From: Simon Wilkinson <sxw@your-file-system.com>
Date: Sat, 2 Mar 2013 12:09:42 +0000 (+0000)
Subject: aklog: Avoid overflows in get_afs_mountpoint
X-Git-Tag: upstream/1.8.0_pre1^2~1333
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=19d2683d711f95165adc16fac765bb4a31c99043;p=packages%2Fo%2Fopenafs.git

aklog: Avoid overflows in get_afs_mountpoint

When working with the fixed length cellname buffer, use
strlcat and strlcpy rather than strcat and strcpy.

Caught by coverity (#985763)

Change-Id: Idfb3a0562d4028f5d1aa134b7ab0b5fa2dd60edb
Reviewed-on: http://gerrit.openafs.org/9445
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
---

diff --git a/src/aklog/aklog.c b/src/aklog/aklog.c
index 038eece70..a77616de6 100644
--- a/src/aklog/aklog.c
+++ b/src/aklog/aklog.c
@@ -1106,8 +1106,7 @@ get_afs_mountpoint(char *file, char *mountpoint, int size)
     struct ViceIoctl vio;
     char cellname[BUFSIZ];
 
-    memset(our_file, 0, sizeof(our_file));
-    strcpy(our_file, file);
+    strlcpy(our_file, file, sizeof(our_file));
 
     if ((last_component = strrchr(our_file, DIR))) {
 	*last_component++ = 0;
@@ -1133,8 +1132,8 @@ get_afs_mountpoint(char *file, char *mountpoint, int size)
 	    vio.out = cellname;
 
 	    if (!pioctl(file, VIOC_FILE_CELL_NAME, &vio, 1)) {
-		strcat(cellname, VOLMARKERSTRING);
-		strcat(cellname, mountpoint + 1);
+		strlcat(cellname, VOLMARKERSTRING, sizeof(cellname));
+		strlcat(cellname, mountpoint + 1, sizeof(cellname));
 		memset(mountpoint + 1, 0, size - 1);
 		strcpy(mountpoint + 1, cellname);
 	    }