >= namesize) return KRB5_CONFIG_NOTENUFSPACE; - strcpy(name, retval); profile_release_string(retval); } else { #if defined(_WIN32) @@ -74,9 +71,8 @@ krb5_kt_default_name(krb5_context context, char *name, int name_size) snprintf(name, namesize, krb5_defkeyname, defname); } #else - if (namesize < (strlen(krb5_defkeyname)+1)) + if (strlcpy(name, krb5_defkeyname, namesize) >= namesize) return KRB5_CONFIG_NOTENUFSPACE; - strcpy(name, krb5_defkeyname); #endif } return 0; diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c index 218748273..e95be3af0 100644 --- a/src/lib/krb5/os/sendto_kdc.c +++ b/src/lib/krb5/os/sendto_kdc.c @@ -222,9 +222,9 @@ krb5int_debug_fprint (const char *fmt, ...) /* %A => addrinfo */ ai = va_arg(args, struct addrinfo *); if (ai->ai_socktype == SOCK_DGRAM) - strcpy(tmpbuf, "dgram"); + strlcpy(tmpbuf, "dgram", sizeof(tmpbuf)); else if (ai->ai_socktype == SOCK_STREAM) - strcpy(tmpbuf, "stream"); + strlcpy(tmpbuf, "stream", sizeof(tmpbuf)); else snprintf(tmpbuf, sizeof(tmpbuf), "socktype%d", ai->ai_socktype); if (0 != getnameinfo (ai->ai_addr, ai->ai_addrlen, |