From: Simon Wilkinson <sxw@your-file-system.com>
Date: Fri, 8 Mar 2013 16:15:51 +0000 (+0000)
Subject: bos: Remove theoretical overflow in DateOf
X-Git-Tag: upstream/1.8.0_pre1^2~1305
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=8b76110e23160e33716234f9560d22ca5275cb0a;p=packages%2Fo%2Fopenafs.git

bos: Remove theoretical overflow in DateOf

DateOf copies the results of ctime into a static buffer. Typically
ctime will return a 26 byte string, but if you pass it a year larger
than 9999 (which we shouldn't), you can get a 32 (or more) byte string.

Get rid of this unlikely event by using strlcpy for the copy. We already
truncate at 24 bytes when we remove the \n, so this shouldn't cause any
further problems.

Really, this whole thing should be rewritten to use strftime.

Caught by coverity (#985776)

Change-Id: I18f6828d6ec3d79ecaf1dad8e27d3e8691ce87d5
Reviewed-on: http://gerrit.openafs.org/9551
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
---

diff --git a/src/bozo/bos.c b/src/bozo/bos.c
index 1e366d10e..97564e5e3 100644
--- a/src/bozo/bos.c
+++ b/src/bozo/bos.c
@@ -131,14 +131,13 @@ GetPartitionID(char *aname)
 
 /* make ctime easier to use */
 static char *
-DateOf(afs_int32 atime)
+DateOf(time_t atime)
 {
     static char tbuffer[30];
     char *tp;
-    time_t t = (time_t) atime;
-    tp = ctime(&t);
+    tp = ctime(&atime);
     if (tp) {
-	strcpy(tbuffer, tp);
+	strlcpy(tbuffer, tp, sizeof(tbuffer));
 	tbuffer[24] = 0;	/* get rid of new line */
     } else
 	strcpy(tbuffer, "BAD TIME");