diff options
Diffstat (limited to 'extra/cifs-utils/0003-cifskey-better-use-snprintf.patch')
-rw-r--r-- | extra/cifs-utils/0003-cifskey-better-use-snprintf.patch | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/extra/cifs-utils/0003-cifskey-better-use-snprintf.patch b/extra/cifs-utils/0003-cifskey-better-use-snprintf.patch new file mode 100644 index 000000000..bea3603e5 --- /dev/null +++ b/extra/cifs-utils/0003-cifskey-better-use-snprintf.patch @@ -0,0 +1,49 @@ +From 0c521d5060035da655107001374e08873ac5dde8 Mon Sep 17 00:00:00 2001 +From: Sebastian Krahmer <krahmer@suse.de> +Date: Mon, 14 Apr 2014 11:39:41 +0200 +Subject: [PATCH] cifskey: better use snprintf() + +Prefer snprintf() over sprintf() in cifskey.c +Projects that fork the code (pam_cifscreds) can't rely on +the max-size parameters. + +[jlayton: removed unneeded initialization of "len" in key_add] + +Signed-off-by: Sebastian Krahmer <krahmer@suse.de> +--- + cifskey.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/cifskey.c b/cifskey.c +index 7716c42..e89cacf 100644 +--- a/cifskey.c ++++ b/cifskey.c +@@ -29,7 +29,8 @@ key_search(const char *addr, char keytype) + { + char desc[INET6_ADDRSTRLEN + sizeof(KEY_PREFIX) + 4]; + +- sprintf(desc, "%s:%c:%s", KEY_PREFIX, keytype, addr); ++ if (snprintf(desc, sizeof(desc), "%s:%c:%s", KEY_PREFIX, keytype, addr) >= (int)sizeof(desc)) ++ return -1; + + return keyctl_search(DEST_KEYRING, CIFS_KEY_TYPE, desc, 0); + } +@@ -43,10 +44,13 @@ key_add(const char *addr, const char *user, const char *pass, char keytype) + char val[MOUNT_PASSWD_SIZE + MAX_USERNAME_SIZE + 2]; + + /* set key description */ +- sprintf(desc, "%s:%c:%s", KEY_PREFIX, keytype, addr); ++ if (snprintf(desc, sizeof(desc), "%s:%c:%s", KEY_PREFIX, keytype, addr) >= (int)sizeof(desc)) ++ return -1; + + /* set payload contents */ +- len = sprintf(val, "%s:%s", user, pass); ++ len = snprintf(val, sizeof(val), "%s:%s", user, pass); ++ if (len >= (int)sizeof(val)) ++ return -1; + + return add_key(CIFS_KEY_TYPE, desc, val, len + 1, DEST_KEYRING); + } +-- +1.8.4.2 + |