diff options
| author | Tom Yu <tlyu@mit.edu> | 1998-05-16 20:54:42 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 1998-05-16 20:54:42 +0000 |
| commit | 0ffa7c5b13d074646857bc6e933f1371b4f5c219 (patch) | |
| tree | 365630375d68e4aa461318d04ce6b5b9a50553c5 /src | |
| parent | c5bb34bd1abf355fe7c8e2aeeb780b7b68ad9193 (diff) | |
| download | krb5-0ffa7c5b13d074646857bc6e933f1371b4f5c219.tar.gz krb5-0ffa7c5b13d074646857bc6e933f1371b4f5c219.tar.xz krb5-0ffa7c5b13d074646857bc6e933f1371b4f5c219.zip | |
* login.c: Replace strcpy with strncpy in places. Add nul
termination to some existing invocations of strncpy.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10572 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/appl/bsd/ChangeLog | 5 | ||||
| -rw-r--r-- | src/appl/bsd/login.c | 38 |
2 files changed, 31 insertions, 12 deletions
diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index be08d2bb9..00b6d4bf1 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,8 @@ +Sat May 16 16:07:42 1998 Tom Yu <tlyu@mit.edu> + + * login.c: Replace strcpy with strncpy in places. Add nul + termination to some existing invocations of strncpy. + 1998-05-06 Theodore Ts'o <tytso@rsts-11.mit.edu> * configure.in: Add a check for the header file krb4-proto.h. diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c index af9d5ccbc..9a5b2f8b7 100644 --- a/src/appl/bsd/login.c +++ b/src/appl/bsd/login.c @@ -438,7 +438,7 @@ int unix_passwd_okay (pass) /* copy the first 8 chars of the password for unix crypt */ strncpy(user_pwcopy, pass, sizeof(user_pwcopy)); - user_pwcopy[8]='\0'; + user_pwcopy[sizeof(user_pwcopy) - 1]='\0'; namep = crypt(user_pwcopy, salt); memset (user_pwcopy, 0, sizeof(user_pwcopy)); /* ... and wipe the copy now that we have the string */ @@ -486,16 +486,19 @@ void k_init (ttyn) unlink(ccfile+strlen("FILE:")); } else { /* note it correctly */ - strcpy(ccfile, getenv(KRB5_ENV_CCNAME)); + strncpy(ccfile, getenv(KRB5_ENV_CCNAME), sizeof(ccfile)); + ccfile[sizeof(ccfile) - 1] = '\0'; } #ifdef KRB4_GET_TICKETS if (krb_get_lrealm(realm, 1) != KSUCCESS) { strncpy(realm, KRB_REALM, sizeof(realm)); + realm[sizeof(realm) - 1] = '\0'; } if (login_krb4_get_tickets || login_krb4_convert) { /* Set up the ticket file environment variable */ strncpy(tkfile, KRB_TK_DIR, sizeof(tkfile)); + tkfile[sizeof(tkfile) - 1] = '\0'; strncat(tkfile, strrchr(ttyn, '/')+1, sizeof(tkfile) - strlen(tkfile)); (void) unlink (tkfile); @@ -616,7 +619,8 @@ int try_krb5 (me_p, pass) } else { /* get_name pulls out just the name not the type */ - strcpy(ccfile, krb5_cc_get_name(kcontext, ccache)); + strncpy(ccfile, krb5_cc_get_name(kcontext, ccache), sizeof(ccfile)); + ccfile[sizeof(ccfile) - 1] = '\0'; krbflag = got_v5_tickets = 1; return 1; } @@ -707,7 +711,8 @@ try_convert524 (kcontext, me) return 0; } got_v4_tickets = 1; - strcpy(tkfile, tkt_string()); + strncpy(tkfile, tkt_string(), sizeof(tkfile)); + tkfile[sizeof(tkfile) - 1] = '\0'; return 1; } #endif @@ -728,7 +733,8 @@ try_krb4 (me, user_pwstring) case INTK_OK: kpass_ok = 1; krbflag = 1; - strcpy(tkfile, tkt_string()); + strncpy(tkfile, tkt_string(), sizeof(tkfile)); + tkfile[sizeof(tkfile) - 1] = '\0'; break; /* These errors should be silent */ /* So the Kerberos database can't be probed */ @@ -898,7 +904,8 @@ int verify_krb_v5_tgt (c) /* since krb5_sname_to_principal has done the work for us, just extract the name directly */ - strncpy(phost, krb5_princ_component(c, princ, 1)->data, BUFSIZ); + strncpy(phost, krb5_princ_component(c, princ, 1)->data, sizeof(phost)); + phost[sizeof(phost) - 1] = '\0'; /* Do we have host/<host> keys? */ /* (use default keytab, kvno IGNORE_VNO to get the first match, @@ -1333,8 +1340,10 @@ int rewrite_ccache = 1; /*try to write out ccache*/ lgetstr(term, sizeof(term), "Terminal type"); else if (!(kflag || Kflag )) /*Preserve terminal if not read over net */ { - if (getenv("TERM")) + if (getenv("TERM")) { strncpy(term, getenv("TERM"), sizeof(term)); + term[sizeof(term) - 1] = '\0'; + } } term_init (rflag || kflag || Kflag || eflag); @@ -1848,8 +1857,10 @@ int rewrite_ccache = 1; /*try to write out ccache*/ setenv("USER", pwd->pw_name, 1); setenv("SHELL", pwd->pw_shell, 1); - if (term[0] == '\0') + if (term[0] == '\0') { (void) strncpy(term, stypeof(tty), sizeof(term)); + term[sizeof(term) - 1] = '\0'; + } if (term[0]) (void)setenv("TERM", term, 0); #ifdef KRB4_GET_TICKETS @@ -1931,8 +1942,9 @@ int rewrite_ccache = 1; /*try to write out ccache*/ handler_set (SIGTSTP, sa); tbuf[0] = '-'; - (void) strcpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ? - p + 1 : pwd->pw_shell); + (void) strncpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ? + p + 1 : pwd->pw_shell, sizeof(tbuf) - 1); + tbuf[sizeof(tbuf) - 1] = '\0'; execlp(pwd->pw_shell, tbuf, 0); fprintf(stderr, "login: no shell: "); perror(pwd->pw_shell); @@ -2211,9 +2223,11 @@ void dolastlog(quiet, tty) } (void)time(&ll.ll_time); (void) strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); - if (hostname) + ll.ll_line[sizeof(ll.ll_line) - 1] = '\0'; + if (hostname) { (void) strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); - else + ll.ll_host[sizeof(ll.ll_host) - 1] = '\0'; + } else (void) memset(ll.ll_host, 0, sizeof(ll.ll_host)); (void)write(fd, (char *)&ll, sizeof(ll)); (void)close(fd); |