auth: Don't overflow buffer in CompFindUser
authorSimon Wilkinson <sxw@your-file-system.com>
Sat, 2 Mar 2013 13:01:14 +0000 (13:01 +0000)
committerDerrick Brashear <shadow@your-file-system.com>
Mon, 11 Mar 2013 14:27:17 +0000 (07:27 -0700)
The fullname buffer in CompFindUser is theoretically big enough
to take the data usually supplied to it. However, play it safe by
using strlcat and strlcpy to catch buffer overflows.

Caught by coverity (#985771)

Change-Id: Icc80d012b61ae90e1a62a814f7a6d552bb264294
Reviewed-on: http://gerrit.openafs.org/9543
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

src/auth/userok.c

index eb98b32..f66acf1 100644 (file)
@@ -553,7 +553,9 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst,
     if (!name || !name[0]) {
        return 0;
     }
-    strcpy(fullname, name);
+
+    if (strlcpy(fullname, name, sizeof(fullname)) >= sizeof(fullname))
+       return 0;
 
     /* might have instance */
     if (inst && inst[0]) {
@@ -561,14 +563,20 @@ CompFindUser(struct afsconf_dir *adir, char *name, char *sep, char *inst,
            return 0;
        }
 
-       strcat(fullname, sep);
-       strcat(fullname, inst);
+       if (strlcat(fullname, sep, sizeof(fullname)) >= sizeof(fullname))
+           return 0;
+
+       if (strlcat(fullname, inst, sizeof(fullname)) >= sizeof(fullname))
+           return 0;
     }
 
     /* might have realm */
     if (realm && realm[0]) {
-       strcat(fullname, "@");
-       strcat(fullname, realm);
+       if (strlcat(fullname, "@", sizeof(fullname)) >= sizeof(fullname))
+           return 0;
+
+       if (strlcat(fullname, realm, sizeof(fullname)) >= sizeof(fullname))
+           return 0;
     }
 
     testId = rx_identity_new(RX_ID_KRB4, fullname, fullname, strlen(fullname));