git.openafs.org Git - openafs.git/commit

author	tharidufernando <tharidufernando@gmail.com>
	Sat, 10 Apr 2010 03:31:16 +0000 (08:31 +0530)
committer	Jeffrey Altman <jaltman@openafs.org>
	Tue, 4 May 2010 11:35:34 +0000 (04:35 -0700)
commit	1e69ec9cfef0bc571d1b91432354f486d49480b5
tree	5be7a208b5f01dda0913bf8eb1385cdc5ce9b2bb	tree \| snapshot
parent	fb50f2478c0402eb3062208e173ebe33d00ac9c4	commit \| diff

Windows: Secure C String usage in src\WINNT\afsd\fs.c

The use of strlen, strcat, strcpy, strncpy and sprintf in
src\WINNT\afsd\fs.c does not effectively protect against buffer
overruns and string truncation errors. This patchset replaces
their use with StringCbLen, StringCbCat, StringCbCopy,
StringCbCopyN, StringCbCopyEx and StringCbPrintf respectively from
strsafe.h.

The functions sscanf, fscanf and scanf do not check for the size of
the parameters so it is prone to buffer overruns. These functions
can be replaced by sscanf_s, fscanf_s, scanf_s when the Visual Studio
compiler version is 1400 or greater. Also memcpy will be replaced
by memcpy_s which will check for the size of the destination buffer.

In all cases, failure conditions are handled.

Patchset development was mentored by Asanka Herath and Jeffrey Altman.

Change-Id: I01e9dfc616641c220b57d2871e3e140406df3653
Reviewed-on: http://gerrit.openafs.org/1736
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Tharidu Fernando <tharidufernando@gmail.com>
Tested-by: Tharidu Fernando <tharidufernando@gmail.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>