+++ /dev/null
-From: Jeffrey Hutzelman <jhutz@cmu.edu>
-Date: Tue, 18 Jun 2013 12:35:36 -0400
-Subject: userok.c: Fix fixed-size on-stack path buffers
-
-Several functions in src/auth/userok.c construct pathnames in fixed
-size buffers on their stacks. Those buffers are simultaneously too
-small for the purpose for which they are used and too large to be
-placed on the stack. This change replaces these fixed-size buffers
-with dynamically-allocated buffers which are either exactly the right
-size (due to asprintf) or have size AFSDIR_PATH_MAX.
-
-FIXES 130719
-
-Reviewed-on: http://gerrit.openafs.org/9986
-Tested-by: BuildBot <buildbot@rampaginggeek.com>
-Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
-(cherry picked from commit 68e02987f62e1c507ddf7fd35847338b130c243d)
-
-This file has diverged quite substantially between master and 1.6.x,
-so though it is marked as a "cherry-pick", this patch was substantially
-rewritten for the 1.6 branch. In particular, we must use afs_asprintf()
-since asprintf() is not available everywhere.
-
-Change-Id: Iac62cb8293e7b28b422e7401eccb1f26841aff66
-(cherry picked from commit 27c71d3f62b605ca30800769c9bea2c649337032)
----
- src/auth/userok.c | 104 +++++++++++++++++++++++++++++++++++++++---------------
- 1 file changed, 75 insertions(+), 29 deletions(-)
-
-diff --git a/src/auth/userok.c b/src/auth/userok.c
-index 68b6fbf..3a9e493 100644
---- a/src/auth/userok.c
-+++ b/src/auth/userok.c
-@@ -108,8 +108,8 @@ afsconf_SetNoAuthFlag(struct afsconf_dir *adir, int aflag)
- int
- afsconf_DeleteUser(struct afsconf_dir *adir, char *auser)
- {
-- char tbuffer[1024];
-- char nbuffer[1024];
-+ char *filename, *nfilename;
-+ char *buffer;
- FILE *tf;
- FILE *nf;
- int flag;
-@@ -119,8 +119,17 @@ afsconf_DeleteUser(struct afsconf_dir *adir, char *auser)
- struct stat tstat;
- afs_int32 code;
-
-+ buffer = malloc(AFSDIR_PATH_MAX);
-+ if (buffer == NULL)
-+ return ENOMEM;
-+ filename = malloc(AFSDIR_PATH_MAX);
-+ if (filename == NULL) {
-+ free(buffer);
-+ return ENOMEM;
-+ }
-+
- LOCK_GLOBAL_MUTEX;
-- strcompose(tbuffer, sizeof tbuffer, adir->name, "/",
-+ strcompose(filename, AFSDIR_PATH_MAX, adir->name, "/",
- AFSDIR_ULIST_FILE, NULL);
- #ifndef AFS_NT40_ENV
- {
-@@ -129,64 +138,86 @@ afsconf_DeleteUser(struct afsconf_dir *adir, char *auser)
- * of the temporary file will work even if UserList is a symlink
- * into a different filesystem.
- */
-- char resolved_path[1024];
--
-- if (realpath(tbuffer, resolved_path)) {
-- strcpy(tbuffer, resolved_path);
-+ nfilename = malloc(AFSDIR_PATH_MAX);
-+ if (nfilename == NULL) {
-+ UNLOCK_GLOBAL_MUTEX;
-+ free(filename);
-+ free(buffer);
-+ return ENOMEM;
-+ }
-+ if (realpath(filename, nfilename)) {
-+ free(filename);
-+ filename = nfilename;
-+ } else {
-+ free(nfilename);
- }
- }
- #endif /* AFS_NT40_ENV */
-- tf = fopen(tbuffer, "r");
-+ if (afs_asprintf(&nfilename, "%s.NXX", filename) < 0) {
-+ UNLOCK_GLOBAL_MUTEX;
-+ free(filename);
-+ free(buffer);
-+ return -1;
-+ }
-+ tf = fopen(filename, "r");
- if (!tf) {
- UNLOCK_GLOBAL_MUTEX;
-+ free(filename);
-+ free(nfilename);
-+ free(buffer);
- return -1;
- }
-- code = stat(tbuffer, &tstat);
-+ code = stat(filename, &tstat);
- if (code < 0) {
- UNLOCK_GLOBAL_MUTEX;
-+ free(filename);
-+ free(nfilename);
-+ free(buffer);
- return code;
- }
-- strcpy(nbuffer, tbuffer);
-- strcat(nbuffer, ".NXX");
-- nf = fopen(nbuffer, "w+");
-+ nf = fopen(nfilename, "w+");
- if (!nf) {
- fclose(tf);
- UNLOCK_GLOBAL_MUTEX;
-+ free(filename);
-+ free(nfilename);
-+ free(buffer);
- return EIO;
- }
- flag = 0;
- found = 0;
- while (1) {
- /* check for our user id */
-- tp = fgets(nbuffer, sizeof(nbuffer), tf);
-+ tp = fgets(buffer, AFSDIR_PATH_MAX, tf);
- if (tp == NULL)
- break;
-- code = sscanf(nbuffer, "%64s", tname);
-+ code = sscanf(buffer, "%64s", tname);
- if (code == 1 && strcmp(tname, auser) == 0) {
- /* found the guy, don't copy to output file */
- found = 1;
- } else {
- /* otherwise copy original line to output */
-- fprintf(nf, "%s", nbuffer);
-+ fprintf(nf, "%s", buffer);
- }
- }
- fclose(tf);
-+ free(buffer);
- if (ferror(nf))
- flag = 1;
- if (fclose(nf) == EOF)
- flag = 1;
-- strcpy(nbuffer, tbuffer);
-- strcat(nbuffer, ".NXX"); /* generate new file name again */
- if (flag == 0) {
- /* try the rename */
-- flag = renamefile(nbuffer, tbuffer);
-+ flag = renamefile(nfilename, filename);
- if (flag == 0)
-- flag = chmod(tbuffer, tstat.st_mode);
-+ flag = chmod(filename, tstat.st_mode);
- } else
-- unlink(nbuffer);
-+ unlink(nfilename);
-
- /* finally, decide what to return to the caller */
- UNLOCK_GLOBAL_MUTEX;
-+ free(filename);
-+ free(nfilename);
- if (flag)
- return EIO; /* something mysterious went wrong */
- if (!found)
-@@ -199,25 +230,30 @@ int
- afsconf_GetNthUser(struct afsconf_dir *adir, afs_int32 an, char *abuffer,
- afs_int32 abufferLen)
- {
-- char tbuffer[256];
-+ char *tbuffer;
- FILE *tf;
- char tname[64 + 1];
- char *tp;
- int flag;
- afs_int32 code;
-
-+ tbuffer = malloc(AFSDIR_PATH_MAX);
-+ if (tbuffer == NULL)
-+ return ENOMEM;
-+
- LOCK_GLOBAL_MUTEX;
-- strcompose(tbuffer, sizeof tbuffer, adir->name, "/",
-+ strcompose(tbuffer, AFSDIR_PATH_MAX, adir->name, "/",
- AFSDIR_ULIST_FILE, NULL);
- tf = fopen(tbuffer, "r");
- if (!tf) {
- UNLOCK_GLOBAL_MUTEX;
-+ free(tbuffer);
- return 1;
- }
- flag = 1;
- while (1) {
- /* check for our user id */
-- tp = fgets(tbuffer, sizeof(tbuffer), tf);
-+ tp = fgets(tbuffer, AFSDIR_PATH_MAX, tf);
- if (tp == NULL)
- break;
- code = sscanf(tbuffer, "%64s", tname);
-@@ -230,6 +266,7 @@ afsconf_GetNthUser(struct afsconf_dir *adir, afs_int32 an, char *abuffer,
- strcpy(abuffer, tname);
- fclose(tf);
- UNLOCK_GLOBAL_MUTEX;
-+ free(tbuffer);
- return flag;
- }
-
-@@ -237,22 +274,28 @@ afsconf_GetNthUser(struct afsconf_dir *adir, afs_int32 an, char *abuffer,
- static int
- FindUser(struct afsconf_dir *adir, char *auser)
- {
-- char tbuffer[256];
-+ char *tbuffer;
- bufio_p bp;
- char tname[64 + 1];
- int flag;
- afs_int32 code;
- int rc;
-
-- strcompose(tbuffer, sizeof tbuffer, adir->name, "/", AFSDIR_ULIST_FILE,
-+ tbuffer = malloc(AFSDIR_PATH_MAX);
-+ if (tbuffer == NULL)
-+ return 0;
-+
-+ strcompose(tbuffer, AFSDIR_PATH_MAX, adir->name, "/", AFSDIR_ULIST_FILE,
- NULL);
- bp = BufioOpen(tbuffer, O_RDONLY, 0);
-- if (!bp)
-+ if (!bp) {
-+ free(tbuffer);
- return 0;
-+ }
- flag = 0;
- while (1) {
- /* check for our user id */
-- rc = BufioGets(bp, tbuffer, sizeof(tbuffer));
-+ rc = BufioGets(bp, tbuffer, AFSDIR_PATH_MAX);
- if (rc < 0)
- break;
- code = sscanf(tbuffer, "%64s", tname);
-@@ -262,6 +305,7 @@ FindUser(struct afsconf_dir *adir, char *auser)
- }
- }
- BufioClose(bp);
-+ free(tbuffer);
- return flag;
- }
-
-@@ -271,7 +315,7 @@ afsconf_AddUser(struct afsconf_dir *adir, char *aname)
- {
- FILE *tf;
- afs_int32 code;
-- char tbuffer[256];
-+ char *tbuffer;
-
- LOCK_GLOBAL_MUTEX;
- if (FindUser(adir, aname)) {
-@@ -279,9 +323,11 @@ afsconf_AddUser(struct afsconf_dir *adir, char *aname)
- return EEXIST; /* already in the list */
- }
-
-- strcompose(tbuffer, sizeof tbuffer, adir->name, "/", AFSDIR_ULIST_FILE,
-+ tbuffer = malloc(AFSDIR_PATH_MAX);
-+ strcompose(tbuffer, AFSDIR_PATH_MAX, adir->name, "/", AFSDIR_ULIST_FILE,
- NULL);
- tf = fopen(tbuffer, "a+");
-+ free(tbuffer);
- if (!tf) {
- UNLOCK_GLOBAL_MUTEX;
- return EIO;
projects / packages / o / openafs.git / commitdiff