auth: Don't overflow buffer in CompFindUser

The fullname buffer in CompFindUser is theoretically big enough
to take the data usually supplied to it. However, play it safe by
using strlcat and strlcpy to catch buffer overflows.

Caught by coverity (#985771)

Change-Id: Icc80d012b61ae90e1a62a814f7a6d552bb264294
Reviewed-on: http://gerrit.openafs.org/9543
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

diff --git a/src/auth/userok.c b/src/auth/userok.c
index eb98b3236378522ab8e8849e9a51ab6d8b09a7dd..f66acf1df2ba96ad047314277a22beb9f77ebd13 100644 (file)
--- a/src/auth/userok.c
+++ b/src/auth/userok.c
@@ -553,7 +553,9 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst,
     if (!name || !name[0]) {
        return 0;
     }
-    strcpy(fullname, name);
+
+    if (strlcpy(fullname, name, sizeof(fullname)) >= sizeof(fullname))
+       return 0;
 
     /* might have instance */
     if (inst && inst[0]) {
@@ -561,14 +563,20 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst,
            return 0;
        }
 
-       strcat(fullname, sep);
-       strcat(fullname, inst);
+       if (strlcat(fullname, sep, sizeof(fullname)) >= sizeof(fullname))
+           return 0;
+
+       if (strlcat(fullname, inst, sizeof(fullname)) >= sizeof(fullname))
+           return 0;
     }
 
     /* might have realm */
     if (realm && realm[0]) {
-       strcat(fullname, "@");
-       strcat(fullname, realm);
+       if (strlcat(fullname, "@", sizeof(fullname)) >= sizeof(fullname))
+           return 0;
+
+       if (strlcat(fullname, realm, sizeof(fullname)) >= sizeof(fullname))
+           return 0;
     }
 
     testId = rx_identity_new(RX_ID_KRB4, fullname, fullname, strlen(fullname));