* If no regcomp() then just return the input string verbatim in the output
* string.
*/
-static void
+#define use_bytes(x) \
+ out_used += (x); \
+ if (out_used > MAX_FORMAT_BUFFER) goto mem_err
+
+static int
do_replacement(char *regexp, char *repl, int doall, char *in, char *out)
{
+ size_t out_used = 0;
#if HAVE_REGCOMP
regex_t match_exp;
regmatch_t match_match;
do {
if (!regexec(&match_exp, cp, 1, &match_match, 0)) {
if (match_match.rm_so) {
+ use_bytes(match_match.rm_so);
strncpy(op, cp, match_match.rm_so);
op += match_match.rm_so;
}
+ use_bytes(strlen(repl));
strncpy(op, repl, MAX_FORMAT_BUFFER - 1 - (op - out));
op += strlen(op);
cp += match_match.rm_eo;
- if (!doall)
+ if (!doall) {
+ use_bytes(strlen(cp));
strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
+ }
matched = 1;
}
else {
+ use_bytes(strlen(cp));
strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
matched = 0;
}
sdispl = (size_t) (loc1 - cp);
edispl = (size_t) (loc2 - cp);
if (sdispl) {
+ use_bytes(sdispl);
strncpy(op, cp, sdispl);
op += sdispl;
}
+ use_bytes(strlen(repl));
strncpy(op, repl, MAX_FORMAT_BUFFER - 1 - (op - out));
op += strlen(repl);
cp += edispl;
if (!doall)
+ use_bytes(strlen(cp));
strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
matched = 1;
}
else {
+ use_bytes(strlen(cp));
strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
matched = 0;
}
#else /* HAVE_REGEXP_H */
memcpy(out, in, MAX_FORMAT_BUFFER);
#endif /* HAVE_REGCOMP */
+ return 1;
+ mem_err:
+#ifdef HAVE_REGCMP
+ regfree(&match_exp);
+#endif
+ return 0;
+
}
+#undef use_bytes
/*
* aname_replacer() - Perform the specified substitutions on the input
/* Do the replacemenbt */
memset(out, '\0', MAX_FORMAT_BUFFER);
- do_replacement(rule, repl, doglobal, in, out);
+ if (!do_replacement(rule, repl, doglobal, in, out)) {
+ free(rule);
+ free(repl);
+ kret = KRB5_LNAME_NOTRANS;
+ break;
+ }
free(rule);
free(repl);
char *fprincname;
char *selstring = 0;
int num_comps, compind;
+ size_t selstring_used;
char *cout;
krb5_const krb5_data *datap;
char *outstring;
*/
current = strchr(current, ':');
selstring = (char *) malloc(MAX_FORMAT_BUFFER);
+ selstring_used = 0;
if (current && selstring) {
current++;
cout = selstring;
compind-1)
: krb5_princ_realm(context, aname))
) {
+ if ((datap->length < MAX_FORMAT_BUFFER)
+ && (selstring_used+datap->length
+ < MAX_FORMAT_BUFFER)) {
+ selstring_used += datap->length;
+ } else {
+ kret = ENOMEM;
+ goto errout;
+ }
strncpy(cout,
datap->data,
(unsigned) datap->length);
else
kret = KRB5_CONFIG_BADFORMAT;
- if (kret)
+ errout: if (kret)
free(selstring);
}
}
projects / krb5.git / commitdiff