diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2014-05-04 14:38:02 +0200 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2014-05-04 14:57:09 +0200 |
| commit | 2274b41dcb6bbb2557ab0e4358a11f1d54da12d7 (patch) | |
| tree | 553de2872797d8ccf0d1316889e8d7d344f64d34 | |
| parent | 15fc13ce31cd6455d7c64089425da795da5d51d2 (diff) | |
Make buffer size error logging consistent
This adds logging of most cases where a defined buffer is not large
enough to hold provided data on error log level.
| -rw-r--r-- | nslcd/alias.c | 5 | ||||
| -rw-r--r-- | nslcd/attmap.c | 6 | ||||
| -rw-r--r-- | nslcd/cfg.c | 16 | ||||
| -rw-r--r-- | nslcd/common.h | 4 | ||||
| -rw-r--r-- | nslcd/ether.c | 5 | ||||
| -rw-r--r-- | nslcd/group.c | 12 | ||||
| -rw-r--r-- | nslcd/host.c | 8 | ||||
| -rw-r--r-- | nslcd/invalidator.c | 10 | ||||
| -rw-r--r-- | nslcd/myldap.c | 7 | ||||
| -rw-r--r-- | nslcd/netgroup.c | 5 | ||||
| -rw-r--r-- | nslcd/network.c | 8 | ||||
| -rw-r--r-- | nslcd/pam.c | 2 | ||||
| -rw-r--r-- | nslcd/passwd.c | 5 | ||||
| -rw-r--r-- | nslcd/protocol.c | 5 | ||||
| -rw-r--r-- | nslcd/rpc.c | 5 | ||||
| -rw-r--r-- | nslcd/service.c | 11 | ||||
| -rw-r--r-- | nslcd/shadow.c | 5 |
17 files changed, 100 insertions, 19 deletions
diff --git a/nslcd/alias.c b/nslcd/alias.c index 3603c35..7d6b978 100644 --- a/nslcd/alias.c +++ b/nslcd/alias.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -67,7 +67,10 @@ static int mkfilter_alias_byname(const char *name, char safename[BUFLEN_SAFENAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_alias_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", alias_filter, attmap_alias_cn, safename); diff --git a/nslcd/attmap.c b/nslcd/attmap.c index 1911273..11d730b 100644 --- a/nslcd/attmap.c +++ b/nslcd/attmap.c @@ -274,6 +274,12 @@ const char *attmap_get_value(MYLDAP_ENTRY *entry, const char *attr, values = myldap_get_values(entry, attr); if ((values == NULL) || (values[0] == NULL)) return NULL; + if (strlen(values[0]) >= buflen) + { + log_log(LOG_ERR, "attmap_get_value(): buffer too small (%d required)", + strlen(values[0])); + return NULL; + } strncpy(buffer, values[0], buflen); buffer[buflen - 1] = '\0'; return buffer; diff --git a/nslcd/cfg.c b/nslcd/cfg.c index e1857d5..1d99962 100644 --- a/nslcd/cfg.c +++ b/nslcd/cfg.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2007 West Consulting - Copyright (C) 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2007-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -455,14 +455,24 @@ static void add_uris_from_dns(const char *filename, int lnr, if ((strlen(hostlist) > 4) && (strcmp(hostlist + strlen(hostlist) - 4, ":636") == 0)) { hostlist[strlen(hostlist) - 4] = '\0'; - mysnprintf(buf, sizeof(buf), "ldaps://%s", hostlist); + if (mysnprintf(buf, sizeof(buf), "ldaps://%s", hostlist)) + { + log_log(LOG_ERR, "add_uris_from_dns(): buf buffer too small (%d required)", + strlen(hostlist) + 8); + exit(EXIT_FAILURE); + } } else { /* strip default port number */ if ((strlen(hostlist) > 4) && (strcmp(hostlist + strlen(hostlist) - 4, ":389") == 0)) hostlist[strlen(hostlist) - 4] = '\0'; - mysnprintf(buf, sizeof(buf), "ldap://%s", hostlist); + if (mysnprintf(buf, sizeof(buf), "ldap://%s", hostlist)) + { + log_log(LOG_ERR, "add_uris_from_dns(): buf buffer too small (%d required)", + strlen(hostlist) + 7); + exit(EXIT_FAILURE); + } } log_log(LOG_DEBUG, "add_uris_from_dns(): found uri: %s", buf); add_uri(filename, lnr, cfg, buf); diff --git a/nslcd/common.h b/nslcd/common.h index e8b6924..7c3ea1d 100644 --- a/nslcd/common.h +++ b/nslcd/common.h @@ -55,7 +55,7 @@ return -1; #define ERROR_OUT_BUFERROR(fp) \ - log_log(LOG_WARNING, "client supplied argument %d bytes too large", \ + log_log(LOG_ERR, "client supplied argument %d bytes too large", \ tmpint32); \ return -1; @@ -279,7 +279,7 @@ int nslcd_usermod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid); /* prepare the search filter */ \ if (mkfilter) \ { \ - log_log(LOG_WARNING, "nslcd_" __STRING(db) "_" __STRING(fn) \ + log_log(LOG_ERR, "nslcd_" __STRING(db) "_" __STRING(fn) \ "(): filter buffer too small"); \ return -1; \ } \ diff --git a/nslcd/ether.c b/nslcd/ether.c index b1bd21a..ff61dd2 100644 --- a/nslcd/ether.c +++ b/nslcd/ether.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -69,7 +69,10 @@ static int mkfilter_ether_byname(const char *name, char safename[BUFLEN_HOSTNAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_ether_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", ether_filter, attmap_ether_cn, safename); diff --git a/nslcd/group.c b/nslcd/group.c index 390e398..d7dfe42 100644 --- a/nslcd/group.c +++ b/nslcd/group.c @@ -94,7 +94,10 @@ static int mkfilter_group_byname(const char *name, char safename[BUFLEN_SAFENAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_group_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", group_filter, attmap_group_cn, safename); @@ -136,7 +139,10 @@ static int mkfilter_group_bymember(MYLDAP_SESSION *session, char safedn[BUFLEN_SAFEDN]; /* escape attribute */ if (myldap_escape(uid, safeuid, sizeof(safeuid))) + { + log_log(LOG_ERR, "mkfilter_group_bymember(): safeuid buffer too small"); return -1; + } /* try to translate uid to DN */ if ((strcasecmp(attmap_group_member, "\"\"") == 0) || (uid2dn(session, uid, dn, sizeof(dn)) == NULL)) @@ -144,7 +150,10 @@ static int mkfilter_group_bymember(MYLDAP_SESSION *session, group_filter, attmap_group_memberUid, safeuid); /* escape DN */ if (myldap_escape(dn, safedn, sizeof(safedn))) + { + log_log(LOG_ERR, "mkfilter_group_bymember(): safedn buffer too small"); return -1; + } /* also lookup using user DN */ return mysnprintf(buffer, buflen, "(&%s(|(%s=%s)(%s=%s)))", group_filter, @@ -158,7 +167,10 @@ static int mkfilter_group_bymemberdn(const char *dn, char safedn[BUFLEN_SAFEDN]; /* escape DN */ if (myldap_escape(dn, safedn, sizeof(safedn))) + { + log_log(LOG_ERR, "mkfilter_group_bymemberdn(): safedn buffer too small"); return -1; + } return mysnprintf(buffer, buflen, "(&%s(%s=%s))", group_filter, diff --git a/nslcd/host.c b/nslcd/host.c index a898eee..7e5f6aa 100644 --- a/nslcd/host.c +++ b/nslcd/host.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -69,7 +69,10 @@ static int mkfilter_host_byname(const char *name, char *buffer, size_t buflen) char safename[BUFLEN_HOSTNAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_host_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", host_filter, attmap_host_cn, safename); @@ -81,7 +84,10 @@ static int mkfilter_host_byaddr(const char *addrstr, char safeaddr[64]; /* escape attribute */ if (myldap_escape(addrstr, safeaddr, sizeof(safeaddr))) + { + log_log(LOG_ERR, "mkfilter_host_byaddr(): safeaddr buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", host_filter, attmap_host_ipHostNumber, safeaddr); diff --git a/nslcd/invalidator.c b/nslcd/invalidator.c index 54a8f95..7e8e415 100644 --- a/nslcd/invalidator.c +++ b/nslcd/invalidator.c @@ -1,7 +1,7 @@ /* invalidator.c - functions for invalidating external caches - Copyright (C) 2013 Arthur de Jong + Copyright (C) 2013-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -85,8 +85,12 @@ static void exec_invalidate(const char *db) argv[2] = (char *)db; argv[3] = NULL; } - mysnprintf(cmdline, 80, "%s %s%s%s", argv[0], argv[1], - argv[2] != NULL ? " " : "", argv[2] != NULL ? argv[2] : ""); + if (mysnprintf(cmdline, 80, "%s %s%s%s", argv[0], argv[1], + argv[2] != NULL ? " " : "", argv[2] != NULL ? argv[2] : "")) + { + log_log(LOG_ERR, "exec_invalidate(): cmdline buffer too small"); + return; + } log_log(LOG_DEBUG, "invalidator: %s", cmdline); /* do fork/exec */ switch (cpid=fork()) diff --git a/nslcd/myldap.c b/nslcd/myldap.c index 8b97447..53f5b97 100644 --- a/nslcd/myldap.c +++ b/nslcd/myldap.c @@ -1701,7 +1701,11 @@ static char **myldap_get_ranged_values(MYLDAP_ENTRY *entry, const char *attr) SET *set = NULL; /* build the attribute name to find */ if (mysnprintf(attbuf, sizeof(attbuf), "%s;range=0-*", attr)) + { + log_log(LOG_ERR, "myldap_get_ranged_values(): attbuf buffer too small (%d required)", + strlen(attr) + 10); return NULL; + } /* keep doing lookups untul we can't get any more results */ while (1) { @@ -1749,7 +1753,10 @@ static char **myldap_get_ranged_values(MYLDAP_ENTRY *entry, const char *attr) startat = nxt; /* build attributes for a new search */ if (mysnprintf(attbuf, sizeof(attbuf), "%s;range=%d-*", attr, startat)) + { + log_log(LOG_ERR, "myldap_get_ranged_values(): attbuf buffer too small"); break; + } attrs[0] = attbuf; attrs[1] = NULL; /* close the previous search, if any */ diff --git a/nslcd/netgroup.c b/nslcd/netgroup.c index d9acd42..6dbf77a 100644 --- a/nslcd/netgroup.c +++ b/nslcd/netgroup.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -68,7 +68,10 @@ static int mkfilter_netgroup_byname(const char *name, char safename[BUFLEN_SAFENAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_netgroup_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", netgroup_filter, attmap_netgroup_cn, safename); diff --git a/nslcd/network.c b/nslcd/network.c index 89a3d27..26f68ad 100644 --- a/nslcd/network.c +++ b/nslcd/network.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -68,7 +68,10 @@ static int mkfilter_network_byname(const char *name, char safename[BUFLEN_HOSTNAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_network_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", network_filter, attmap_network_cn, safename); @@ -80,7 +83,10 @@ static int mkfilter_network_byaddr(const char *addrstr, char safeaddr[64]; /* escape attribute */ if (myldap_escape(addrstr, safeaddr, sizeof(safeaddr))) + { + log_log(LOG_ERR, "mkfilter_network_byaddr(): safeaddr buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", network_filter, attmap_network_ipNetworkNumber, safeaddr); diff --git a/nslcd/pam.c b/nslcd/pam.c index 7bedcee..df44ce9 100644 --- a/nslcd/pam.c +++ b/nslcd/pam.c @@ -363,7 +363,7 @@ static void autzsearch_var_add(DICT *dict, const char *name, /* perform escaping of the value */ if (myldap_escape(value, escaped_value, sz)) { - log_log(LOG_CRIT, "autzsearch_var_add(): myldap_escape() failed to fit in buffer"); + log_log(LOG_ERR, "autzsearch_var_add(): escaped_value buffer too small"); free(escaped_value); return; } diff --git a/nslcd/passwd.c b/nslcd/passwd.c index e9cf950..198fd45 100644 --- a/nslcd/passwd.c +++ b/nslcd/passwd.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -90,7 +90,10 @@ static int mkfilter_passwd_byname(const char *name, char safename[BUFLEN_SAFENAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_passwd_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", passwd_filter, attmap_passwd_uid, safename); diff --git a/nslcd/protocol.c b/nslcd/protocol.c index 32c8784..0e2cc47 100644 --- a/nslcd/protocol.c +++ b/nslcd/protocol.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -68,7 +68,10 @@ static int mkfilter_protocol_byname(const char *name, char safename[BUFLEN_SAFENAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_protocol_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", protocol_filter, attmap_protocol_cn, safename); diff --git a/nslcd/rpc.c b/nslcd/rpc.c index 6539323..4021978 100644 --- a/nslcd/rpc.c +++ b/nslcd/rpc.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -69,7 +69,10 @@ static int mkfilter_rpc_byname(const char *name, char *buffer, size_t buflen) char safename[BUFLEN_SAFENAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_rpc_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", rpc_filter, attmap_rpc_cn, safename); diff --git a/nslcd/service.c b/nslcd/service.c index 83218db..1e5d615 100644 --- a/nslcd/service.c +++ b/nslcd/service.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -71,12 +71,18 @@ static int mkfilter_service_byname(const char *name, const char *protocol, char safename[BUFLEN_SAFENAME], safeprotocol[BUFLEN_SAFENAME]; /* escape attributes */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_service_byname(): safename buffer too small"); return -1; + } /* build filter */ if (*protocol != '\0') { if (myldap_escape(protocol, safeprotocol, sizeof(safeprotocol))) + { + log_log(LOG_ERR, "mkfilter_service_byname(): safeprotocol buffer too small"); return -1; + } return mysnprintf(buffer, buflen, "(&%s(%s=%s)(%s=%s))", service_filter, attmap_service_cn, safename, attmap_service_ipServiceProtocol, safeprotocol); @@ -93,7 +99,10 @@ static int mkfilter_service_bynumber(int number, const char *protocol, if (*protocol != '\0') { if (myldap_escape(protocol, safeprotocol, sizeof(safeprotocol))) + { + log_log(LOG_ERR, "mkfilter_service_bynumber(): safeprotocol buffer too small"); return -1; + } return mysnprintf(buffer, buflen, "(&%s(%s=%d)(%s=%s))", service_filter, attmap_service_ipServicePort, number, attmap_service_ipServiceProtocol, safeprotocol); diff --git a/nslcd/shadow.c b/nslcd/shadow.c index b5cf021..85ca4ef 100644 --- a/nslcd/shadow.c +++ b/nslcd/shadow.c @@ -5,7 +5,7 @@ Copyright (C) 1997-2005 Luke Howard Copyright (C) 2006 West Consulting - Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong + Copyright (C) 2006-2014 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -75,7 +75,10 @@ static int mkfilter_shadow_byname(const char *name, char *buffer, size_t buflen) char safename[BUFLEN_SAFENAME]; /* escape attribute */ if (myldap_escape(name, safename, sizeof(safename))) + { + log_log(LOG_ERR, "mkfilter_shadow_byname(): safename buffer too small"); return -1; + } /* build filter */ return mysnprintf(buffer, buflen, "(&%s(%s=%s))", shadow_filter, attmap_shadow_uid, safename); |