* login.c: Replace strcpy with strncpy in places. Add nul

	termination to some existing invocations of strncpy.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10572 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog
index be08d2bb93e6582e03eae7e974be22355ca43aa4..00b6d4bf1fba220d723e69aa0d5604b2c7c065c0 100644 (file)
--- a/src/appl/bsd/ChangeLog
+++ b/src/appl/bsd/ChangeLog
@@ -1,3 +1,8 @@
+Sat May 16 16:07:42 1998  Tom Yu  <tlyu@mit.edu>
+
+       * login.c: Replace strcpy with strncpy in places.  Add nul
+       termination to some existing invocations of strncpy.
+
 1998-05-06  Theodore Ts'o  <tytso@rsts-11.mit.edu>
 
        * configure.in: Add a check for the header file krb4-proto.h.

diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c
index af9d5ccbc0fa8ca893e67db907d2d2100180a9c7..9a5b2f8b75fa2debb5d78a2046009da34443179b 100644 (file)
--- a/src/appl/bsd/login.c
+++ b/src/appl/bsd/login.c
@@ -438,7 +438,7 @@ int unix_passwd_okay (pass)
 
     /* copy the first 8 chars of the password for unix crypt */
     strncpy(user_pwcopy, pass, sizeof(user_pwcopy));
-    user_pwcopy[8]='\0';
+    user_pwcopy[sizeof(user_pwcopy) - 1]='\0';
     namep = crypt(user_pwcopy, salt);
     memset (user_pwcopy, 0, sizeof(user_pwcopy));
     /* ... and wipe the copy now that we have the string */
@@ -486,16 +486,19 @@ void k_init (ttyn)
        unlink(ccfile+strlen("FILE:"));
     } else {
        /* note it correctly */
-       strcpy(ccfile, getenv(KRB5_ENV_CCNAME));
+       strncpy(ccfile, getenv(KRB5_ENV_CCNAME), sizeof(ccfile));
+       ccfile[sizeof(ccfile) - 1] = '\0';
     }
 
 #ifdef KRB4_GET_TICKETS
     if (krb_get_lrealm(realm, 1) != KSUCCESS) {
        strncpy(realm, KRB_REALM, sizeof(realm));
+       realm[sizeof(realm) - 1] = '\0';
     }
     if (login_krb4_get_tickets || login_krb4_convert) {
        /* Set up the ticket file environment variable */
        strncpy(tkfile, KRB_TK_DIR, sizeof(tkfile));
+       tkfile[sizeof(tkfile) - 1] = '\0';
        strncat(tkfile, strrchr(ttyn, '/')+1,
                sizeof(tkfile) - strlen(tkfile));
        (void) unlink (tkfile);
@@ -616,7 +619,8 @@ int try_krb5 (me_p, pass)
     } else {
        /* get_name pulls out just the name not the
           type */
-       strcpy(ccfile, krb5_cc_get_name(kcontext, ccache));
+       strncpy(ccfile, krb5_cc_get_name(kcontext, ccache), sizeof(ccfile));
+       ccfile[sizeof(ccfile) - 1] = '\0';
        krbflag = got_v5_tickets = 1;
        return 1;
     }
@@ -707,7 +711,8 @@ try_convert524 (kcontext, me)
        return 0;
     }
     got_v4_tickets = 1;
-    strcpy(tkfile, tkt_string());
+    strncpy(tkfile, tkt_string(), sizeof(tkfile));
+    tkfile[sizeof(tkfile) - 1] = '\0';
     return 1;
 }
 #endif
@@ -728,7 +733,8 @@ try_krb4 (me, user_pwstring)
     case INTK_OK:
        kpass_ok = 1;
        krbflag = 1;
-       strcpy(tkfile, tkt_string());
+       strncpy(tkfile, tkt_string(), sizeof(tkfile));
+       tkfile[sizeof(tkfile) - 1] = '\0';
        break;  
        /* These errors should be silent */
        /* So the Kerberos database can't be probed */
@@ -898,7 +904,8 @@ int verify_krb_v5_tgt (c)
 
     /* since krb5_sname_to_principal has done the work for us, just
        extract the name directly */
-    strncpy(phost, krb5_princ_component(c, princ, 1)->data, BUFSIZ);
+    strncpy(phost, krb5_princ_component(c, princ, 1)->data, sizeof(phost));
+    phost[sizeof(phost) - 1] = '\0';
 
     /* Do we have host/<host> keys? */
     /* (use default keytab, kvno IGNORE_VNO to get the first match,
@@ -1333,8 +1340,10 @@ int rewrite_ccache = 1; /*try to write out ccache*/
                lgetstr(term, sizeof(term), "Terminal type");
        else if (!(kflag || Kflag ))  /*Preserve terminal if not read over net */
          {
-           if (getenv("TERM"))
+           if (getenv("TERM")) {
              strncpy(term, getenv("TERM"), sizeof(term));
+             term[sizeof(term) - 1] = '\0';
+           }
          }
        
        term_init (rflag || kflag || Kflag || eflag);
@@ -1848,8 +1857,10 @@ int rewrite_ccache = 1; /*try to write out ccache*/
        setenv("USER", pwd->pw_name, 1);
        setenv("SHELL", pwd->pw_shell, 1);
 
-       if (term[0] == '\0')
+       if (term[0] == '\0') {
                (void) strncpy(term, stypeof(tty), sizeof(term));
+               term[sizeof(term) - 1] = '\0';
+       }
        if (term[0])
                (void)setenv("TERM", term, 0);
 #ifdef KRB4_GET_TICKETS
@@ -1931,8 +1942,9 @@ int rewrite_ccache = 1; /*try to write out ccache*/
        handler_set (SIGTSTP, sa);
 
        tbuf[0] = '-';
-       (void) strcpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ?
-           p + 1 : pwd->pw_shell);
+       (void) strncpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ?
+           p + 1 : pwd->pw_shell, sizeof(tbuf) - 1);
+       tbuf[sizeof(tbuf) - 1] = '\0';
        execlp(pwd->pw_shell, tbuf, 0);
        fprintf(stderr, "login: no shell: ");
        perror(pwd->pw_shell);
@@ -2211,9 +2223,11 @@ void dolastlog(quiet, tty)
                }
                (void)time(&ll.ll_time);
                (void) strncpy(ll.ll_line, tty, sizeof(ll.ll_line));
-               if (hostname)
+               ll.ll_line[sizeof(ll.ll_line) - 1] = '\0';
+               if (hostname) {
                    (void) strncpy(ll.ll_host, hostname, sizeof(ll.ll_host));
-               else
+                   ll.ll_host[sizeof(ll.ll_host) - 1] = '\0';
+               } else
                    (void) memset(ll.ll_host, 0, sizeof(ll.ll_host));
                (void)write(fd, (char *)&ll, sizeof(ll));
                (void)close(fd);