From 9179426fbc31a77bf7f3c6d3596289fda21f5a78 Mon Sep 17 00:00:00 2001 From: deraadt Date: Mon, 16 Dec 1996 17:09:03 +0000 Subject: [PATCH] strncat related oflows --- kerberosIV/krb/get_admhst.c | 4 ++-- kerberosIV/krb/get_krbhst.c | 4 ++-- kerberosIV/krb/get_krbrlm.c | 4 ++-- kerberosIV/krb/getrealm.c | 6 +++--- kerberosIV/krb/str2key.c | 6 ++++-- 5 files changed, 13 insertions(+), 11 deletions(-) diff --git a/kerberosIV/krb/get_admhst.c b/kerberosIV/krb/get_admhst.c index 1aedd738a10..a1ea02d2af7 100644 --- a/kerberosIV/krb/get_admhst.c +++ b/kerberosIV/krb/get_admhst.c @@ -64,9 +64,9 @@ krb_get_admhst(h, r, n) if ((cnffile = fopen(KRB_CONF,"r")) == NULL) { char tbuf[128]; char *tdir = (char *) getenv("KRBCONFDIR"); - strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)); - strncat(tbuf, "/krb.conf", sizeof(tbuf)); + strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1); tbuf[sizeof(tbuf)-1] = 0; + strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf)); if ((cnffile = fopen(tbuf,"r")) == NULL) return(KFAILURE); } diff --git a/kerberosIV/krb/get_krbhst.c b/kerberosIV/krb/get_krbhst.c index 05dfa6bfb0b..3afd9bc3d5b 100644 --- a/kerberosIV/krb/get_krbhst.c +++ b/kerberosIV/krb/get_krbhst.c @@ -72,9 +72,9 @@ krb_get_krbhst(h, r, n) if ((cnffile = fopen(KRB_CONF,"r")) == NULL) { char tbuf[128]; char *tdir = (char *) getenv("KRBCONFDIR"); - strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)); - strncat(tbuf, "/krb.conf", sizeof(tbuf)); + strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1); tbuf[sizeof(tbuf)-1] = 0; + strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf)); if ((cnffile = fopen(tbuf,"r")) == NULL) return(KFAILURE); } diff --git a/kerberosIV/krb/get_krbrlm.c b/kerberosIV/krb/get_krbrlm.c index 36e8549b14d..8d6d259bf91 100644 --- a/kerberosIV/krb/get_krbrlm.c +++ b/kerberosIV/krb/get_krbrlm.c @@ -55,9 +55,9 @@ krb_get_lrealm(r, n) if ((cnffile = fopen(KRB_CONF, "r")) == NULL) { char tbuf[128]; char *tdir = (char *) getenv("KRBCONFDIR"); - strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)); - strncat(tbuf, "/krb.conf", sizeof(tbuf)); + strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1); tbuf[sizeof(tbuf)-1] = 0; + strncat(tbuf, "/krb.conf", sizeof(tbuf)-strlen(tbuf)); if ((cnffile = fopen(tbuf,"r")) == NULL) return(KFAILURE); } diff --git a/kerberosIV/krb/getrealm.c b/kerberosIV/krb/getrealm.c index 6ed07909c4a..52d3427721b 100644 --- a/kerberosIV/krb/getrealm.c +++ b/kerberosIV/krb/getrealm.c @@ -83,9 +83,9 @@ krb_realmofhost(host) if ((trans_file = fopen(KRB_RLM_TRANS, "r")) == (FILE *) 0) { char tbuf[128]; char *tdir = (char *) getenv("KRBCONFDIR"); - strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)); - strncat(tbuf, "/krb.realms", sizeof(tbuf)); - tbuf[sizeof(tbuf)-1] = 0; + strncpy(tbuf, tdir ? tdir : "/etc", sizeof(tbuf)-1); + tbuf[sizeof(tbuf)-1] = '\0'; + strncat(tbuf, "/krb.realms", sizeof(tbuf) - strlen(tbuf)); if ((trans_file = fopen(tbuf,"r")) == NULL) return(ret_realm[0] ? ret_realm : NULL); /* krb_errno = KRB_NO_TRANS */ } diff --git a/kerberosIV/krb/str2key.c b/kerberosIV/krb/str2key.c index 471bc5e4c23..ecab2caaed5 100644 --- a/kerberosIV/krb/str2key.c +++ b/kerberosIV/krb/str2key.c @@ -90,10 +90,12 @@ afs_transarc_StringToKey (str, cell, key) char password[BUFSIZ]; int passlen; - strncpy (password, str, sizeof(password)); + strncpy (password, str, sizeof(password)-1); + password[sizeof(password)-1] = '\0'; if ((passlen = strlen (password)) < sizeof(password)-1) strncat (password, cell, sizeof(password)-passlen); - if ((passlen = strlen(password)) > sizeof(password)) passlen = sizeof(password); + if ((passlen = strlen(password)) > sizeof(password)) + passlen = sizeof(password); bcopy ("kerberos", &ivec, 8); bcopy ("kerberos", &temp_key, 8); -- 2.20.1