aboutsummaryrefslogtreecommitdiff
path: root/src/appl/gssftp/ftp
diff options
context:
space:
mode:
Diffstat (limited to 'src/appl/gssftp/ftp')
-rw-r--r--src/appl/gssftp/ftp/ChangeLog17
-rw-r--r--src/appl/gssftp/ftp/cmds.c13
-rw-r--r--src/appl/gssftp/ftp/domacro.c18
-rw-r--r--src/appl/gssftp/ftp/ftp.c46
-rw-r--r--src/appl/gssftp/ftp/glob.c12
-rw-r--r--src/appl/gssftp/ftp/main.c3
-rw-r--r--src/appl/gssftp/ftp/secure.c5
7 files changed, 84 insertions, 30 deletions
diff --git a/src/appl/gssftp/ftp/ChangeLog b/src/appl/gssftp/ftp/ChangeLog
index 22a29c3..a5d2265 100644
--- a/src/appl/gssftp/ftp/ChangeLog
+++ b/src/appl/gssftp/ftp/ChangeLog
@@ -1,3 +1,20 @@
+2000-05-11 Nalin Dahyabhai <nalin@redhat.com>
+
+ * domacro.c (domacro): Don't overflow "line2"
+ * ftp.c (getreply, krb4 compat): Bail if message data too big for buffer
+ (getreply, gssapi): Ditto.
+ (pswitch): Don't overflow "ntin", "ntout", "mapin", "mapout".
+ (do_auth, krb4 compat): Don't overflow "realm".
+
+2000-04-27 Nalin Dahyabhai <nalin@redhat.com>
+
+ * cmds.c (remglob): Don't overflow buffer "temp".
+ (shell): Don't overflow buffer "shellnam".
+ (quote1): "buf"
+ * glob.c (ftpglob): Fix boundary in buffer "agpath".
+ (expand): Don't overflow buffer pointed to by "gpath".
+ (execbrc): Don't overflow buffer "restbuf".
+
2000-02-18 Ken Raeburn <raeburn@mit.edu>
* cmds.c (mls): Declare some variables volatile to protect against
diff --git a/src/appl/gssftp/ftp/cmds.c b/src/appl/gssftp/ftp/cmds.c
index 2a8e775..0006e4f 100644
--- a/src/appl/gssftp/ftp/cmds.c
+++ b/src/appl/gssftp/ftp/cmds.c
@@ -1049,7 +1049,8 @@ remglob(argv,doswitch)
return (cp);
}
if (ftemp == NULL) {
- (void) strcpy(temp, _PATH_TMP);
+ (void) strncpy(temp, _PATH_TMP, sizeof(temp) - 1);
+ temp[sizeof(temp) - 1] = '\0';
(void) mktemp(temp);
oldverbose = verbose, verbose = 0;
oldhash = hash, hash = 0;
@@ -1510,7 +1511,8 @@ shell(argc, argv)
if (namep == NULL)
namep = shell;
(void) strcpy(shellnam,"-");
- (void) strcat(shellnam, ++namep);
+ (void) strncat(shellnam, ++namep, sizeof(shellnam) - 1 - strlen(shellnam));
+ shellnam[sizeof(shellnam) - 1] = '\0';
if (strcmp(namep, "sh") != 0)
shellnam[0] = '+';
if (debug) {
@@ -1702,13 +1704,14 @@ quote1(initial, argc, argv)
register int i, len;
char buf[FTP_BUFSIZ]; /* must be >= sizeof(line) */
- (void) strcpy(buf, initial);
+ (void) strncpy(buf, initial, sizeof(buf) - 1);
+ buf[sizeof(buf) - 1] = '\0';
if (argc > 1) {
len = strlen(buf);
- len += strlen(strcpy(&buf[len], argv[1]));
+ len += strlen(strncpy(&buf[len], argv[1], sizeof(buf) - 1 - len));
for (i = 2; i < argc; i++) {
buf[len++] = ' ';
- len += strlen(strcpy(&buf[len], argv[i]));
+ len += strlen(strncpy(&buf[len], argv[i], sizeof(buf) - 1 - len));
}
}
if (command(buf) == PRELIM) {
diff --git a/src/appl/gssftp/ftp/domacro.c b/src/appl/gssftp/ftp/domacro.c
index 9bc277b..ecfe9b4 100644
--- a/src/appl/gssftp/ftp/domacro.c
+++ b/src/appl/gssftp/ftp/domacro.c
@@ -71,7 +71,8 @@ domacro(argc, argv)
code = -1;
return;
}
- (void) strcpy(line2, line);
+ (void) strncpy(line2, line, sizeof(line2) - 1);
+ line2[sizeof(line2) - 1] = '\0';
TOP:
cp1 = macros[i].mac_start;
while (cp1 != macros[i].mac_end) {
@@ -92,7 +93,11 @@ TOP:
}
cp1--;
if (argc - 2 >= j) {
- (void) strcpy(cp2, argv[j+1]);
+ if(cp2 + strlen(argv[j+1]) - line < sizeof(line))
+ (void) strncpy(cp2, argv[j+1],
+ sizeof(line) - 1 -
+ (cp2 - line));
+ line[sizeof(line) - 1] = '\0';
cp2 += strlen(argv[j+1]);
}
break;
@@ -101,7 +106,11 @@ TOP:
loopflg = 1;
cp1++;
if (count < argc) {
- (void) strcpy(cp2, argv[count]);
+ if(cp2 + strlen(argv[j+1]) - line < sizeof(line))
+ (void) strncpy(cp2, argv[count],
+ sizeof(line) - 1 -
+ (cp2 - line));
+ line[sizeof(line) - 1] = '\0';
cp2 += strlen(argv[count]);
}
break;
@@ -138,7 +147,8 @@ TOP:
if (bell && c->c_bell) {
(void) putchar('\007');
}
- (void) strcpy(line, line2);
+ (void) strncpy(line, line2, sizeof(line) - 1);
+ line[sizeof(line) - 1] = '\0';
makeargv();
argc = margc;
argv = margv;
diff --git a/src/appl/gssftp/ftp/ftp.c b/src/appl/gssftp/ftp/ftp.c
index 11f583a..a00850d 100644
--- a/src/appl/gssftp/ftp/ftp.c
+++ b/src/appl/gssftp/ftp/ftp.c
@@ -680,9 +680,13 @@ getreply(expecteof)
n = '5';
} else {
if (debug) printf("%c:", safe ? 'S' : 'P');
- memcpy(ibuf, msg_data.app_data,
- msg_data.app_length);
- strcpy(&ibuf[msg_data.app_length], "\r\n");
+ if(msg_data.app_length < sizeof(ibuf) - 2) {
+ memcpy(ibuf, msg_data.app_data,
+ msg_data.app_length);
+ strcpy(&ibuf[msg_data.app_length], "\r\n");
+ } else {
+ printf("Message too long!");
+ }
continue;
}
#endif
@@ -703,9 +707,14 @@ getreply(expecteof)
"failed unsealing reply");
n = '5';
} else {
- memcpy(ibuf, msg_buf.value,
- msg_buf.length);
- strcpy(&ibuf[msg_buf.length], "\r\n");
+ if(msg_buf.length < sizeof(ibuf) - 2 - 1) {
+ memcpy(ibuf, msg_buf.value,
+ msg_buf.length);
+ strcpy(&ibuf[msg_buf.length], "\r\n");
+ } else {
+ user_gss_error(maj_stat, min_stat,
+ "reply was too long");
+ }
gss_release_buffer(&min_stat,&msg_buf);
continue;
}
@@ -1636,20 +1645,24 @@ pswitch(flag)
mcase = op->mcse;
ip->ntflg = ntflag;
ntflag = op->ntflg;
- (void) strncpy(ip->nti, ntin, 16);
+ (void) strncpy(ip->nti, ntin, sizeof(ip->nti) - 1);
(ip->nti)[strlen(ip->nti)] = '\0';
- (void) strcpy(ntin, op->nti);
- (void) strncpy(ip->nto, ntout, 16);
+ (void) strncpy(ntin, op->nti, sizeof(ntin) - 1);
+ ntin[sizeof(ntin) - 1] = '\0';
+ (void) strncpy(ip->nto, ntout, sizeof(ip->nto) - 1);
(ip->nto)[strlen(ip->nto)] = '\0';
- (void) strcpy(ntout, op->nto);
+ (void) strncpy(ntout, op->nto, sizeof(ntout) - 1);
+ ntout[sizeof(ntout) - 1] = '\0';
ip->mapflg = mapflag;
mapflag = op->mapflg;
(void) strncpy(ip->mi, mapin, MAXPATHLEN - 1);
(ip->mi)[strlen(ip->mi)] = '\0';
- (void) strcpy(mapin, op->mi);
+ (void) strncpy(mapin, op->mi, sizeof(mapin) - 1);
+ mapin[sizeof(mapin) - 1] = '\0';
(void) strncpy(ip->mo, mapout, MAXPATHLEN - 1);
(ip->mo)[strlen(ip->mo)] = '\0';
- (void) strcpy(mapout, op->mo);
+ (void) strncpy(mapout, op->mo, sizeof(mapout) - 1);
+ mapout[sizeof(mapout) - 1] = '\0';
ip->authtype = auth_type;
auth_type = op->authtype;
ip->clvl = clevel;
@@ -1846,7 +1859,8 @@ gunique(local)
fprintf(stderr, "local: %s: %s\n", local, strerror(errno));
return((char *) 0);
}
- (void) strcpy(new, local);
+ (void) strncpy(new, local, sizeof(new) - 3);
+ new[sizeof(new) - 1] = '\0';
cp = new + strlen(new);
*cp++ = '.';
while (!d) {
@@ -2054,9 +2068,11 @@ do_auth()
if (verbose)
printf("%s accepted as authentication type\n", "KERBEROS_V4");
- strcpy(inst, (char *) krb_get_phost(hostname));
+ strncpy(inst, (char *) krb_get_phost(hostname), sizeof(inst) - 1);
+ inst[sizeof(inst) - 1] = '\0';
if (realm[0] == '\0')
- strcpy(realm, (char *) krb_realmofhost(hostname));
+ strncpy(realm, (char *) krb_realmofhost(hostname), sizeof(realm) - 1);
+ realm[sizeof(realm) - 1] = '\0';
if ((kerror = krb_mk_req(&ticket, service = "ftp",
inst, realm, checksum))
&& (kerror != KDC_PR_UNKNOWN ||
diff --git a/src/appl/gssftp/ftp/glob.c b/src/appl/gssftp/ftp/glob.c
index f92ee5e..a5a6bf7 100644
--- a/src/appl/gssftp/ftp/glob.c
+++ b/src/appl/gssftp/ftp/glob.c
@@ -118,7 +118,7 @@ ftpglob(v)
globerr = 0;
gpath = agpath; gpathp = gpath; *gpathp = 0;
- lastgpathp = &gpath[sizeof agpath - 2];
+ lastgpathp = &gpath[sizeof(agpath) - 1];
ginit(agargv); globcnt = 0;
collect(v);
if (globcnt == 0 && (gflag&1)) {
@@ -198,7 +198,8 @@ expand(as)
globerr = "Unknown user name after ~";
(void) strcpy(gpath, gpath + 1);
} else
- (void) strcpy(gpath, home);
+ (void) strncpy(gpath, home, FTP_BUFSIZ - 1);
+ gpath[FTP_BUFSIZ - 1] = '\0';
gpathp = strend(gpath);
}
}
@@ -324,8 +325,9 @@ pend:
doit:
savec = *pm;
*pm = 0;
- (void) strcpy(lm, pl);
- (void) strcat(restbuf, pe + 1);
+ (void) strncpy(lm, pl, sizeof(restbuf) - 1 - (lm - restbuf));
+ restbuf[sizeof(restbuf) - 1] = '\0';
+ (void) strncat(restbuf, pe + 1, sizeof(restbuf) - 1 - strlen(restbuf));
*pm = savec;
if (s == 0) {
sgpathp = gpathp;
@@ -700,7 +702,7 @@ gethdir(home)
{
register struct passwd *pp = getpwnam(home);
- if (!pp || home + strlen(pp->pw_dir) >= lastgpathp)
+ if (!pp || ((home + strlen(pp->pw_dir)) >= lastgpathp))
return (1);
(void) strcpy(home, pp->pw_dir);
return (0);
diff --git a/src/appl/gssftp/ftp/main.c b/src/appl/gssftp/ftp/main.c
index 9c1e43a..6c7e1e9 100644
--- a/src/appl/gssftp/ftp/main.c
+++ b/src/appl/gssftp/ftp/main.c
@@ -193,7 +193,8 @@ main(argc, argv)
pw = getpwuid(getuid());
if (pw != NULL) {
home = homedir;
- (void) strcpy(home, pw->pw_dir);
+ (void) strncpy(home, pw->pw_dir, sizeof(homedir) - 1);
+ homedir[sizeof(homedir) - 1] = '\0';
}
if (argc > 0) {
if (setjmp(toplevel))
diff --git a/src/appl/gssftp/ftp/secure.c b/src/appl/gssftp/ftp/secure.c
index 48f57f9..e1f69b0 100644
--- a/src/appl/gssftp/ftp/secure.c
+++ b/src/appl/gssftp/ftp/secure.c
@@ -52,6 +52,11 @@ extern struct sockaddr_in myaddr;
extern int dlevel;
extern char *auth_type;
+/* Some libc's (GNU libc, at least) define MAX as a macro. Forget that. */
+#ifdef MAX
+#undef MAX
+#endif
+
#define MAX maxbuf
extern unsigned int maxbuf; /* maximum output buffer size */
extern unsigned char *ucbuf; /* cleartext buffer */
generated by cgit v1.1 at 2024-07-10 03:16:07 +0000