strncat related oflows

diff --git a/kerberosIV/krb/get_admhst.c b/kerberosIV/krb/get_admhst.c
index 1aedd73..a1ea02d 100644 (file)
--- a/kerberosIV/krb/get_admhst.c
+++ b/kerberosIV/krb/get_admhst.c
@@ -64,9 +64,9 @@ krb_get_admhst(h, r, n)
     if ((cnffile = fopen(KRB_CONF,"r")) == NULL) {
         char tbuf[128];
         char *tdir = (char *) getenv("KRBCONFDIR");
-        strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf));
-        strncat(tbuf, "/krb.conf", sizeof(tbuf));
+        strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
         tbuf[sizeof(tbuf)-1] = 0;
+        strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf));
         if ((cnffile = fopen(tbuf,"r")) == NULL)
             return(KFAILURE);
     }

diff --git a/kerberosIV/krb/get_krbhst.c b/kerberosIV/krb/get_krbhst.c
index 05dfa6b..3afd9bc 100644 (file)
--- a/kerberosIV/krb/get_krbhst.c
+++ b/kerberosIV/krb/get_krbhst.c
@@ -72,9 +72,9 @@ krb_get_krbhst(h, r, n)
     if ((cnffile = fopen(KRB_CONF,"r")) == NULL) {
         char tbuf[128];
         char *tdir = (char *) getenv("KRBCONFDIR");
-        strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf));
-        strncat(tbuf, "/krb.conf", sizeof(tbuf));
+        strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
         tbuf[sizeof(tbuf)-1] = 0;
+        strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf));
         if ((cnffile = fopen(tbuf,"r")) == NULL)
             return(KFAILURE);
     }

diff --git a/kerberosIV/krb/get_krbrlm.c b/kerberosIV/krb/get_krbrlm.c
index 36e8549..8d6d259 100644 (file)
--- a/kerberosIV/krb/get_krbrlm.c
+++ b/kerberosIV/krb/get_krbrlm.c
@@ -55,9 +55,9 @@ krb_get_lrealm(r, n)
     if ((cnffile = fopen(KRB_CONF, "r")) == NULL) {
         char tbuf[128];
         char *tdir = (char *) getenv("KRBCONFDIR");
-        strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf));
-        strncat(tbuf, "/krb.conf", sizeof(tbuf));
+        strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
         tbuf[sizeof(tbuf)-1] = 0;
+        strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf));
         if ((cnffile = fopen(tbuf,"r")) == NULL)
             return(KFAILURE);
     }

diff --git a/kerberosIV/krb/getrealm.c b/kerberosIV/krb/getrealm.c
index 6ed0790..52d3427 100644 (file)
--- a/kerberosIV/krb/getrealm.c
+++ b/kerberosIV/krb/getrealm.c
@@ -83,9 +83,9 @@ krb_realmofhost(host)
        if ((trans_file = fopen(KRB_RLM_TRANS, "r")) == (FILE *) 0) {
                char tbuf[128];
                char *tdir = (char *) getenv("KRBCONFDIR");
-               strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf));
-               strncat(tbuf, "/krb.realms", sizeof(tbuf));
-               tbuf[sizeof(tbuf)-1] = 0;
+               strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1);
+               tbuf[sizeof(tbuf)-1] = '\0';
+               strncat(tbuf, "/krb.realms", sizeof(tbuf) - strlen(tbuf));
                if ((trans_file = fopen(tbuf,"r")) == NULL)
                         return(ret_realm[0] ? ret_realm : NULL); /* krb_errno = KRB_NO_TRANS */
        }

diff --git a/kerberosIV/krb/str2key.c b/kerberosIV/krb/str2key.c
index 471bc5e..ecab2ca 100644 (file)
--- a/kerberosIV/krb/str2key.c
+++ b/kerberosIV/krb/str2key.c
@@ -90,10 +90,12 @@ afs_transarc_StringToKey (str, cell, key)
     char password[BUFSIZ];
     int  passlen;
 
-    strncpy (password, str, sizeof(password));
+    strncpy (password, str, sizeof(password)-1);
+    password[sizeof(password)-1] = '\0';
     if ((passlen = strlen (password)) < sizeof(password)-1)
         strncat (password, cell, sizeof(password)-passlen);
-    if ((passlen = strlen(password)) > sizeof(password)) passlen = sizeof(password);
+    if ((passlen = strlen(password)) > sizeof(password))
+       passlen = sizeof(password);
 
     bcopy ("kerberos", &ivec, 8);
     bcopy ("kerberos", &temp_key, 8);