convert explicit length check before unchecked snprintf() with just a
overflow checked snprintf(). for res_debug.c and res_query.c, convert from sprintf() to snprintf(). tested scp and rcp fail properly with too-long paths. tested getaddrinfo fails as expected for too-long domains. tested dig and ping for similar (res_debug.c/res_query.c). created a temporary fs with quotas to test edquota with a long EDITOR. did not test ypserv directly, but it's the same pattern. avoids GCC 12 snprintf() warnings, and reduces total code size.
This commit is contained in:
parent
e39f33a8c4
commit
f386908b27
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: rcp.c,v 1.52 2022/07/18 13:01:59 rin Exp $ */
|
||||
/* $NetBSD: rcp.c,v 1.53 2023/08/01 08:47:24 mrg Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1983, 1990, 1992, 1993
|
||||
|
@ -39,7 +39,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 1990, 1992, 1993\
|
|||
#if 0
|
||||
static char sccsid[] = "@(#)rcp.c 8.2 (Berkeley) 4/2/94";
|
||||
#else
|
||||
__RCSID("$NetBSD: rcp.c,v 1.52 2022/07/18 13:01:59 rin Exp $");
|
||||
__RCSID("$NetBSD: rcp.c,v 1.53 2023/08/01 08:47:24 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
|
@ -466,11 +466,11 @@ rsource(char *name, struct stat *statp)
|
|||
continue;
|
||||
if (!strcmp(dp->d_name, dot) || !strcmp(dp->d_name, ".."))
|
||||
continue;
|
||||
if (strlen(name) + 1 + strlen(dp->d_name) >= MAXPATHLEN - 1) {
|
||||
if (snprintf(path, sizeof(path), "%s/%s", name, dp->d_name) >=
|
||||
sizeof(path)) {
|
||||
run_err("%s/%s: name too long", name, dp->d_name);
|
||||
continue;
|
||||
}
|
||||
(void)snprintf(path, sizeof(path), "%s/%s", name, dp->d_name);
|
||||
vect[0] = path;
|
||||
source(1, vect);
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: scp.c,v 1.38 2023/07/28 04:40:54 rin Exp $ */
|
||||
/* $NetBSD: scp.c,v 1.39 2023/08/01 08:47:25 mrg Exp $ */
|
||||
/* $OpenBSD: scp.c,v 1.253 2023/03/03 03:12:24 dtucker Exp $ */
|
||||
/*
|
||||
* scp - secure remote copy. This is basically patched BSD rcp which
|
||||
|
@ -73,7 +73,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
__RCSID("$NetBSD: scp.c,v 1.38 2023/07/28 04:40:54 rin Exp $");
|
||||
__RCSID("$NetBSD: scp.c,v 1.39 2023/08/01 08:47:25 mrg Exp $");
|
||||
|
||||
#include <sys/param.h> /* roundup MAX */
|
||||
#include <sys/types.h>
|
||||
|
@ -1476,11 +1476,11 @@ rsource(char *name, struct stat *statp)
|
|||
continue;
|
||||
if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, ".."))
|
||||
continue;
|
||||
if (strlen(name) + 1 + strlen(dp->d_name) >= sizeof(path) - 1) {
|
||||
if ((size_t)snprintf(path, sizeof path, "%s/%s",
|
||||
name, dp->d_name) >= sizeof path) {
|
||||
run_err("%s/%s: name too long", name, dp->d_name);
|
||||
continue;
|
||||
}
|
||||
(void) snprintf(path, sizeof path, "%s/%s", name, dp->d_name);
|
||||
vect[0] = path;
|
||||
source(1, vect);
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: getaddrinfo.c,v 1.123 2022/04/19 20:32:15 rillig Exp $ */
|
||||
/* $NetBSD: getaddrinfo.c,v 1.124 2023/08/01 08:47:25 mrg Exp $ */
|
||||
/* $KAME: getaddrinfo.c,v 1.29 2000/08/31 17:26:57 itojun Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -55,7 +55,7 @@
|
|||
|
||||
#include <sys/cdefs.h>
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
__RCSID("$NetBSD: getaddrinfo.c,v 1.123 2022/04/19 20:32:15 rillig Exp $");
|
||||
__RCSID("$NetBSD: getaddrinfo.c,v 1.124 2023/08/01 08:47:25 mrg Exp $");
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#ifndef RUMP_ACTION
|
||||
|
@ -2820,7 +2820,7 @@ res_querydomainN(const char *name, const char *domain,
|
|||
{
|
||||
char nbuf[MAXDNAME];
|
||||
const char *longname = nbuf;
|
||||
size_t n, d;
|
||||
size_t n;
|
||||
|
||||
_DIAGASSERT(name != NULL);
|
||||
/* XXX: target may be NULL??? */
|
||||
|
@ -2841,18 +2841,15 @@ res_querydomainN(const char *name, const char *domain,
|
|||
return -1;
|
||||
}
|
||||
if (n > 0 && name[--n] == '.') {
|
||||
strncpy(nbuf, name, n);
|
||||
nbuf[n] = '\0';
|
||||
snprintf(nbuf, sizeof(nbuf), "%*s", (int)n, name);
|
||||
} else
|
||||
longname = name;
|
||||
} else {
|
||||
n = strlen(name);
|
||||
d = strlen(domain);
|
||||
if (n + 1 + d + 1 > sizeof(nbuf)) {
|
||||
if ((size_t)snprintf(nbuf, sizeof(nbuf), "%s.%s",
|
||||
name, domain) >= sizeof(nbuf)) {
|
||||
h_errno = NO_RECOVERY;
|
||||
return -1;
|
||||
}
|
||||
snprintf(nbuf, sizeof(nbuf), "%s.%s", name, domain);
|
||||
}
|
||||
return res_queryN(longname, target, res);
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: res_debug.c,v 1.16 2021/09/16 20:17:46 andvar Exp $ */
|
||||
/* $NetBSD: res_debug.c,v 1.17 2023/08/01 08:47:25 mrg Exp $ */
|
||||
|
||||
/*
|
||||
* Portions Copyright (C) 2004, 2005, 2008, 2009 Internet Systems Consortium, Inc. ("ISC")
|
||||
|
@ -97,7 +97,7 @@
|
|||
static const char sccsid[] = "@(#)res_debug.c 8.1 (Berkeley) 6/4/93";
|
||||
static const char rcsid[] = "Id: res_debug.c,v 1.19 2009/02/26 11:20:20 tbox Exp";
|
||||
#else
|
||||
__RCSID("$NetBSD: res_debug.c,v 1.16 2021/09/16 20:17:46 andvar Exp $");
|
||||
__RCSID("$NetBSD: res_debug.c,v 1.17 2023/08/01 08:47:25 mrg Exp $");
|
||||
#endif
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
|
@ -1183,9 +1183,13 @@ p_secstodate (u_long secs) {
|
|||
#endif
|
||||
mytime->tm_year += 1900;
|
||||
mytime->tm_mon += 1;
|
||||
sprintf(output, "%04d%02d%02d%02d%02d%02d",
|
||||
mytime->tm_year, mytime->tm_mon, mytime->tm_mday,
|
||||
mytime->tm_hour, mytime->tm_min, mytime->tm_sec);
|
||||
if ((size_t)snprintf(output, sizeof p_secstodate_output,
|
||||
"%04d%02d%02d%02d%02d%02d",
|
||||
mytime->tm_year, mytime->tm_mon, mytime->tm_mday,
|
||||
mytime->tm_hour, mytime->tm_min, mytime->tm_sec) >
|
||||
sizeof p_secstodate_output) {
|
||||
output[sizeof(p_secstodate_output) - 1] = 0;
|
||||
}
|
||||
return (output);
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: res_query.c,v 1.16 2015/02/24 17:56:20 christos Exp $ */
|
||||
/* $NetBSD: res_query.c,v 1.17 2023/08/01 08:47:25 mrg Exp $ */
|
||||
|
||||
/*
|
||||
* Portions Copyright (C) 2004, 2005, 2008 Internet Systems Consortium, Inc. ("ISC")
|
||||
|
@ -89,7 +89,7 @@
|
|||
static const char sccsid[] = "@(#)res_query.c 8.1 (Berkeley) 6/4/93";
|
||||
static const char rcsid[] = "Id: res_query.c,v 1.11 2008/11/14 02:36:51 marka Exp";
|
||||
#else
|
||||
__RCSID("$NetBSD: res_query.c,v 1.16 2015/02/24 17:56:20 christos Exp $");
|
||||
__RCSID("$NetBSD: res_query.c,v 1.17 2023/08/01 08:47:25 mrg Exp $");
|
||||
#endif
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
|
@ -398,7 +398,7 @@ res_nquerydomain(res_state statp,
|
|||
{
|
||||
char nbuf[MAXDNAME];
|
||||
const char *longname = nbuf;
|
||||
size_t n, d;
|
||||
size_t n;
|
||||
|
||||
#ifdef DEBUG
|
||||
if (statp->options & RES_DEBUG)
|
||||
|
@ -416,18 +416,15 @@ res_nquerydomain(res_state statp,
|
|||
return (-1);
|
||||
}
|
||||
if (n && name[--n] == '.') {
|
||||
strncpy(nbuf, name, n);
|
||||
nbuf[n] = '\0';
|
||||
snprintf(nbuf, sizeof(nbuf), "%*s", (int)n, name);
|
||||
} else
|
||||
longname = name;
|
||||
} else {
|
||||
n = strlen(name);
|
||||
d = strlen(domain);
|
||||
if (n + d + 1 >= MAXDNAME) {
|
||||
if ((size_t)snprintf(nbuf, sizeof(nbuf), "%s.%s",
|
||||
name, domain) >= sizeof(nbuf)) {
|
||||
RES_SET_H_ERRNO(statp, NO_RECOVERY);
|
||||
return (-1);
|
||||
}
|
||||
sprintf(nbuf, "%s.%s", name, domain);
|
||||
}
|
||||
return (res_nquery(statp, longname, class, type, answer, anslen));
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: edquota.c,v 1.53 2021/11/09 09:21:31 nia Exp $ */
|
||||
/* $NetBSD: edquota.c,v 1.54 2023/08/01 08:47:25 mrg Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1980, 1990, 1993
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
|
@ -41,7 +41,7 @@ __COPYRIGHT("@(#) Copyright (c) 1980, 1990, 1993\
|
|||
#if 0
|
||||
static char sccsid[] = "from: @(#)edquota.c 8.3 (Berkeley) 4/27/95";
|
||||
#else
|
||||
__RCSID("$NetBSD: edquota.c,v 1.53 2021/11/09 09:21:31 nia Exp $");
|
||||
__RCSID("$NetBSD: edquota.c,v 1.54 2023/08/01 08:47:25 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
|
@ -752,10 +752,10 @@ top:
|
|||
setuid(getuid());
|
||||
if ((ed = getenv("EDITOR")) == (char *)0)
|
||||
ed = _PATH_VI;
|
||||
if (strlen(ed) + strlen(ltmpfile) + 2 >= MAX_TMPSTR) {
|
||||
if ((size_t)snprintf(p, sizeof(p), "%s %s", ed, ltmpfile) >=
|
||||
sizeof(p)) {
|
||||
errx(1, "%s", "editor or filename too long");
|
||||
}
|
||||
snprintf(p, sizeof(p), "%s %s", ed, ltmpfile);
|
||||
execlp(_PATH_BSHELL, _PATH_BSHELL, "-c", p, NULL);
|
||||
err(1, "%s", ed);
|
||||
default:
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: ypdb.c,v 1.12 2017/01/10 21:06:17 christos Exp $ */
|
||||
/* $NetBSD: ypdb.c,v 1.13 2023/08/01 08:47:25 mrg Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1990, 1993
|
||||
|
@ -38,7 +38,7 @@
|
|||
|
||||
#include <sys/cdefs.h>
|
||||
#ifndef lint
|
||||
__RCSID("$NetBSD: ypdb.c,v 1.12 2017/01/10 21:06:17 christos Exp $");
|
||||
__RCSID("$NetBSD: ypdb.c,v 1.13 2023/08/01 08:47:25 mrg Exp $");
|
||||
#endif
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -82,11 +82,11 @@ ypdb_open(const char *file)
|
|||
suffix = "";
|
||||
else
|
||||
suffix = YPDB_SUFFIX;
|
||||
if (strlen(file) + strlen(suffix) > (sizeof(path) - 1)) {
|
||||
if ((size_t)snprintf(path, sizeof(path), "%s%s", file, suffix) >
|
||||
sizeof(path)) {
|
||||
warnx("File name `%s' is too long", file);
|
||||
return (NULL);
|
||||
return NULL;
|
||||
}
|
||||
snprintf(path, sizeof(path), "%s%s", file, suffix);
|
||||
return _ypdb_dbopen(path, O_RDONLY, 0444);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue