auth: Don't overflow hostName array
authorSimon Wilkinson <sxw@your-file-system.com>
Sat, 2 Mar 2013 09:59:20 +0000 (09:59 +0000)
committerJeffrey Altman <jaltman@your-file-system.com>
Thu, 7 Mar 2013 15:53:26 +0000 (07:53 -0800)
afsconf_cell's hostName structure is a fixed length. Don't overflow
it by writing whatever comes back from gethostbyaddr into it. Use
strlcpy to catch an overflow, and if one occurs, just use
"UNKNOWNHOST", rather than a truncated host name.

Caught by coverity (#985906)

Change-Id: Iaa927f3e4860d99166789e8dc4950a03ea2237e4
Reviewed-on: http://gerrit.openafs.org/9354
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

src/auth/writeconfig.c

index 9d8d479..ad7c0b9 100644 (file)
@@ -54,7 +54,12 @@ VerifyEntries(struct afsconf_cell *aci)
            if (!th) {
                strcpy(aci->hostName[i], "UNKNOWNHOST");
            } else {
-               strcpy(aci->hostName[i], th->h_name);
+               if (strlcpy(aci->hostName[i],
+                           th->h_name,
+                           sizeof(aci->hostName[i]))
+                       >= sizeof(aci->hostName[i])) {
+                  strcpy(aci->hostName[i], "UNKNOWNHOST");
+               }
            }
        }
     }