bos: Remove theoretical overflow in DateOf

DateOf copies the results of ctime into a static buffer. Typically
ctime will return a 26 byte string, but if you pass it a year larger
than 9999 (which we shouldn't), you can get a 32 (or more) byte string.

Get rid of this unlikely event by using strlcpy for the copy. We already
truncate at 24 bytes when we remove the \n, so this shouldn't cause any
further problems.

Really, this whole thing should be rewritten to use strftime.

Caught by coverity (#985776)

Reviewed-on: http://gerrit.openafs.org/9551
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 8b76110e23160e33716234f9560d22ca5275cb0a)

Change-Id: I47bdadf0159c12d747040765d28e6e8908678fd1
Reviewed-on: http://gerrit.openafs.org/10862
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

diff --git a/src/bozo/bos.c b/src/bozo/bos.c
index 7b02d15cf7d7e7fc05ba80475b3259042085a22d..3f1282b393fa8ec3487631368042267cfd6b766b 100644 (file)
--- a/src/bozo/bos.c
+++ b/src/bozo/bos.c
@@ -146,14 +146,13 @@ GetPartitionID(char *aname)
 
 /* make ctime easier to use */
 static char *
-DateOf(afs_int32 atime)
+DateOf(time_t atime)
 {
     static char tbuffer[30];
     char *tp;
-    time_t t = (time_t) atime;
-    tp = ctime(&t);
+    tp = ctime(&atime);
     if (tp) {
-       strcpy(tbuffer, tp);
+       strlcpy(tbuffer, tp, sizeof(tbuffer));
        tbuffer[24] = 0;        /* get rid of new line */
     } else
        strcpy(tbuffer, "BAD TIME");