Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- fix buffer size checks 

- define PKG_PATTEN_MAX and PKG_SUFFIX_MAX and
  use them instead of constants like 255.
- add asserts and buffer size checks.
This commit is contained in:
yamt 2002-06-09 03:50:13 +00:00
parent ae85a7c2df
commit f2a19ed936
3 changed files with 29 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
usr.sbin/pkg_install/lib/file.c
View File

@ -1,11 +1,11 @@
/* $NetBSD: file.c,v 1.48 2001/09/26 13:48:28 hubertf Exp $ */ /* $NetBSD: file.c,v 1.49 2002/06/09 03:50:13 yamt Exp $ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
#ifndef lint #ifndef lint
#if 0 #if 0
static const char *rcsid = "from FreeBSD Id: file.c,v 1.29 1997/10/08 07:47:54 charnier Exp"; static const char *rcsid = "from FreeBSD Id: file.c,v 1.29 1997/10/08 07:47:54 charnier Exp";
#else #else
__RCSID("$NetBSD: file.c,v 1.48 2001/09/26 13:48:28 hubertf Exp $"); __RCSID("$NetBSD: file.c,v 1.49 2002/06/09 03:50:13 yamt Exp $");
#endif #endif
#endif #endif
@ -180,13 +180,15 @@ fileURLHost(char *fname, char *where, int max)
char *ret; char *ret;
int i; int i;
assert(max > 0);
if ((i = URLlength(fname)) < 0) { /* invalid URL? */ if ((i = URLlength(fname)) < 0) { /* invalid URL? */
errx(1, "fileURLhost called with a bad URL: `%s'", fname); errx(1, "fileURLhost called with a bad URL: `%s'", fname);
} }
fname += i; fname += i;
/* Do we have a place to stick our work? */ /* Do we have a place to stick our work? */
if ((ret = where) != NULL) { if ((ret = where) != NULL) {
while (*fname && *fname != '/' && max--) while (*fname && *fname != '/' && --max)
*where++ = *fname++; *where++ = *fname++;
*where = '\0'; *where = '\0';
return ret; return ret;
@ -208,6 +210,8 @@ fileURLFilename(char *fname, char *where, int max)
char *ret; char *ret;
int i; int i;
assert(max > 0);
if ((i = URLlength(fname)) < 0) { /* invalid URL? */ if ((i = URLlength(fname)) < 0) { /* invalid URL? */
errx(1, "fileURLFilename called with a bad URL: `%s'", fname); errx(1, "fileURLFilename called with a bad URL: `%s'", fname);
} }
@ -217,7 +221,7 @@ fileURLFilename(char *fname, char *where, int max)
while (*fname && *fname != '/') while (*fname && *fname != '/')
++fname; ++fname;
if (*fname == '/') { if (*fname == '/') {
while (*fname && max--) while (*fname && --max)
*where++ = *fname++; *where++ = *fname++;
} }
*where = '\0'; *where = '\0';

5
usr.sbin/pkg_install/lib/lib.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: lib.h,v 1.38 2002/05/10 13:17:57 agc Exp $ */ /* $NetBSD: lib.h,v 1.39 2002/06/09 03:50:13 yamt Exp $ */
/* from FreeBSD Id: lib.h,v 1.25 1997/10/08 07:48:03 charnier Exp */ /* from FreeBSD Id: lib.h,v 1.25 1997/10/08 07:48:03 charnier Exp */
@ -94,6 +94,9 @@
/* The name of the "prefix" environment variable given to scripts */ /* The name of the "prefix" environment variable given to scripts */
#define PKG_PREFIX_VNAME "PKG_PREFIX" #define PKG_PREFIX_VNAME "PKG_PREFIX"
#define PKG_PATTERN_MAX FILENAME_MAX /* max length of pattern, including nul */
#define PKG_SUFFIX_MAX 10 /* max length of suffix, including nul */
/* This should only happen on 1.3 and 1.3.1, not 1.3.2 and up */ /* This should only happen on 1.3 and 1.3.1, not 1.3.2 and up */
#ifndef TAILQ_FIRST #ifndef TAILQ_FIRST
#define TAILQ_FIRST(head) ((head)->tqh_first) #define TAILQ_FIRST(head) ((head)->tqh_first)

24
usr.sbin/pkg_install/lib/str.c
View File

@ -1,11 +1,11 @@
/* $NetBSD: str.c,v 1.33 2002/02/02 15:30:18 yamt Exp $ */ /* $NetBSD: str.c,v 1.34 2002/06/09 03:50:13 yamt Exp $ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
#ifndef lint #ifndef lint
#if 0 #if 0
static const char *rcsid = "Id: str.c,v 1.5 1997/10/08 07:48:21 charnier Exp"; static const char *rcsid = "Id: str.c,v 1.5 1997/10/08 07:48:21 charnier Exp";
#else #else
__RCSID("$NetBSD: str.c,v 1.33 2002/02/02 15:30:18 yamt Exp $"); __RCSID("$NetBSD: str.c,v 1.34 2002/06/09 03:50:13 yamt Exp $");
#endif #endif
#endif #endif
@ -424,10 +424,13 @@ int
findmatchingname(const char *dir, const char *pattern, matchfn match, char *data) findmatchingname(const char *dir, const char *pattern, matchfn match, char *data)
{ {
struct dirent *dp; struct dirent *dp;
char tmp_pattern[256]; char tmp_pattern[PKG_PATTERN_MAX];
DIR *dirp; DIR *dirp;
int found; int found;
char pat_sfx[256], file_sfx[256]; /* suffixes */ char pat_sfx[PKG_SUFFIX_MAX], file_sfx[PKG_SUFFIX_MAX]; /* suffixes */
if (strlen(pattern) >= PKG_PATTERN_MAX)
errx(1, "too long pattern '%s'", pattern);
found = 0; found = 0;
if ((dirp = opendir(dir)) == (DIR *) NULL) { if ((dirp = opendir(dir)) == (DIR *) NULL) {
@ -486,8 +489,8 @@ int
findbestmatchingname_fn(const char *found, char *best) findbestmatchingname_fn(const char *found, char *best)
{ {
char *found_version, *best_version; char *found_version, *best_version;
char found_no_sfx[255]; char found_no_sfx[PKG_PATTERN_MAX];
char best_no_sfx[255]; char best_no_sfx[PKG_PATTERN_MAX];
/* The same suffix-hack-off again, but we can't do it /* The same suffix-hack-off again, but we can't do it
* otherwise without changing the function call interface * otherwise without changing the function call interface
@ -573,6 +576,8 @@ strip_txz(char *buf, char *sfx, const char *fname)
{ {
char *s; char *s;
assert(strlen(fname) < PKG_PATTERN_MAX);
strcpy(buf, fname); strcpy(buf, fname);
if (sfx) sfx[0] = '\0'; if (sfx) sfx[0] = '\0';
@ -591,6 +596,11 @@ strip_txz(char *buf, char *sfx, const char *fname)
s = strstr(buf, ".t[bg]z"); s = strstr(buf, ".t[bg]z");
if (s) { if (s) {
*s = '\0'; /* strip off any ".t[bg]z" */ *s = '\0'; /* strip off any ".t[bg]z" */
if (sfx) strcpy(sfx, s - buf + fname); if (sfx) {
const char *p = s - buf + fname;
if (strlen(p) >= PKG_SUFFIX_MAX)
errx(1, "too long suffix '%s'", fname);
strcpy(sfx, p);
}
} }
} }