From: Simon Wilkinson Date: Sat, 2 Mar 2013 13:01:14 +0000 (+0000) Subject: auth: Don't overflow buffer in CompFindUser X-Git-Tag: upstream/1.8.0_pre1^2~1321 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=cc95fca8e16f83d7dda3f09a5133dc9294299d61;p=packages%2Fo%2Fopenafs.git auth: Don't overflow buffer in CompFindUser The fullname buffer in CompFindUser is theoretically big enough to take the data usually supplied to it. However, play it safe by using strlcat and strlcpy to catch buffer overflows. Caught by coverity (#985771) Change-Id: Icc80d012b61ae90e1a62a814f7a6d552bb264294 Reviewed-on: http://gerrit.openafs.org/9543 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Reviewed-by: Derrick Brashear --- diff --git a/src/auth/userok.c b/src/auth/userok.c index eb98b3236..f66acf1df 100644 --- a/src/auth/userok.c +++ b/src/auth/userok.c @@ -553,7 +553,9 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst, if (!name || !name[0]) { return 0; } - strcpy(fullname, name); + + if (strlcpy(fullname, name, sizeof(fullname)) >= sizeof(fullname)) + return 0; /* might have instance */ if (inst && inst[0]) { @@ -561,14 +563,20 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst, return 0; } - strcat(fullname, sep); - strcat(fullname, inst); + if (strlcat(fullname, sep, sizeof(fullname)) >= sizeof(fullname)) + return 0; + + if (strlcat(fullname, inst, sizeof(fullname)) >= sizeof(fullname)) + return 0; } /* might have realm */ if (realm && realm[0]) { - strcat(fullname, "@"); - strcat(fullname, realm); + if (strlcat(fullname, "@", sizeof(fullname)) >= sizeof(fullname)) + return 0; + + if (strlcat(fullname, realm, sizeof(fullname)) >= sizeof(fullname)) + return 0; } testId = rx_identity_new(RX_ID_KRB4, fullname, fullname, strlen(fullname));