From 362728d2d6d53011603dc39f691707db20866434 Mon Sep 17 00:00:00 2001
From: Simon Wilkinson <sxw@your-file-system.com>
Date: Sat, 2 Mar 2013 09:26:05 +0000
Subject: [PATCH] auth: Don't overflow cell string

If the kernel gives us bogus data back from the VIOCGETTOK pioctl,
we might overflow the cell string when copying in to it. Use
strlcpy to avoid this (unlikely) occurrence.

Caught by coverity (#985768, #985769)

Change-Id: I2583b017e7a366f4271f356216bdd60f3a7b7911
Reviewed-on: http://gerrit.openafs.org/9349
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
---
 src/auth/ktc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/auth/ktc.c b/src/auth/ktc.c
index fc2563674..4df513dc6 100644
--- a/src/auth/ktc.c
+++ b/src/auth/ktc.c
@@ -701,7 +701,7 @@ GetToken(struct ktc_principal *aserver, struct ktc_token *atoken,
 
 		if (aclient || aviceid) {
 		    if (aclient) {
-			strcpy(aclient->cell, cellp);
+			strlcpy(aclient->cell, cellp, sizeof(aclient->cell));
 			aclient->instance[0] = 0;
 		    }
 
@@ -969,7 +969,7 @@ ktc_ListTokens(int aprevIndex,
     tp += temp;			/* skip clear token itself */
     tp += sizeof(afs_int32);	/* skip primary flag */
     /* tp now points to the cell name */
-    strcpy(aserver->cell, tp);
+    strlcpy(aserver->cell, tp, sizeof(aserver->cell));
     aserver->instance[0] = 0;
     strcpy(aserver->name, "afs");
 #endif /* NO_AFS_CLIENT */
-- 
2.39.5