From owner-freebsd-audit  Wed Jan 31  6:13:29 2001
Delivered-To: freebsd-audit@freebsd.org
Received: from gw.nectar.com (gw.nectar.com [208.42.49.153])
	by hub.freebsd.org (Postfix) with ESMTP id E8B4237B4EC
	for <FreeBSD-audit@freebsd.org>; Wed, 31 Jan 2001 06:13:11 -0800 (PST)
Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102])
	by gw.nectar.com (Postfix) with ESMTP
	id 2844318C8F; Wed, 31 Jan 2001 08:13:11 -0600 (CST)
Received: (from nectar@localhost)
	by hamlet.nectar.com (8.11.1/8.9.3) id f0VEDBG05147;
	Wed, 31 Jan 2001 08:13:11 -0600 (CST)
	(envelope-from nectar@spawn.nectar.com)
Date: Wed, 31 Jan 2001 08:13:11 -0600
From: "Jacques A. Vidrine" <n@nectar.com>
To: Mike Heffner <mheffner@vt.edu>
Cc: FreeBSD-audit <FreeBSD-audit@freebsd.org>
Subject: Re: patch for libc/net/hesiod.c
Message-ID: <20010131081310.B4720@hamlet.nectar.com>
Mail-Followup-To: "Jacques A. Vidrine" <n@nectar.com>,
	Mike Heffner <mheffner@vt.edu>,
	FreeBSD-audit <FreeBSD-audit@freebsd.org>
References: <XFMail.20010130230121.mheffner@vt.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <XFMail.20010130230121.mheffner@vt.edu>; from mheffner@vt.edu on Tue, Jan 30, 2001 at 11:01:21PM -0500
X-Url: http://www.nectar.com/
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, Jan 30, 2001 at 11:01:21PM -0500, Mike Heffner wrote:

> This patch fixes some string overflow issues in the hesiod(3)
> functions in libc.
>
> Reviews?

The following doesn't appear to be necessary... the length is checked
before any calls to strcat.  If you were going to use strlcat here,
then it would be appropriate to remove the length-checking code.
However, I don't recommend this, due to the portability issue I
mentioned in my previous message.

[snip]
> @@ -197,17 +197,17 @@
>                 return NULL;
>         }
>                 /* Put together the rest of the domain. */
> -       strcat(bindname, ".");
> -       strcat(bindname, type);
> +       strlcat(bindname, ".", sizeof(bindname));
> +       strlcat(bindname, type, sizeof(bindname));
>                 /* Only append lhs if it isn't empty. */
>         if (ctx->lhs && ctx->lhs[0] != '\0' ) {
>                 if (ctx->lhs[0] != '.')
> -                       strcat(bindname, ".");
> -               strcat(bindname, ctx->lhs);
> +                       strlcat(bindname, ".", sizeof(bindname));
> +               strlcat(bindname, ctx->lhs, sizeof(bindname));
>         }
>         if (rhs[0] != '.')
> -               strcat(bindname, ".");
> -       strcat(bindname, rhs);
> +               strlcat(bindname, ".", sizeof(bindname));
> +       strlcat(bindname, rhs, sizeof(bindname));
>  
>                 /* rhs_list is no longer needed, since we're done with rhs. */
>         if (rhs_list)

Cheers,
-- 
Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message