diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2010-12-30 12:24:46 +0000 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2010-12-30 12:24:46 +0000 |
| commit | 726a1a89d34fbdb4974cd24a1ecc3369f241de19 (patch) | |
| tree | e8c866d85c5a7522f8e370d9dbbc8ec5f6594d0b | |
| parent | d99781bdf175fd7b66d37741c3acf33ca9331b49 (diff) | |
implement buffer checking and simplify code somewhat
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-solaris@1351 ef36b2f9-881f-0410-afb5-c4e39611909c
| -rw-r--r-- | nss/ethers.c | 30 | ||||
| -rw-r--r-- | nss/group.c | 29 |
2 files changed, 31 insertions, 28 deletions
diff --git a/nss/ethers.c b/nss/ethers.c index 2f386d6..a109cf3 100644 --- a/nss/ethers.c +++ b/nss/ethers.c @@ -100,28 +100,26 @@ nss_status_t _nss_ldap_endetherent(void) static nss_status_t read_etherstring(TFILE *fp,nss_XbyY_args_t *args) { - /* TODO: padl uses struct ether, verify */ struct etherent result; nss_status_t retv; char *buffer; - size_t buflen; - /* read the etherent */ - retv=read_etherent(fp,&result,NSS_ARGS(args)->buf.buffer,args->buf.buflen,&errno); + int res; + /* read the etherent into a temporary buffer */ + buffer=(char *)malloc(args->buf.buflen); + if (buffer==NULL) + return NSS_STATUS_UNAVAIL; + retv=read_etherent(fp,&result,buffer,args->buf.buflen,&errno); if (retv!=NSS_STATUS_SUCCESS) + { + free(buffer); return retv; - /* allocate a temporary buffer */ - buflen=args->buf.buflen; - buffer=(char *)malloc(buflen); - /* build the formatted string */ - /* FIXME: implement proper buffer size checking */ - /* TODO: OpenSolaris expects "<macAddress> <host>" */ - /* This output is handled correctly by NSCD,but not */ - /* when NSCD is off. Not an issue with NSS_LDAP,but */ - /* with the frontend. */ - sprintf(buffer,"%s %s",ether_ntoa(&result.e_addr),result.e_name); - /* copy the result back to the result buffer and free the temporary one */ - strcpy(NSS_ARGS(args)->buf.buffer,buffer); + } + /* make a string representation */ + res=snprintf(args->buf.buffer,args->buf.buflen, + "%s %s",ether_ntoa(&result.e_addr),result.e_name); free(buffer); + if ((res<0)||(res>=args->buf.buflen)) + return NSS_STATUS_TRYAGAIN; NSS_ARGS(args)->returnval=NSS_ARGS(args)->buf.buffer; NSS_ARGS(args)->returnlen=strlen(NSS_ARGS(args)->buf.buffer); return NSS_STATUS_SUCCESS; diff --git a/nss/group.c b/nss/group.c index b460445..c20ac04 100644 --- a/nss/group.c +++ b/nss/group.c @@ -192,26 +192,31 @@ static nss_status_t read_groupstring(TFILE *fp,nss_XbyY_args_t *args) char *buffer; size_t buflen; int i; - /* read the groupent */ - retv=read_group(fp,&result,NSS_ARGS(args)->buf.buffer,args->buf.buflen,&errno); + /* read the group into a temporary buffer */ + buffer=(char *)malloc(args->buf.buflen); + if (buffer==NULL) + return NSS_STATUS_UNAVAIL; + retv=read_group(fp,&result,buffer,args->buf.buflen,&errno); if (retv!=NSS_STATUS_SUCCESS) + { + free(buffer); return retv; - /* allocate a temporary buffer */ - buflen=args->buf.buflen; - buffer=(char *)malloc(buflen); - /* build the formatted string */ - /* FIXME: implement proper buffer size checking */ - sprintf(buffer,"%s:%s:%d:",result.gr_name,result.gr_passwd,(int)result.gr_gid); + } + /* make a string representation */ + snprintf(args->buf.buffer,args->buf.buflen, + "%s:%s:%d:",result.gr_name,result.gr_passwd,(int)result.gr_gid); + args->buf.buffer[args->buf.buflen-1]='\0'; if (result.gr_mem) for (i=0;result.gr_mem[i];i++) { if (i) - strcat(buffer,","); - strcat(buffer,result.gr_mem[i]); + strncat(args->buf.buffer,args->buf.buflen-strlen(args->buf.buffer)-1,","); + strncat(args->buf.buffer,args->buf.buflen-strlen(args->buf.buffer)-1,result.gr_mem[i]); } - /* copy the result back to the result buffer and free the temporary one */ - strcpy(NSS_ARGS(args)->buf.buffer,buffer); free(buffer); + /* check if buffer overflowed */ + if (strlen(args->buf.buffer)>=args->buf.buffer-1) + return NSS_STATUS_TRYAGAIN; NSS_ARGS(args)->returnval=NSS_ARGS(args)->buf.buffer; NSS_ARGS(args)->returnlen=strlen(NSS_ARGS(args)->buf.buffer); return NSS_STATUS_SUCCESS; |