From 37eb63dfaf020dfc17553d33a846bf09a9a9566b Mon Sep 17 00:00:00 2001
From: Simon Wilkinson <sxw@your-file-system.com>
Date: Sat, 2 Mar 2013 10:54:16 +0000
Subject: [PATCH] kauth: Use strl* functions in ka_log

Switch to using the strlcat and strlcpy functions in ka_log, to
avoid potential buffer overflows.

Caught by coverity (#985824)

Reviewed-on: http://gerrit.openafs.org/9397
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit b535059d48ac592760e2e5b87414d9010143c993)

Change-Id: Ie2a3f39e3189492f855729b4ded7a6fa71c43c9c
Reviewed-on: http://gerrit.openafs.org/11046
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
---
 src/kauth/kalog.c | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/src/kauth/kalog.c b/src/kauth/kalog.c
index 35fbbdb7f..12545c9ab 100644
--- a/src/kauth/kalog.c
+++ b/src/kauth/kalog.c
@@ -140,52 +140,52 @@ ka_log(char *principal, char *instance, char *sprincipal, char *sinstance,
     logbuf[0] = '\0';		/* Empty string */
 
     if (*principal)
-	strcpy(logbuf, principal);
+	strlcpy(logbuf, principal, sizeof(logbuf));
     if (realm) {
-	strcat(logbuf, "@");
-	strcat(logbuf, realm);
+	strlcat(logbuf, "@", sizeof(logbuf));
+	strlcat(logbuf, realm, sizeof(logbuf));
     }
     if (*instance) {
-	strcat(logbuf, ".");
-	strcat(logbuf, instance);
+	strlcat(logbuf, ".", sizeof(logbuf));
+	strlcat(logbuf, instance, sizeof(logbuf));
     }
 
     /* unlike the name/instance, the services can come down as NULL */
     if (sprincipal && *sprincipal) {
-	strcat(logbuf, ",");
-	strcat(logbuf, sprincipal);
+	strlcat(logbuf, ",", sizeof(logbuf));
+	strlcat(logbuf, sprincipal, sizeof(logbuf));
 	if (sinstance && *sinstance) {
-	    strcat(logbuf, ".");
-	    strcat(logbuf, sinstance);
+	    strlcat(logbuf, ".", sizeof(logbuf));
+	    strlcat(logbuf, sinstance, sizeof(logbuf));
 	}
     }
     switch (type) {
     case LOG_CRUSER:
-	strcat(logbuf, ":cruser");
+	strlcat(logbuf, ":cruser", sizeof(logbuf));
 	break;
     case LOG_CHPASSWD:
-	strcat(logbuf, ":chp");
+	strlcat(logbuf, ":chp", sizeof(logbuf));
 	break;
     case LOG_AUTHENTICATE:
-	strcat(logbuf, ":auth");
+	strlcat(logbuf, ":auth", sizeof(logbuf));
 	break;
     case LOG_AUTHFAILED:
-	strcat(logbuf, ":authnot");
+	strlcat(logbuf, ":authnot", sizeof(logbuf));
 	break;
     case LOG_SETFIELDS:
-	strcat(logbuf, ":setf");
+	strlcat(logbuf, ":setf", sizeof(logbuf));
 	break;
     case LOG_DELUSER:
-	strcat(logbuf, ":delu");
+	strlcat(logbuf, ":delu", sizeof(logbuf));
 	break;
     case LOG_UNLOCK:
-	strcat(logbuf, ":unlok");
+	strlcat(logbuf, ":unlok", sizeof(logbuf));
 	break;
     case LOG_GETTICKET:
-	strcat(logbuf, ":gtck");
+	strlcat(logbuf, ":gtck", sizeof(logbuf));
 	break;
     case LOG_TGTREQUEST:
-        strcat(logbuf, ":tgtreq");
+        strlcat(logbuf, ":tgtreq", sizeof(logbuf));
         break;
     default:
 	break;
-- 
2.39.5