Date: Wed, 31 Jan 2001 08:13:11 -0600 From: "Jacques A. Vidrine" <n@nectar.com> To: Mike Heffner <mheffner@vt.edu> Cc: FreeBSD-audit <FreeBSD-audit@freebsd.org> Subject: Re: patch for libc/net/hesiod.c Message-ID: <20010131081310.B4720@hamlet.nectar.com> In-Reply-To: <XFMail.20010130230121.mheffner@vt.edu>; from mheffner@vt.edu on Tue, Jan 30, 2001 at 11:01:21PM -0500 References: <XFMail.20010130230121.mheffner@vt.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 30, 2001 at 11:01:21PM -0500, Mike Heffner wrote:
> This patch fixes some string overflow issues in the hesiod(3)
> functions in libc.
>
> Reviews?
The following doesn't appear to be necessary... the length is checked
before any calls to strcat. If you were going to use strlcat here,
then it would be appropriate to remove the length-checking code.
However, I don't recommend this, due to the portability issue I
mentioned in my previous message.
[snip]
> @@ -197,17 +197,17 @@
> return NULL;
> }
> /* Put together the rest of the domain. */
> - strcat(bindname, ".");
> - strcat(bindname, type);
> + strlcat(bindname, ".", sizeof(bindname));
> + strlcat(bindname, type, sizeof(bindname));
> /* Only append lhs if it isn't empty. */
> if (ctx->lhs && ctx->lhs[0] != '\0' ) {
> if (ctx->lhs[0] != '.')
> - strcat(bindname, ".");
> - strcat(bindname, ctx->lhs);
> + strlcat(bindname, ".", sizeof(bindname));
> + strlcat(bindname, ctx->lhs, sizeof(bindname));
> }
> if (rhs[0] != '.')
> - strcat(bindname, ".");
> - strcat(bindname, rhs);
> + strlcat(bindname, ".", sizeof(bindname));
> + strlcat(bindname, rhs, sizeof(bindname));
>
> /* rhs_list is no longer needed, since we're done with rhs. */
> if (rhs_list)
Cheers,
--
Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010131081310.B4720>