libadmin: Don't overflow volume name

The maximum volume name length in the VLDB RPCs is VL_MAXNAMELEN
(65), not 64 as used as a hardcoded value in vsprocs. Switch to
using the defined value, and also use strlcat to check that we
don't overflow this.

Caught by coverity (#985849)

Reviewed-on: http://gerrit.openafs.org/9353
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 79abe9d68ea041a2ea6261c6f7bb1f055a45bf0a)

Change-Id: I0e1dd46be835e74fc43335606bf5ab8341678251
Reviewed-on: http://gerrit.openafs.org/11040
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

diff --git a/src/libadmin/vos/vsprocs.c b/src/libadmin/vos/vsprocs.c
index 6b016f08d3ee5f884ceff6ef7b3c605f0fa428d5..060cbf2a2d13deddedd337c04aba0cef97d569c3 100644 (file)
--- a/src/libadmin/vos/vsprocs.c
+++ b/src/libadmin/vos/vsprocs.c
@@ -1328,14 +1328,18 @@ GetTrans(afs_cell_handle_p cellHandle, struct nvldbentry *vldbEntryPtr,
 
     /* If the volume does not exist, create it */
     if (!volid || tst) {
-       char volname[64];
+       char volname[VL_MAXNAMELEN];
 
        if (volid && (tst != VNOVOL)) {
            goto fail_GetTrans;
        }
 
-       strcpy(volname, vldbEntryPtr->name);
-       strcat(volname, ".readonly");
+       strlcpy(volname, vldbEntryPtr->name, sizeof(volname));
+       if (strlcat(volname, ".readonly", sizeof(volname))
+               >= sizeof(volname)) {
+           tst = ENOMEM;
+           goto fail_GetTrans;
+       }
 
        tst =
            AFSVolCreateVolume(*connPtr, vldbEntryPtr->serverPartition[index],