From f7f39b9dda8998390da542fb9bbc2be563c8a557 Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Tue, 3 Apr 2007 19:23:52 +0000
Subject: MITKRB5-SA-2007-002: buffer overflow in krb5_klog_syslog

Fix MITKRB5-SA-2007-002: buffer overflow in krb5_klog_syslog.

	* src/lib/krb5/krb/get_in_tkt.c (krb5_klog_syslog): Use vsnprintf
	if available.

Everything else: use precision fields on "%s" specifiers to truncate
logged strings, in case someone doesn't have vsnprintf.

ticket: new
target_version: 1.6.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19395 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/kadmin/server/misc.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/kadmin/server/misc.c')

diff --git a/src/kadmin/server/misc.c b/src/kadmin/server/misc.c
index fa4ca914c..ed5110048 100644
--- a/src/kadmin/server/misc.c
+++ b/src/kadmin/server/misc.c
@@ -171,3 +171,12 @@ check_min_life(void *server_handle, krb5_principal principal,
 
     return kadm5_free_principal_ent(handle->lhandle, &princ);
 }
+
+#define MAXPRINCLEN 125
+
+void
+trunc_name(size_t *len, char **dots)
+{
+    *dots = *len > MAXPRINCLEN ? "..." : "";
+    *len = *len > MAXPRINCLEN ? MAXPRINCLEN : *len;
+}
-- 
cgit