diff options
author | Ken Raeburn <raeburn@mit.edu> | 2000-07-01 01:14:04 +0000 |
---|---|---|
committer | Ken Raeburn <raeburn@mit.edu> | 2000-07-01 01:14:04 +0000 |
commit | 723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad (patch) | |
tree | 465b4fe51a5e3705258e64255635d78d96dd6be6 /src/windows/cns | |
parent | 35414838ecf54b3598f2711d79b2feaf2e75ed2b (diff) | |
download | krb5-723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad.zip krb5-723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad.tar.gz krb5-723cb92bb9dfb9c8b52dd6e9c4296bddf14cbaad.tar.bz2 |
pullup from 1.2-beta4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12499 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/windows/cns')
-rw-r--r-- | src/windows/cns/ChangeLog | 9 | ||||
-rw-r--r-- | src/windows/cns/cns.c | 28 | ||||
-rw-r--r-- | src/windows/cns/cns_reg.c | 8 | ||||
-rw-r--r-- | src/windows/cns/tktlist.c | 23 |
4 files changed, 44 insertions, 24 deletions
diff --git a/src/windows/cns/ChangeLog b/src/windows/cns/ChangeLog index f99c56a..b420e42 100644 --- a/src/windows/cns/ChangeLog +++ b/src/windows/cns/ChangeLog @@ -1,3 +1,12 @@ +2000-05-08 Ken Raeburn <raeburn@mit.edu> + Nalin Dahyabhai <nalin@redhat.com> + + * cns.c (kwin_push_login): Don't overflow buffer "fullname". + (kwin_command): Don't overflow buffer "copyright". + * cns_reg.c (cns_load_registry): Don't overflow buffer + "cns_res.def_confname". + * tktlist.c (ticket_init_list): Don't overflow buffer "buf". + 1999-12-03 Danilo Almeida <dalmeida@mit.edu> * Makefile.in: Windows fix for updated win-pre.in. diff --git a/src/windows/cns/cns.c b/src/windows/cns/cns.c index 7af81fc..512f2f5 100644 --- a/src/windows/cns/cns.c +++ b/src/windows/cns/cns.c @@ -384,12 +384,13 @@ kwin_push_login(HWND hwnd, char *name, char *instance, char *realm) char menuitem[MAX_K_NAME_SZ + 3]; BOOL rc; - strcpy(fullname, "&x "); - strcat(fullname, name); - strcat(fullname, "."); - strcat(fullname, instance); - strcat(fullname, "@"); - strcat(fullname, realm); + fullname[sizeof(fullname) - 1] = '\0'; + strncpy(fullname, "&x ", sizeof(fullname) - 1); + strncat(fullname, name, sizeof(fullname) - 1 - strlen(fullname)); + strncat(fullname, ".", sizeof(fullname) - 1 - strlen(fullname)); + strncat(fullname, instance, sizeof(fullname) - 1 - strlen(fullname)); + strncat(fullname, "@", sizeof(fullname) - 1 - strlen(fullname)); + strncat(fullname, realm, sizeof(fullname) - 1 - strlen(fullname)); hmenu = GetMenu(hwnd); assert(hmenu != NULL); @@ -1339,14 +1340,16 @@ kwin_command(HWND hwnd, int cid, HWND hwndCtl, UINT codeNotify) strcpy(copyright, " Kerberos V5 for Windows "); #endif #ifdef _WIN32 - strcat(copyright, "32-bit\n"); + strncat(copyright, "32-bit\n", sizeof(copyright) - 1 - strlen(copyright)); #else - strcat(copyright, "16-bit\n"); + strncat(copyright, "16-bit\n", sizeof(copyright) - 1 - strlen(copyright)); #endif - strcat(copyright, "\n Version 1.12\n\n"); + strncat(copyright, "\n Version 1.12\n\n", + sizeof(copyright) - 1 - strlen(copyright)); #ifdef ORGANIZATION - strcat(copyright, " For information, contact:\n"); - strcat(copyright, ORGANIZATION); + strncat(copyright, " For information, contact:\n", + sizeof(copyright) - 1 - strlen(copyright)); + strncat(copyright, ORGANIZATION, sizeof(copyright) - 1 - strlen(copyright)); #endif MessageBox(hwnd, copyright, KWIN_DIALOG_NAME, MB_OK); @@ -1469,8 +1472,9 @@ kwin_paint(HWND hwnd) sprintf(buf, "%s - %ld hr", KWIN_DIALOG_NAME, dt); } + buf[sizeof(buf) - 1] = '\0'; if (dt > 1) - strcat(buf, "s"); + strncat(buf, "s", sizeof(buf) - 1 - strlen(buf)); } DrawIcon(hdc, r.left, r.top, hicon); diff --git a/src/windows/cns/cns_reg.c b/src/windows/cns/cns_reg.c index 400d72d..160eb15 100644 --- a/src/windows/cns/cns_reg.c +++ b/src/windows/cns/cns_reg.c @@ -74,8 +74,12 @@ cns_load_registry(void) if (key != INVALID_HANDLE_VALUE) { if (registry_string_get(key, KERBNET_HOME, &ts) == 0) { cns_res.conf_override = 0; - strcpy(cns_res.def_confname, ts); - strcat(cns_res.def_confname, "\\etc\\krb5.conf"); + cns_res.def_confname[sizeof(cns_res.def_confname) - 1]; + strncpy(cns_res.def_confname, ts, + sizeof(cns_res.def_confname) - 1); + strncat(cns_res.def_confname, "\\etc\\krb5.conf", + sizeof(cns_res.def_confname) - 1 - + strlen(cns_res.def_confname)); free(ts); } diff --git a/src/windows/cns/tktlist.c b/src/windows/cns/tktlist.c index 62b6eb8..5e15201 100644 --- a/src/windows/cns/tktlist.c +++ b/src/windows/cns/tktlist.c @@ -122,11 +122,12 @@ ticket_init_list (HWND hwnd) krb_get_nth_cred(service, instance, realm, i); krb_get_cred(service, instance, realm, &c); strcpy(buf, " "); - strcat(buf, short_date(c.issue_date - kwin_get_epoch())); + strncat(buf, short_date(c.issue_date - kwin_get_epoch()), + sizeof(buf) - 1 - strlen(buf)); expiration = c.issue_date - kwin_get_epoch() + (long) c.lifetime * 5L * 60L; - strcat (buf, " "); - strcat(buf, short_date(expiration)); - strcat (buf, " "); + strncat(buf, " ", sizeof(buf) - 1 - strlen(buf)); + strncat(buf, short_date(expiration), sizeof(buf) - 1 - strlen(buf)); + strncat(buf, " ", sizeof(buf) - 1 - strlen(buf)); l = strlen(buf); sprintf(&buf[l], "%s%s%s%s%s (%d)", c.service, (c.instance[0] ? "." : ""), c.instance, @@ -172,10 +173,12 @@ ticket_init_list (HWND hwnd) ncred++; strcpy (buf, " "); - strcat (buf, short_date (c.times.starttime - kwin_get_epoch())); - strcat (buf, " "); - strcat (buf, short_date (c.times.endtime - kwin_get_epoch())); - strcat (buf, " "); + strncat(buf, short_date (c.times.starttime - kwin_get_epoch()), + sizeof(buf) - 1 - strlen(buf)); + strncat(buf, " ", sizeof(buf) - 1 - strlen(buf)); + strncat(buf, short_date (c.times.endtime - kwin_get_epoch()), + sizeof(buf) - 1 - strlen(buf)); + strncat(buf, " ", sizeof(buf) - 1 - strlen(buf)); /* Add ticket service name and realm */ code = krb5_unparse_name (k5_context, c.server, &sname); @@ -183,9 +186,9 @@ ticket_init_list (HWND hwnd) com_err (NULL, code, "while unparsing server name"); break; } - strcat (buf, sname); + strncat (buf, sname, sizeof(buf) - 1 - strlen(buf)); - strcat (buf, flags_string (&c)); /* Add flag info */ + strncat (buf, flags_string (&c), sizeof(buf) - 1 - strlen(buf)); /* Add flag info */ l = strlen(buf); lpinfo = (LPTICKETINFO) malloc(sizeof(TICKETINFO) + l + 1); |