From a68deb7fc5719b2399e3e1d063f9681f6aa4bf31 Mon Sep 17 00:00:00 2001 From: Simon Wilkinson Date: Sat, 2 Mar 2013 12:04:46 +0000 Subject: [PATCH] aklog: Fix overflows in auth_to_path In the auth_to_path routine, don't use strcpy and strcat when working with the fixed length pathtocheck buffer. Instead, use strlcpy and strlcat to ensure that all string operations fit within the buffer limits. Caught by coverity (#985762) Reviewed-on: http://gerrit.openafs.org/9444 Reviewed-by: Derrick Brashear Tested-by: BuildBot Reviewed-by: Jeffrey Altman (cherry picked from commit 788a6b67a088e2565c3b47ecb6e594a7b15f2757) Change-Id: I9abb8ab33da1d72e42764969e5527d443eea9652 Reviewed-on: http://gerrit.openafs.org/11058 Tested-by: BuildBot Reviewed-by: Chas Williams - CONTRACTOR Reviewed-by: Andrew Deason Reviewed-by: Stephan Wiesand --- src/aklog/aklog.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/aklog/aklog.c b/src/aklog/aklog.c index 7d3e7cd93..b6d2a5c5a 100644 --- a/src/aklog/aklog.c +++ b/src/aklog/aklog.c @@ -1336,7 +1336,7 @@ auth_to_path(krb5_context context, char *path) /* Initialize */ if (path[0] == DIR) - strcpy(pathtocheck, path); + strlcpy(pathtocheck, path, sizeof(pathtocheck)); else { if (getcwd(pathtocheck, sizeof(pathtocheck)) == NULL) { fprintf(stderr, "Unable to find current working directory:\n"); @@ -1345,15 +1345,15 @@ auth_to_path(krb5_context context, char *path) exit(AKLOG_BADPATH); } else { - strcat(pathtocheck, DIRSTRING); - strcat(pathtocheck, path); + strlcat(pathtocheck, DIRSTRING, sizeof(pathtocheck)); + strlcat(pathtocheck, path, sizeof(pathtocheck)); } } next_path(pathtocheck); /* Go on to the next level down the path */ while ((nextpath = next_path(NULL))) { - strcpy(pathtocheck, nextpath); + strlcpy(pathtocheck, nextpath, sizeof(pathtocheck)); afs_dprintf("Checking directory %s\n", pathtocheck); /* * If this is an afs mountpoint, determine what cell from -- 2.39.5