+2000-04-25 Danilo Almeida <dalmeida@mit.edu>
+
+ * version.rc: Bump version to 1.2 beta.
+
2000-02-06 Danilo Almeida <dalmeida@mit.edu>
* README: Add documentation about debug vs. release builds.
+2000-05-08 Ken Raeburn <raeburn@mit.edu>
+ Nalin Dahyabhai <nalin@redhat.com>
+
+ * cns.c (kwin_push_login): Don't overflow buffer "fullname".
+ (kwin_command): Don't overflow buffer "copyright".
+ * cns_reg.c (cns_load_registry): Don't overflow buffer
+ "cns_res.def_confname".
+ * tktlist.c (ticket_init_list): Don't overflow buffer "buf".
+
1999-12-03 Danilo Almeida <dalmeida@mit.edu>
* Makefile.in: Windows fix for updated win-pre.in.
char menuitem[MAX_K_NAME_SZ + 3];
BOOL rc;
- strcpy(fullname, "&x ");
- strcat(fullname, name);
- strcat(fullname, ".");
- strcat(fullname, instance);
- strcat(fullname, "@");
- strcat(fullname, realm);
+ fullname[sizeof(fullname) - 1] = '\0';
+ strncpy(fullname, "&x ", sizeof(fullname) - 1);
+ strncat(fullname, name, sizeof(fullname) - 1 - strlen(fullname));
+ strncat(fullname, ".", sizeof(fullname) - 1 - strlen(fullname));
+ strncat(fullname, instance, sizeof(fullname) - 1 - strlen(fullname));
+ strncat(fullname, "@", sizeof(fullname) - 1 - strlen(fullname));
+ strncat(fullname, realm, sizeof(fullname) - 1 - strlen(fullname));
hmenu = GetMenu(hwnd);
assert(hmenu != NULL);
strcpy(copyright, " Kerberos V5 for Windows ");
#endif
#ifdef _WIN32
- strcat(copyright, "32-bit\n");
+ strncat(copyright, "32-bit\n", sizeof(copyright) - 1 - strlen(copyright));
#else
- strcat(copyright, "16-bit\n");
+ strncat(copyright, "16-bit\n", sizeof(copyright) - 1 - strlen(copyright));
#endif
- strcat(copyright, "\n Version 1.12\n\n");
+ strncat(copyright, "\n Version 1.12\n\n",
+ sizeof(copyright) - 1 - strlen(copyright));
#ifdef ORGANIZATION
- strcat(copyright, " For information, contact:\n");
- strcat(copyright, ORGANIZATION);
+ strncat(copyright, " For information, contact:\n",
+ sizeof(copyright) - 1 - strlen(copyright));
+ strncat(copyright, ORGANIZATION, sizeof(copyright) - 1 - strlen(copyright));
#endif
MessageBox(hwnd, copyright, KWIN_DIALOG_NAME, MB_OK);
sprintf(buf, "%s - %ld hr", KWIN_DIALOG_NAME, dt);
}
+ buf[sizeof(buf) - 1] = '\0';
if (dt > 1)
- strcat(buf, "s");
+ strncat(buf, "s", sizeof(buf) - 1 - strlen(buf));
}
DrawIcon(hdc, r.left, r.top, hicon);
if (key != INVALID_HANDLE_VALUE) {
if (registry_string_get(key, KERBNET_HOME, &ts) == 0) {
cns_res.conf_override = 0;
- strcpy(cns_res.def_confname, ts);
- strcat(cns_res.def_confname, "\\etc\\krb5.conf");
+ cns_res.def_confname[sizeof(cns_res.def_confname) - 1];
+ strncpy(cns_res.def_confname, ts,
+ sizeof(cns_res.def_confname) - 1);
+ strncat(cns_res.def_confname, "\\etc\\krb5.conf",
+ sizeof(cns_res.def_confname) - 1 -
+ strlen(cns_res.def_confname));
free(ts);
}
krb_get_nth_cred(service, instance, realm, i);
krb_get_cred(service, instance, realm, &c);
strcpy(buf, " ");
- strcat(buf, short_date(c.issue_date - kwin_get_epoch()));
+ strncat(buf, short_date(c.issue_date - kwin_get_epoch()),
+ sizeof(buf) - 1 - strlen(buf));
expiration = c.issue_date - kwin_get_epoch() + (long) c.lifetime * 5L * 60L;
- strcat (buf, " ");
- strcat(buf, short_date(expiration));
- strcat (buf, " ");
+ strncat(buf, " ", sizeof(buf) - 1 - strlen(buf));
+ strncat(buf, short_date(expiration), sizeof(buf) - 1 - strlen(buf));
+ strncat(buf, " ", sizeof(buf) - 1 - strlen(buf));
l = strlen(buf);
sprintf(&buf[l], "%s%s%s%s%s (%d)",
c.service, (c.instance[0] ? "." : ""), c.instance,
ncred++;
strcpy (buf, " ");
- strcat (buf, short_date (c.times.starttime - kwin_get_epoch()));
- strcat (buf, " ");
- strcat (buf, short_date (c.times.endtime - kwin_get_epoch()));
- strcat (buf, " ");
+ strncat(buf, short_date (c.times.starttime - kwin_get_epoch()),
+ sizeof(buf) - 1 - strlen(buf));
+ strncat(buf, " ", sizeof(buf) - 1 - strlen(buf));
+ strncat(buf, short_date (c.times.endtime - kwin_get_epoch()),
+ sizeof(buf) - 1 - strlen(buf));
+ strncat(buf, " ", sizeof(buf) - 1 - strlen(buf));
/* Add ticket service name and realm */
code = krb5_unparse_name (k5_context, c.server, &sname);
com_err (NULL, code, "while unparsing server name");
break;
}
- strcat (buf, sname);
+ strncat (buf, sname, sizeof(buf) - 1 - strlen(buf));
- strcat (buf, flags_string (&c)); /* Add flag info */
+ strncat (buf, flags_string (&c), sizeof(buf) - 1 - strlen(buf)); /* Add flag info */
l = strlen(buf);
lpinfo = (LPTICKETINFO) malloc(sizeof(TICKETINFO) + l + 1);
* BEGIN COMMON VERSION INFO for GSS and Kerberos version resources
*/
+#define PRE_RELEASE
+
+#ifdef PRE_RELEASE
+#define BETA_STR " beta"
+#define BETA_FLAG VS_FF_PRERELEASE
+#else
+#define BETA_STR ""
+#define BETA_FLAG 0
+#endif
+
#if !defined(_WIN32)
#define Targ_OS VOS__WINDOWS16
#else
/* we're going to stamp all the DLLs with the same version number */
-#define K5_PRODUCT_VERSION_STRING "1.1.1\0"
-#define K5_PRODUCT_VERSION 1, 1, 1, 0
+#define K5_PRODUCT_VERSION_STRING "1.2" BETA_STR "\0"
+#define K5_PRODUCT_VERSION 1, 2, 0, 0
-#define K5_COPYRIGHT "Copyright (C) 1997-1999 by the Massachusetts Institute of Technology\0"
+#define K5_COPYRIGHT "Copyright (C) 1997-2000 by the Massachusetts Institute of Technology\0"
#define K5_COMPANY_NAME "Massachusetts Institute of Technology.\0"
/*
FILEVERSION K5_PRODUCT_VERSION
PRODUCTVERSION K5_PRODUCT_VERSION
FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
-FILEFLAGS (VS_FF_DEBUG | VS_FF_PRIVATEBUILD)
+FILEFLAGS (VS_FF_DEBUG | VS_FF_PRIVATEBUILD | BETA_FLAG)
FILEOS Targ_OS
FILETYPE K5_FILETYPE
BEGIN
+2000-05-08 Nalin Dahyabhai <nalin@redhat.com>
+
+ * auth.c (auth_abort): Don't overflow buffer "strTmp".
+ (k4_auth_send): Don't overflow buffer "dbgbuf".
+ * encrypt.c (printsub): Don't overflow buffer "p".
+
1999-12-03 Danilo Almeida <dalmeida@mit.edu>
* Makefile.in: Windows fix for updated win-pre.in.
TelnetSend(ks, (LPSTR)buf, 8, 0);
if (errmsg != NULL) {
- strcpy(strTmp, errmsg);
+ strTmp[sizeof(strTmp) - 1] = '\0';
+ strncpy(strTmp, errmsg, sizeof(strTmp) - 1);
if (r != KSUCCESS) {
- strcat(strTmp, "\n");
+ strncat(strTmp, "\n", sizeof(strTmp) - 1 - strlen(strTmp));
#ifdef KRB4
lstrcat(strTmp, krb_get_err_text((int)r));
#endif
if (!realm) {
strcpy(buf, "Can't find realm for host \"");
- strcat(buf, szHostName);
- strcat(buf, "\"");
+ strncat(buf, szHostName, sizeof(buf) - 1 - strlen(buf));
+ strncat(buf, "\"", sizeof(buf) - 1 - strlen(buf));
auth_abort(ks, buf, 0);
return KFAILURE;
}
if (r) {
strcpy(buf, "Can't get \"");
- strcat(buf, KRB_SERVICE_NAME);
+ strncat(buf, KRB_SERVICE_NAME, sizeof(buf) - 1 - strlen(buf));
if (instance[0] != 0) {
- strcat(buf, ".");
+ strncat(buf, ".", sizeof(buf) - 1 - strlen(buf));
lstrcat(buf, instance);
}
- strcat(buf, "@");
+ strncat(buf, "@", sizeof(buf) - 1 - strlen(buf));
lstrcat(buf, realm);
- strcat(buf, "\" ticket");
+ strncat(buf, "\" ticket", sizeof(buf) - 1 - strlen(buf));
auth_abort(ks, buf, r);
return r;
*p++ = c;
- for (i = 0 ; i < len ; i++)
+ for (i = 0 ; (i < len) && (p - dbgbuf + 3 < sizeof(dbgbuf)) ; i++)
p += sprintf(p, "%02x ", s[i]);
+ dbgbuf[sizeof(dbgbuf) - 1] = '\0';
- strcat(p, "\n");
+ strncat(p, "\n", sizeof(dbgbuf) - 1 - (p - dbgbuf));
OutputDebugString(dbgbuf);
projects / krb5.git / commitdiff