From fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Fri, 24 Oct 2008 20:07:00 +0000 Subject: [PATCH] Use strlcpy instead of strcpy in many places ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970 --- src/appl/bsd/krlogin.c | 2 +- src/appl/bsd/krlogind.c | 2 +- src/appl/bsd/krshd.c | 4 +-- src/appl/bsd/login.c | 2 +- src/appl/bsd/v4rcp.c | 2 +- src/appl/gssftp/ftp/cmds.c | 2 +- src/appl/gssftp/ftp/ftp.c | 4 ++- src/appl/gssftp/ftp/glob.c | 6 ++-- src/appl/gssftp/ftpd/ftpd.c | 10 +++--- src/appl/libpty/getpty.c | 7 ++-- src/appl/libpty/update_utmp.c | 3 +- src/appl/telnet/libtelnet/kerberos5.c | 11 ++++--- src/appl/telnet/telnet/commands.c | 7 ++-- src/kadmin/dbutil/dumpv4.c | 6 ++-- src/kadmin/server/ipropd_svc.c | 3 +- src/kadmin/server/schpw.c | 47 +++++++++++++++++---------- src/kdc/fakeka.c | 21 ++++++------ src/kdc/kdc_authdata.c | 2 +- src/kdc/kerberos_v4.c | 2 +- src/kdc/network.c | 12 +++---- src/lib/crypto/cksumtype_to_string.c | 5 ++- src/lib/crypto/enctype_to_string.c | 5 ++- src/lib/kadm5/clnt/Makefile.in | 4 +-- src/lib/kadm5/srv/Makefile.in | 4 +-- src/lib/kadm5/str_conv.c | 4 +-- src/lib/kdb/kdb5.c | 4 +-- src/lib/kdb/keytab.c | 3 +- src/lib/krb5/krb/conv_princ.c | 3 +- src/lib/krb5/krb/gic_pwd.c | 11 ++++--- src/lib/krb5/krb/str_conv.c | 8 ++--- src/lib/krb5/os/an_to_ln.c | 9 ++--- src/lib/krb5/os/hst_realm.c | 3 +- src/lib/krb5/os/ktdefname.c | 12 +++---- src/lib/krb5/os/sendto_kdc.c | 4 +-- src/plugins/kdb/db2/kdb_db2.c | 2 +- src/tests/resolve/Makefile.in | 2 +- src/tests/resolve/addrinfo-test.c | 7 ++-- src/util/et/error_message.c | 2 +- src/util/support/errors.c | 3 +- 39 files changed, 132 insertions(+), 118 deletions(-) diff --git a/src/appl/bsd/krlogin.c b/src/appl/bsd/krlogin.c index 4aa3b242b..b3272815f 100644 --- a/src/appl/bsd/krlogin.c +++ b/src/appl/bsd/krlogin.c @@ -761,7 +761,7 @@ static int confirm_death () if (!confirm) return (1); /* no confirm, just die */ if (gethostname (hostname, sizeof(hostname)-1) != 0) - strcpy (hostname, "???"); + strlcpy (hostname, "???", sizeof(hostname)); else hostname[sizeof(hostname)-1] = '\0'; diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c index 2fe4c0410..e42da1449 100644 --- a/src/appl/bsd/krlogind.c +++ b/src/appl/bsd/krlogind.c @@ -1383,7 +1383,7 @@ recvauth(valid_checksum) } #ifdef KRB5_KRB4_COMPAT - strcpy(v4_instance, "*"); + strlcpy(v4_instance, "*", sizeof(v4_instance)); #endif if ((status = krb5_auth_con_init(bsd_context, &auth_context))) diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c index e780216fa..0c2c82eab 100644 --- a/src/appl/bsd/krshd.c +++ b/src/appl/bsd/krshd.c @@ -1829,7 +1829,7 @@ recvauth(netfd, peersin, valid_checksum) #endif #ifdef KRB5_KRB4_COMPAT - strcpy(v4_instance, "*"); + strlcpy(v4_instance, "*", sizeof(v4_instance)); #endif status = krb5_auth_con_init(bsd_context, &auth_context); @@ -1908,7 +1908,7 @@ recvauth(netfd, peersin, valid_checksum) * Assume it to be the same as the first component of the * principal's name. */ - strcpy(remuser, v4_kdata->pname); + strlcpy(remuser, v4_kdata->pname, sizeof(remuser)); status = krb5_425_conv_principal(bsd_context, v4_kdata->pname, v4_kdata->pinst, v4_kdata->prealm, diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c index f54511e48..a0348c273 100644 --- a/src/appl/bsd/login.c +++ b/src/appl/bsd/login.c @@ -2258,7 +2258,7 @@ int do_krb_login(host, strict) kdata = (AUTH_DAT *)malloc( sizeof(AUTH_DAT) ); ticket = (KTEXT) malloc(sizeof(KTEXT_ST)); - (void) strcpy(instance, "*"); + (void) strlcpy(instance, "*", sizeof(instance)); if ((rc=krb_recvauth(authoptions, 0, ticket, "rcmd", instance, &sin, (struct sockaddr_in *)0, diff --git a/src/appl/bsd/v4rcp.c b/src/appl/bsd/v4rcp.c index 3cb7b3f97..6baadf891 100644 --- a/src/appl/bsd/v4rcp.c +++ b/src/appl/bsd/v4rcp.c @@ -1071,7 +1071,7 @@ answer_auth() } #endif - strcpy(instance, "*"); + strlcpy(instance, "*", sizeof(instance)); /* If rshd was invoked with the -s argument, it will set the environment variable KRB_SRVTAB. We use that to get the diff --git a/src/appl/gssftp/ftp/cmds.c b/src/appl/gssftp/ftp/cmds.c index 2f7c8310a..ac7a8039f 100644 --- a/src/appl/gssftp/ftp/cmds.c +++ b/src/appl/gssftp/ftp/cmds.c @@ -184,7 +184,7 @@ void setpeer(argc, argv) form = FORM_N; mode = MODE_S; stru = STRU_F; - (void) strcpy(bytename, "8"), bytesize = 8; + (void) strlcpy(bytename, "8", sizeof(bytename)), bytesize = 8; if (autoauth) { if (do_auth() && autoencrypt) { clevel = PROT_P; diff --git a/src/appl/gssftp/ftp/ftp.c b/src/appl/gssftp/ftp/ftp.c index 227ca5efc..1e4a0dcb4 100644 --- a/src/appl/gssftp/ftp/ftp.c +++ b/src/appl/gssftp/ftp/ftp.c @@ -124,6 +124,8 @@ int gettimeofday(struct timeval *tv, void *tz); #define L_INCR 1 #endif +#include + #ifdef KRB5_KRB4_COMPAT #include @@ -411,7 +413,7 @@ int login(char *host) return(1); for (n = 0; n < macnum; ++n) { if (!strcmp("init", macros[n].mac_name)) { - (void) strcpy(line, "$init"); + (void) strlcpy(line, "$init", sizeof(line)); makeargv(); domacro(margc, margv); break; diff --git a/src/appl/gssftp/ftp/glob.c b/src/appl/gssftp/ftp/glob.c index 6134798ef..2b7839205 100644 --- a/src/appl/gssftp/ftp/glob.c +++ b/src/appl/gssftp/ftp/glob.c @@ -772,10 +772,12 @@ static int gethdir(mhome) char *mhome; { register struct passwd *pp = getpwnam(mhome); + size_t bufsize = lastgpathp - mhome; - if (!pp || ((mhome + strlen(pp->pw_dir)) >= lastgpathp)) + if (!pp) + return (1); + if (strlcpy(mhome, pp->pw_dir, bufsize) >= bufsize) return (1); - (void) strcpy(mhome, pp->pw_dir); return (0); } #endif diff --git a/src/appl/gssftp/ftpd/ftpd.c b/src/appl/gssftp/ftpd/ftpd.c index 4405e9b17..30fe19a81 100644 --- a/src/appl/gssftp/ftpd/ftpd.c +++ b/src/appl/gssftp/ftpd/ftpd.c @@ -1403,7 +1403,7 @@ dataconn(name, size, fmode) /* cast size to long in case sizeof(off_t) > sizeof(long) */ (void) sprintf (sizebuf, " (%ld bytes)", (long)size); else - (void) strcpy(sizebuf, ""); + sizebuf[0] = '\0'; if (pdata >= 0) { int s, fromlen = sizeof(data_dest); @@ -1748,9 +1748,9 @@ statcmd() strunames[stru], modenames[mode]); reply(0, "%s", str); if (data != -1) - strcpy(str, " Data connection open"); + strlcpy(str, " Data connection open", sizeof(str)); else if (pdata != -1) { - strcpy(str, " in Passive mode"); + strlcpy(str, " in Passive mode", sizeof(str)); sin4 = &pasv_addr; goto printaddr; } else if (usedefault == 0) { @@ -1764,7 +1764,7 @@ printaddr: UC(p[1])); #undef UC } else - strcpy(str, " No data connection"); + strlcpy(str, " No data connection", sizeof(str)); reply(0, "%s", str); reply(211, "End of status"); } @@ -2321,7 +2321,7 @@ char *adata; return(0); } (void) memcpy((char *)ticket.dat, (char *)out_buf, ticket.length = length); - strcpy(instance, "*"); + strlcpy(instance, "*", sizeof(instance)); kerror = 255; for (service = krb4_services; *service; service++) { diff --git a/src/appl/libpty/getpty.c b/src/appl/libpty/getpty.c index 610a471e6..995b22770 100644 --- a/src/appl/libpty/getpty.c +++ b/src/appl/libpty/getpty.c @@ -23,6 +23,7 @@ #include "com_err.h" #include "libpty.h" #include "pty-int.h" +#include "k5-platform.h" long ptyint_getpty_ext(int *fd, char *slave, int slavelength, int do_grantpt) @@ -59,12 +60,11 @@ ptyint_getpty_ext(int *fd, char *slave, int slavelength, int do_grantpt) *fd = -1; return PTY_GETPTY_NOPTY; } - if (strlen(slaveret) > slavelength - 1) { + if (strlcpy(slave, slaveret, slavelength) >= slavelength) { close(*fd); *fd = -1; return PTY_GETPTY_SLAVE_TOOLONG; } - else strcpy(slave, slaveret); return 0; #else /*HAVE__GETPTY*/ @@ -92,12 +92,11 @@ ptyint_getpty_ext(int *fd, char *slave, int slavelength, int do_grantpt) #endif #endif if (p) { - if (strlen(p) > slavelength - 1) { + if (strlcpy(slave, p, slavelength) >= slavelength) { close (*fd); *fd = -1; return PTY_GETPTY_SLAVE_TOOLONG; } - strcpy(slave, p); return 0; } diff --git a/src/appl/libpty/update_utmp.c b/src/appl/libpty/update_utmp.c index 8f3d6a66c..292a1675b 100644 --- a/src/appl/libpty/update_utmp.c +++ b/src/appl/libpty/update_utmp.c @@ -319,6 +319,7 @@ #include "com_err.h" #include "libpty.h" #include "pty-int.h" +#include "k5-platform.h" #if !defined(UTMP_FILE) && defined(_PATH_UTMP) #define UTMP_FILE _PATH_UTMP @@ -547,7 +548,7 @@ pty_update_utmp(int process_type, int pid, const char *username, * pain, and would eit cross-compiling. */ #ifdef __hpux - strcpy(utmp_id, cp); + strlcpy(utmp_id, cp, sizeof(utmp_id)); #else if (len > 2 && *(cp - 1) != '/') snprintf(utmp_id, sizeof(utmp_id), "k%s", cp - 1); diff --git a/src/appl/telnet/libtelnet/kerberos5.c b/src/appl/telnet/libtelnet/kerberos5.c index aec975670..06c6e9847 100644 --- a/src/appl/telnet/libtelnet/kerberos5.c +++ b/src/appl/telnet/libtelnet/kerberos5.c @@ -452,7 +452,8 @@ kerberos5_is(ap, data, cnt) * the default is of length 4. */ if (krb5_princ_size(telnet_context,ticket->server) < 1) { - (void) strcpy(errbuf, "malformed service name"); + (void) strlcpy(errbuf, "malformed service name", + sizeof(errbuf)); goto errout; } if (krb5_princ_component(telnet_context,ticket->server,0)->length < 256) { @@ -472,7 +473,8 @@ kerberos5_is(ap, data, cnt) goto errout; } } else { - (void) strcpy(errbuf, "service name too long"); + (void) strlcpy(errbuf, "service name too long", + sizeof(errbuf)); goto errout; } @@ -487,8 +489,9 @@ kerberos5_is(ap, data, cnt) } if ((ap->way & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON && !authenticator->checksum) { - (void) strcpy(errbuf, - "authenticator is missing required checksum"); + (void) strlcpy(errbuf, + "authenticator is missing required checksum", + sizeof(errbuf)); goto errout; } if (authenticator->checksum) { diff --git a/src/appl/telnet/telnet/commands.c b/src/appl/telnet/telnet/commands.c index 57106de7f..92418dbed 100644 --- a/src/appl/telnet/telnet/commands.c +++ b/src/appl/telnet/telnet/commands.c @@ -117,6 +117,8 @@ static unsigned long sourceroute(char *, char **, int *); #include "fake-addrinfo.h" +#include + char *hostname; static char _hostname[MAXDNAME]; static char hostaddrstring[NI_MAXHOST]; @@ -2431,7 +2433,7 @@ tn(argc, argv) return 0; } if (argc < 2) { - (void) strcpy(line, "open "); + (void) strlcpy(line, "open ", sizeof(line)); printf("(to) "); (void) fgets(&line[strlen(line)], (int) (sizeof(line) - strlen(line)), stdin); @@ -2580,7 +2582,8 @@ tn(argc, argv) if (error) { fprintf (stderr, "getnameinfo() error printing address: %s\n", gai_strerror (error)); - strcpy (hostaddrstring, "[address unprintable]"); + strlcpy (hostaddrstring, "[address unprintable]", + sizeof(hostaddrstring)); } printf("Trying %s...\r\n", hostaddrstring); #if defined(IP_OPTIONS) && defined(IPPROTO_IP) diff --git a/src/kadmin/dbutil/dumpv4.c b/src/kadmin/dbutil/dumpv4.c index e6bd1f407..065206ab3 100644 --- a/src/kadmin/dbutil/dumpv4.c +++ b/src/kadmin/dbutil/dumpv4.c @@ -183,7 +183,7 @@ dump_v4_iterator(ptr, entry) if (! principal->name[0]) return 0; if (! principal->instance[0]) - strcpy(principal->instance, "*"); + strlcpy(principal->instance, "*", sizeof(principal->instance)); /* Now move to mod princ */ if ((retval = krb5_dbe_lookup_mod_princ_data(util_context,entry, @@ -202,9 +202,9 @@ dump_v4_iterator(ptr, entry) } if (! principal->mod_name[0]) - strcpy(principal->mod_name, "*"); + strlcpy(principal->mod_name, "*", sizeof(principal->mod_name)); if (! principal->mod_instance[0]) - strcpy(principal->mod_instance, "*"); + strlcpy(principal->mod_instance, "*", sizeof(principal->mod_instance)); /* OK deal with the key now. */ for (max_kvno = i = 0; i < entry->n_key_data; i++) { diff --git a/src/kadmin/server/ipropd_svc.c b/src/kadmin/server/ipropd_svc.c index 673d2a9af..b834425b3 100644 --- a/src/kadmin/server/ipropd_svc.c +++ b/src/kadmin/server/ipropd_svc.c @@ -229,9 +229,8 @@ getclhoststr(char *clprinc, char *cl, int len) /* XXX "!++s"? */ if (!++s) return NULL; - if (strlen(s) >= len) + if (strlcpy(cl, s, len) >= len) return NULL; - strcpy(cl, s); /* XXX Copy with @REALM first, with bounds check, then chop off the realm?? */ if ((s = strchr(cl, '@')) != NULL) { diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c index 76aa2ca85..e8a6896e7 100644 --- a/src/kadmin/server/schpw.c +++ b/src/kadmin/server/schpw.c @@ -58,7 +58,7 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, or the caller passed in garbage */ ret = KRB5KRB_AP_ERR_MODIFIED; numresult = KRB5_KPASSWD_MALFORMED; - strcpy(strresult, "Request was truncated"); + strlcpy(strresult, "Request was truncated", sizeof(strresult)); goto chpwfail; } @@ -93,7 +93,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (ptr + ap_req.length >= req->data + req->length) { ret = KRB5KRB_AP_ERR_MODIFIED; numresult = KRB5_KPASSWD_MALFORMED; - strcpy(strresult, "Request was truncated in AP-REQ"); + strlcpy(strresult, "Request was truncated in AP-REQ", + sizeof(strresult)); goto chpwfail; } @@ -105,7 +106,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, ret = krb5_auth_con_init(context, &auth_context); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed initializing auth context"); + strlcpy(strresult, "Failed initializing auth context", + sizeof(strresult)); goto chpwfail; } @@ -113,7 +115,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, KRB5_AUTH_CONTEXT_DO_SEQUENCE); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed initializing auth context"); + strlcpy(strresult, "Failed initializing auth context", + sizeof(strresult)); goto chpwfail; } @@ -121,7 +124,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, "kadmin", "changepw", NULL); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed building kadmin/changepw principal"); + strlcpy(strresult, "Failed building kadmin/changepw principal", + sizeof(strresult)); goto chpwfail; } @@ -130,7 +134,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (ret) { numresult = KRB5_KPASSWD_AUTHERROR; - strcpy(strresult, "Failed reading application request"); + strlcpy(strresult, "Failed reading application request", + sizeof(strresult)); goto chpwfail; } @@ -141,7 +146,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (getsockname(s, &local_addr, &addrlen) < 0) { ret = errno; numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed getting server internet address"); + strlcpy(strresult, "Failed getting server internet address", + sizeof(strresult)); goto chpwfail; } @@ -173,7 +179,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (getpeername(s, &remote_addr, &addrlen) < 0) { ret = errno; numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed getting client internet address"); + strlcpy(strresult, "Failed getting client internet address", + sizeof(strresult)); goto chpwfail; } @@ -205,7 +212,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, &remote_kaddr); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed storing client internet address"); + strlcpy(strresult, "Failed storing client internet address", + sizeof(strresult)); goto chpwfail; } @@ -213,7 +221,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, if (!(ticket->enc_part2->flags & TKT_FLG_INITIAL)) { numresult = KRB5_KPASSWD_AUTHERROR; - strcpy(strresult, "Ticket must be derived from a password"); + strlcpy(strresult, "Ticket must be derived from a password", + sizeof(strresult)); goto chpwfail; } @@ -222,7 +231,8 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, ret = krb5_mk_rep(context, auth_context, &ap_rep); if (ret) { numresult = KRB5_KPASSWD_AUTHERROR; - strcpy(strresult, "Failed replying to application request"); + strlcpy(strresult, "Failed replying to application request", + sizeof(strresult)); goto chpwfail; } @@ -234,14 +244,15 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, ret = krb5_rd_priv(context, auth_context, &cipher, &clear, &replay); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed decrypting request"); + strlcpy(strresult, "Failed decrypting request", sizeof(strresult)); goto chpwfail; } ret = krb5_unparse_name(context, ticket->enc_part2->client, &clientstr); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed unparsing client name for log"); + strlcpy(strresult, "Failed unparsing client name for log", + sizeof(strresult)); goto chpwfail; } /* change the password */ @@ -282,7 +293,7 @@ process_chpw_request(context, server_handle, realm, s, keytab, sockin, /* success! */ numresult = KRB5_KPASSWD_SUCCESS; - strcpy(strresult, ""); + strlcpy(strresult, "", sizeof(strresult)); chpwfail: @@ -303,14 +314,16 @@ chpwfail: NULL); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, - "Failed storing client and server internet addresses"); + strlcpy(strresult, + "Failed storing client and server internet addresses", + sizeof(strresult)); } else { ret = krb5_mk_priv(context, auth_context, &clear, &cipher, &replay); if (ret) { numresult = KRB5_KPASSWD_HARDERROR; - strcpy(strresult, "Failed encrypting reply"); + strlcpy(strresult, "Failed encrypting reply", + sizeof(strresult)); } } } diff --git a/src/kdc/fakeka.c b/src/kdc/fakeka.c index 21344596e..f861d48ed 100644 --- a/src/kdc/fakeka.c +++ b/src/kdc/fakeka.c @@ -51,6 +51,7 @@ #include #include #include +#include #ifndef LINT static char rcsid[]= @@ -778,14 +779,14 @@ packet_t req, reply; * Initialize these so we don't crash trying to print them in * case they don't get filled in. */ - strcpy(rname, "Unknown"); - strcpy(rinst, "Unknown"); - strcpy(sname, "Unknown"); - strcpy(sinst, "Unknown"); - strcpy(cname, "Unknown"); - strcpy(cinst, "Unknown"); - strcpy(cell, "Unknown"); - strcpy(realm, "Unknown"); + strlcpy(rname, "Unknown", sizeof(rname)); + strlcpy(rinst, "Unknown", sizeof(rinst)); + strlcpy(sname, "Unknown", sizeof(sname)); + strlcpy(sinst, "Unknown", sizeof(sinst)); + strlcpy(cname, "Unknown", sizeof(cname)); + strlcpy(cinst, "Unknown", sizeof(cinst)); + strlcpy(cell, "Unknown", sizeof(cell)); + strlcpy(realm, "Unknown", sizeof(realm)); p = req->base; maxn = req->len; @@ -797,7 +798,7 @@ packet_t req, reply; GET_PSTR(cell); if (!cell[0]) - strcpy(cell, localcell); + strlcpy(cell, localcell, sizeof(cell)); if (debug) fprintf(stderr, "Cell is %s\n", cell); @@ -963,7 +964,7 @@ packet_t req, reply; (strcasecmp(cell, localcell) == 0)) { char *c; - strcpy(rinst, localcell); + strlcpy(rinst, localcell, sizeof(rinst)); for (c = rinst; *c != NULL; c++) *c = (char) tolower( (int) *c); diff --git a/src/kdc/kdc_authdata.c b/src/kdc/kdc_authdata.c index a1acdfd1a..a8f9241ea 100644 --- a/src/kdc/kdc_authdata.c +++ b/src/kdc/kdc_authdata.c @@ -101,7 +101,7 @@ greet_authdata(krb5_context ctx, krb5_db_entry *client, free(a); return ENOMEM; } - strcpy(p, "hello"); + strlcpy(p, "hello", GREET_SIZE); a->magic = KV5M_AUTHDATA; a->ad_type = -42; a->length = GREET_SIZE; diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c index b2bfa4b54..8ac015b7f 100644 --- a/src/kdc/kerberos_v4.c +++ b/src/kdc/kerberos_v4.c @@ -288,7 +288,7 @@ static char * v4_klog( int type, const char *format, ...) case L_NTGT_INTK: case L_TKT_REQ: case L_APPL_REQ: - strcpy(log_text, "PROCESS_V4:"); + strlcpy(log_text, "PROCESS_V4:", sizeof(log_text)); vsnprintf(log_text+strlen(log_text), sizeof(log_text) - strlen(log_text), format, pvar); diff --git a/src/kdc/network.c b/src/kdc/network.c index 3bad9650c..615049964 100644 --- a/src/kdc/network.c +++ b/src/kdc/network.c @@ -160,7 +160,7 @@ static const char *paddr (struct sockaddr *sa) if (getnameinfo(sa, socklen(sa), buf, sizeof(buf), portbuf, sizeof(portbuf), NI_NUMERICHOST|NI_NUMERICSERV)) - strcpy(buf, ""); + strlcpy(buf, "", sizeof(buf)); else { unsigned int len = sizeof(buf) - strlen(buf); char *p = buf + strlen(buf); @@ -695,7 +695,7 @@ setup_udp_port(void *P_data, struct sockaddr *addr) err = getnameinfo(addr, socklen(addr), haddrbuf, sizeof(haddrbuf), 0, 0, NI_NUMERICHOST); if (err) - strcpy(haddrbuf, ""); + strlcpy(haddrbuf, "", sizeof(haddrbuf)); switch (addr->sa_family) { case AF_INET: @@ -1192,7 +1192,7 @@ static void process_packet(struct connection *conn, const char *prog, char addrbuf[100]; if (getnameinfo(ss2sa(&daddr), daddr_len, addrbuf, sizeof(addrbuf), 0, 0, NI_NUMERICHOST)) - strcpy(addrbuf, "?"); + strlcpy(addrbuf, "?", sizeof(addrbuf)); com_err(prog, 0, "pktinfo says local addr is %s", addrbuf); } #endif @@ -1216,7 +1216,7 @@ static void process_packet(struct connection *conn, const char *prog, krb5_free_data(kdc_context, response); if (inet_ntop(((struct sockaddr *)&saddr)->sa_family, addr.contents, addrbuf, sizeof(addrbuf)) == 0) { - strcpy(addrbuf, "?"); + strlcpy(addrbuf, "?", sizeof(addrbuf)); } com_err(prog, errno, "while sending reply to %s/%d", addrbuf, faddr.port); @@ -1269,7 +1269,7 @@ static void accept_tcp_connection(struct connection *conn, const char *prog, newconn->u.tcp.addrbuf, sizeof(newconn->u.tcp.addrbuf), tmpbuf, sizeof(tmpbuf), NI_NUMERICHOST | NI_NUMERICSERV)) - strcpy(newconn->u.tcp.addrbuf, "???"); + strlcpy(newconn->u.tcp.addrbuf, "???", sizeof(newconn->u.tcp.addrbuf)); else { char *p, *end; p = newconn->u.tcp.addrbuf; @@ -1277,7 +1277,7 @@ static void accept_tcp_connection(struct connection *conn, const char *prog, p += strlen(p); if (end - p > 2 + strlen(tmpbuf)) { *p++ = '.'; - strcpy(p, tmpbuf); + strlcpy(p, tmpbuf, end - p); } } #if 0 diff --git a/src/lib/crypto/cksumtype_to_string.c b/src/lib/crypto/cksumtype_to_string.c index 54a0f3aec..ee1d50ba5 100644 --- a/src/lib/crypto/cksumtype_to_string.c +++ b/src/lib/crypto/cksumtype_to_string.c @@ -34,10 +34,9 @@ krb5_cksumtype_to_string(krb5_cksumtype cksumtype, char *buffer, size_t buflen) for (i=0; i buflen) + if (strlcpy(buffer, krb5_cksumtypes_list[i].out_string, + buflen) >= buflen) return(ENOMEM); - - strcpy(buffer, krb5_cksumtypes_list[i].out_string); return(0); } } diff --git a/src/lib/crypto/enctype_to_string.c b/src/lib/crypto/enctype_to_string.c index f77dbff1c..28fa63ee1 100644 --- a/src/lib/crypto/enctype_to_string.c +++ b/src/lib/crypto/enctype_to_string.c @@ -34,10 +34,9 @@ krb5_enctype_to_string(krb5_enctype enctype, char *buffer, size_t buflen) for (i=0; i buflen) + if (strlcpy(buffer, krb5_enctypes_list[i].out_string, + buflen) >= buflen) return(ENOMEM); - - strcpy(buffer, krb5_enctypes_list[i].out_string); return(0); } } diff --git a/src/lib/kadm5/clnt/Makefile.in b/src/lib/kadm5/clnt/Makefile.in index 36c663f43..3fb46e09b 100644 --- a/src/lib/kadm5/clnt/Makefile.in +++ b/src/lib/kadm5/clnt/Makefile.in @@ -14,8 +14,8 @@ SHLIB_EXPDEPS=\ $(TOPLIBD)/libgssapi_krb5$(SHLIBEXT) \ $(TOPLIBD)/libkrb5$(SHLIBEXT) \ $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ - $(COM_ERR_DEPLIB) -SHLIB_EXPLIBS=-lgssrpc -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err + $(COM_ERR_DEPLIB) $(SUPPORT_LIBDEP) +SHLIB_EXPLIBS=-lgssrpc -lgssapi_krb5 -lkrb5 -lk5crypto $(SUPPORT_LIB) -lcom_err SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) RELDIR=kadm5/clnt diff --git a/src/lib/kadm5/srv/Makefile.in b/src/lib/kadm5/srv/Makefile.in index e6410f2bf..33d8af788 100644 --- a/src/lib/kadm5/srv/Makefile.in +++ b/src/lib/kadm5/srv/Makefile.in @@ -22,9 +22,9 @@ SHLIB_EXPDEPS=\ $(TOPLIBD)/libkdb5$(SHLIBEXT) \ $(TOPLIBD)/libkrb5$(SHLIBEXT) \ $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ - $(COM_ERR_DEPLIB) + $(COM_ERR_DEPLIB) $(SUPPORT_LIBDEP) SHLIB_EXPLIBS = -lgssrpc -lgssapi_krb5 -lkdb5 $(KDB5_DB_LIB) \ - -lkrb5 -lk5crypto -lcom_err @GEN_LIB@ + -lkrb5 -lk5crypto $(SUPPORT_LIB) -lcom_err @GEN_LIB@ SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) RELDIR=kadm5/srv diff --git a/src/lib/kadm5/str_conv.c b/src/lib/kadm5/str_conv.c index 0d142d6de..b9e58aac6 100644 --- a/src/lib/kadm5/str_conv.c +++ b/src/lib/kadm5/str_conv.c @@ -221,8 +221,8 @@ krb5_input_flag_to_string(flag, buffer, buflen) size_t buflen; { if(flag < 0 || flag >= flags_table_nents) return ENOENT; /* End of list */ - if(strlen(flags_table[flag].fl_specifier) > buflen) return ENOMEM; - strcpy(buffer, flags_table[flag].fl_specifier); + if(strlcpy(buffer, flags_table[flag].fl_specifier, buflen) >= buflen) + return ENOMEM; return 0; } diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index eb68f22fd..9c18e5dd8 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -251,7 +251,7 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library * lib) goto clean_n_exit; } - strcpy((*lib)->name, lib_name); + strlcpy((*lib)->name, lib_name, sizeof((*lib)->name)); #if !defined(KDB5_USE_LIB_KDB_DB2) && !defined(KDB5_USE_LIB_TEST) #error No database module defined @@ -341,7 +341,7 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library * lib) goto clean_n_exit; } - strcpy((*lib)->name, lib_name); + strlcpy((*lib)->name, lib_name, sizeof((*lib)->name)); /* Fetch the list of directories specified in the config file(s) first. */ diff --git a/src/lib/kdb/keytab.c b/src/lib/kdb/keytab.c index 227a42e08..fa95e4851 100644 --- a/src/lib/kdb/keytab.c +++ b/src/lib/kdb/keytab.c @@ -41,9 +41,8 @@ static krb5_error_code krb5_ktkdb_get_name(krb5_context context, krb5_keytab keytab, char *name, unsigned int namelen) { - if (namelen < sizeof("KDB:")) + if (strlcpy(name, "KDB:", namelen) >= namelen); return KRB5_KT_NAME_TOOLONG; - strcpy(name, "KDB:"); return 0; } diff --git a/src/lib/krb5/krb/conv_princ.c b/src/lib/krb5/krb/conv_princ.c index 3a1ca63b9..60c811513 100644 --- a/src/lib/krb5/krb/conv_princ.c +++ b/src/lib/krb5/krb/conv_princ.c @@ -169,9 +169,8 @@ krb5_524_conv_principal(krb5_context context, krb5_const_principal princ, * It is, so set the new name now, and chop off * instance's domain name if requested. */ - if (strlen (p->v4_str) > ANAME_SZ - 1) + if (strlcpy(name, p->v4_str, ANAME_SZ) >= ANAME_SZ) return KRB5_INVALID_PRINCIPAL; - strcpy(name, p->v4_str); if (p->flags & DO_REALM_CONVERSION) { compo = krb5_princ_component(context, princ, 1); c = strnchr(compo->data, '.', compo->length); diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index ab491105e..716d3cc43 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -112,11 +112,11 @@ krb5_get_init_creds_password(krb5_context context, pw0.data = pw0array; if (password && password[0]) { - if ((pw0.length = strlen(password)) > sizeof(pw0array)) { - ret = EINVAL; - goto cleanup; + if (strlcpy(pw0.data, password, sizeof(pw0array)) >= sizeof(pw0array)) { + ret = EINVAL; + goto cleanup; } - strcpy(pw0.data, password); + pw0.length = strlen(password); } else { pw0.data[0] = '\0'; pw0.length = sizeof(pw0array); @@ -238,7 +238,8 @@ krb5_get_init_creds_password(krb5_context context, prompt[1].reply = &pw1; prompt_types[1] = KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN; - strcpy(banner, "Password expired. You must change it now."); + strlcpy(banner, "Password expired. You must change it now.", + sizeof(banner)); for (tries = 3; tries; tries--) { pw0.length = sizeof(pw0array); diff --git a/src/lib/krb5/krb/str_conv.c b/src/lib/krb5/krb/str_conv.c index 986274d40..2413cebcd 100644 --- a/src/lib/krb5/krb/str_conv.c +++ b/src/lib/krb5/krb/str_conv.c @@ -118,11 +118,9 @@ krb5_salttype_to_string(krb5_int32 salttype, char *buffer, size_t buflen) } } if (out) { - if (buflen > strlen(out)) - strcpy(buffer, out); - else - out = (char *) NULL; - return((out) ? 0 : ENOMEM); + if (strlcpy(buffer, out, buflen) >= buflen) + return(ENOMEM); + return(0); } else return(EINVAL); diff --git a/src/lib/krb5/os/an_to_ln.c b/src/lib/krb5/os/an_to_ln.c index 6e6dadc57..83bce2bab 100644 --- a/src/lib/krb5/os/an_to_ln.c +++ b/src/lib/krb5/os/an_to_ln.c @@ -600,9 +600,7 @@ rule_an_to_ln(krb5_context context, char *rule, krb5_const_principal aname, cons kret = aname_replacer(selstring, ¤t, &outstring); if (outstring) { /* Copy out the value if there's enough room */ - if (strlen(outstring)+1 <= (size_t) lnsize) - strcpy(lname, outstring); - else + if (strlcpy(lname, outstring, lnsize) >= lnsize) kret = KRB5_CONFIG_NOTENUFSPACE; free(outstring); } @@ -728,9 +726,8 @@ krb5_aname_to_localname(krb5_context context, krb5_const_principal aname, int ln } /* Copy out the value if there's enough room */ - if (strlen(mapping_values[nvalid-1])+1 <= (size_t) lnsize) - strcpy(lname, mapping_values[nvalid-1]); - else + if (strlcpy(lname, mapping_values[nvalid-1], + lnsize) >= lnsize) kret = KRB5_CONFIG_NOTENUFSPACE; /* Free residue */ diff --git a/src/lib/krb5/os/hst_realm.c b/src/lib/krb5/os/hst_realm.c index 258288d93..27641f73a 100644 --- a/src/lib/krb5/os/hst_realm.c +++ b/src/lib/krb5/os/hst_realm.c @@ -99,9 +99,8 @@ krb5_try_realm_txt_rr(const char *prefix, const char *name, char **realm) */ if (name == NULL || name[0] == '\0') { - if (strlen (prefix) >= sizeof(host)-1) + if (strlcpy(host, prefix, sizeof(host)) >= sizeof(host)) return KRB5_ERR_HOST_REALM_UNKNOWN; - strcpy(host,prefix); } else { if ( strlen(prefix) + strlen(name) + 3 > MAXDNAME ) return KRB5_ERR_HOST_REALM_UNKNOWN; diff --git a/src/lib/krb5/os/ktdefname.c b/src/lib/krb5/os/ktdefname.c index 022d93cc5..89bb35fcf 100644 --- a/src/lib/krb5/os/ktdefname.c +++ b/src/lib/krb5/os/ktdefname.c @@ -44,22 +44,19 @@ krb5_kt_default_name(krb5_context context, char *name, int name_size) unsigned int namesize = (name_size < 0 ? 0 : name_size); if (krb5_overridekeyname) { - if (namesize < (strlen(krb5_overridekeyname)+1)) + if (strlcpy(name, krb5_overridekeyname, namesize) >= namesize) return KRB5_CONFIG_NOTENUFSPACE; - strcpy(name, krb5_overridekeyname); } else if ((context->profile_secure == FALSE) && (cp = getenv("KRB5_KTNAME"))) { - if (namesize < (strlen(cp)+1)) + if (strlcpy(name, cp, namesize) >= namesize) return KRB5_CONFIG_NOTENUFSPACE; - strcpy(name, cp); } else if ((profile_get_string(context->profile, "libdefaults", "default_keytab_name", NULL, NULL, &retval) == 0) && retval) { - if (namesize < (strlen(retval)+1)) + if (strlcpy(name, retval, namesize) >= namesize) return KRB5_CONFIG_NOTENUFSPACE; - strcpy(name, retval); profile_release_string(retval); } else { #if defined(_WIN32) @@ -74,9 +71,8 @@ krb5_kt_default_name(krb5_context context, char *name, int name_size) snprintf(name, namesize, krb5_defkeyname, defname); } #else - if (namesize < (strlen(krb5_defkeyname)+1)) + if (strlcpy(name, krb5_defkeyname, namesize) >= namesize) return KRB5_CONFIG_NOTENUFSPACE; - strcpy(name, krb5_defkeyname); #endif } return 0; diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c index 218748273..e95be3af0 100644 --- a/src/lib/krb5/os/sendto_kdc.c +++ b/src/lib/krb5/os/sendto_kdc.c @@ -222,9 +222,9 @@ krb5int_debug_fprint (const char *fmt, ...) /* %A => addrinfo */ ai = va_arg(args, struct addrinfo *); if (ai->ai_socktype == SOCK_DGRAM) - strcpy(tmpbuf, "dgram"); + strlcpy(tmpbuf, "dgram", sizeof(tmpbuf)); else if (ai->ai_socktype == SOCK_STREAM) - strcpy(tmpbuf, "stream"); + strlcpy(tmpbuf, "stream", sizeof(tmpbuf)); else snprintf(tmpbuf, sizeof(tmpbuf), "socktype%d", ai->ai_socktype); if (0 != getnameinfo (ai->ai_addr, ai->ai_addrlen, diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c index 1e67ea034..704e47d6b 100644 --- a/src/plugins/kdb/db2/kdb_db2.c +++ b/src/plugins/kdb/db2/kdb_db2.c @@ -1735,7 +1735,7 @@ krb5_db2_db_rename(context, from, to) retval = errno; goto errout; } - strcat(new_policy, ".lock"); + strlcat(new_policy, ".lock",sizeof(new_policy)); (void) unlink(new_policy); } diff --git a/src/tests/resolve/Makefile.in b/src/tests/resolve/Makefile.in index 2f0815607..f999772b7 100644 --- a/src/tests/resolve/Makefile.in +++ b/src/tests/resolve/Makefile.in @@ -16,7 +16,7 @@ resolve: resolve.o $(CC_LINK) -o $@ resolve.o $(LIBS) addrinfo-test: addrinfo-test.o - $(CC_LINK) -o $@ addrinfo-test.o $(LIBS) + $(CC_LINK) -o $@ addrinfo-test.o $(SUPPORT_LIB) $(LIBS) fake-addrinfo-test: fake-addrinfo-test.o $(CC_LINK) -o $@ fake-addrinfo-test.o $(SUPPORT_LIB) $(LIBS) diff --git a/src/tests/resolve/addrinfo-test.c b/src/tests/resolve/addrinfo-test.c index 35fb0731d..42e4dd62a 100644 --- a/src/tests/resolve/addrinfo-test.c +++ b/src/tests/resolve/addrinfo-test.c @@ -44,6 +44,7 @@ #include #include #include /* needed for IPPROTO_* on NetBSD */ +#include #ifdef USE_FAKE_ADDRINFO #include "fake-addrinfo.h" #endif @@ -284,8 +285,10 @@ int main (int argc, char *argv[]) ap2->ai_addr->sa_family = ap2->ai_family; } if (getnameinfo(ap2->ai_addr, ap2->ai_addrlen, hbuf, sizeof(hbuf), - pbuf, sizeof(pbuf), NI_NUMERICHOST | NI_NUMERICSERV)) - strcpy(hbuf, "..."), strcpy(pbuf, "..."); + pbuf, sizeof(pbuf), NI_NUMERICHOST | NI_NUMERICSERV)) { + strlcpy(hbuf, "...", sizeof(hbuf)); + strlcpy(pbuf, "...", sizeof(pbuf)); + } printf("%p:\n" "\tfamily = %s\tproto = %-4s\tsocktype = %s\n", ap2, familyname(ap2->ai_family), diff --git a/src/util/et/error_message.c b/src/util/et/error_message.c index d9485cdd7..e9d681b6c 100644 --- a/src/util/et/error_message.c +++ b/src/util/et/error_message.c @@ -260,7 +260,7 @@ oops: if (cp == NULL) return "Unknown error code"; cp1 = cp; - strcpy(cp, "Unknown code "); + strlcpy(cp, "Unknown code ", ET_EBUFSIZ); cp += sizeof("Unknown code ") - 1; if (table_num != 0L) { (void) error_table_name_r(table_num, cp); diff --git a/src/util/support/errors.c b/src/util/support/errors.c index cec10337f..b0c2ae013 100644 --- a/src/util/support/errors.c +++ b/src/util/support/errors.c @@ -132,7 +132,8 @@ krb5int_get_error (struct errinfo *ep, long code) if (code == ep->code && ep->msg) { r = strdup(ep->msg); if (r == NULL) { - strcpy(ep->scratch_buf, _("Out of memory")); + strlcpy(ep->scratch_buf, _("Out of memory"), + sizeof(ep->scratch_buf)); r = ep->scratch_buf; } return r; -- 2.26.2