From: Simon Wilkinson Date: Sat, 2 Mar 2013 13:01:14 +0000 (+0000) Subject: auth: Don't overflow buffer in CompFindUser X-Git-Tag: upstream/1.6.10_pre1^2~128 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=fd403e3f2ad74e7d568a4982d99af1acba305b55;p=packages%2Fo%2Fopenafs.git auth: Don't overflow buffer in CompFindUser The fullname buffer in CompFindUser is theoretically big enough to take the data usually supplied to it. However, play it safe by using strlcat and strlcpy to catch buffer overflows. Caught by coverity (#985771) Reviewed-on: http://gerrit.openafs.org/9543 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Reviewed-by: Derrick Brashear (cherry picked from commit cc95fca8e16f83d7dda3f09a5133dc9294299d61) Change-Id: I900611e13d6254c4410915b0688b18a3b6c4acc3 Reviewed-on: http://gerrit.openafs.org/11063 Tested-by: BuildBot Reviewed-by: Andrew Deason Reviewed-by: Chas Williams - CONTRACTOR Reviewed-by: Stephan Wiesand --- diff --git a/src/auth/userok.c b/src/auth/userok.c index e35da8185..68b6fbf26 100644 --- a/src/auth/userok.c +++ b/src/auth/userok.c @@ -310,7 +310,9 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst, if (!name || !name[0]) { return NULL; } - strcpy(fullname, name); + + if (strlcpy(fullname, name, sizeof(fullname)) >= sizeof(fullname)) + return NULL; /* might have instance */ if (inst && inst[0]) { @@ -318,14 +320,20 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst, return NULL; } - strcat(fullname, sep); - strcat(fullname, inst); + if (strlcat(fullname, sep, sizeof(fullname)) >= sizeof(fullname)) + return NULL; + + if (strlcat(fullname, inst, sizeof(fullname)) >= sizeof(fullname)) + return NULL; } /* might have realm */ if (realm && realm[0]) { - strcat(fullname, "@"); - strcat(fullname, realm); + if (strlcat(fullname, "@", sizeof(fullname)) >= sizeof(fullname)) + return NULL; + + if (strlcat(fullname, realm, sizeof(fullname)) >= sizeof(fullname)) + return NULL; } if (FindUser(adir, fullname)) {