1 files changed, 49 insertions, 0 deletions

diff --git a/extra/cifs-utils/0003-cifskey-better-use-snprintf.patch b/extra/cifs-utils/0003-cifskey-better-use-snprintf.patch
new file mode 100644
index 000000000..bea3603e5
--- /dev/null
+++ b/extra/cifs-utils/0003-cifskey-better-use-snprintf.patch
@@ -0,0 +1,49 @@
+From 0c521d5060035da655107001374e08873ac5dde8 Mon Sep 17 00:00:00 2001
+From: Sebastian Krahmer <krahmer@suse.de>
+Date: Mon, 14 Apr 2014 11:39:41 +0200
+Subject: [PATCH] cifskey: better use snprintf()
+
+Prefer snprintf() over sprintf() in cifskey.c
+Projects that fork the code (pam_cifscreds) can't rely on
+the max-size parameters.
+
+[jlayton: removed unneeded initialization of "len" in key_add]
+
+Signed-off-by: Sebastian Krahmer <krahmer@suse.de>
+---
+ cifskey.c | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/cifskey.c b/cifskey.c
+index 7716c42..e89cacf 100644
+--- a/cifskey.c
++++ b/cifskey.c
+@@ -29,7 +29,8 @@ key_search(const char *addr, char keytype)
+ {
+ 	char desc[INET6_ADDRSTRLEN + sizeof(KEY_PREFIX) + 4];
+ 
+-	sprintf(desc, "%s:%c:%s", KEY_PREFIX, keytype, addr);
++	if (snprintf(desc, sizeof(desc), "%s:%c:%s", KEY_PREFIX, keytype, addr) >= (int)sizeof(desc))
++		return -1;
+ 
+ 	return keyctl_search(DEST_KEYRING, CIFS_KEY_TYPE, desc, 0);
+ }
+@@ -43,10 +44,13 @@ key_add(const char *addr, const char *user, const char *pass, char keytype)
+ 	char val[MOUNT_PASSWD_SIZE +  MAX_USERNAME_SIZE + 2];
+ 
+ 	/* set key description */
+-	sprintf(desc, "%s:%c:%s", KEY_PREFIX, keytype, addr);
++	if (snprintf(desc, sizeof(desc), "%s:%c:%s", KEY_PREFIX, keytype, addr) >= (int)sizeof(desc))
++		return -1;
+ 
+ 	/* set payload contents */
+-	len = sprintf(val, "%s:%s", user, pass);
++	len = snprintf(val, sizeof(val), "%s:%s", user, pass);
++	if (len >= (int)sizeof(val))
++		return -1;
+ 
+ 	return add_key(CIFS_KEY_TYPE, desc, val, len + 1, DEST_KEYRING);
+ }
+-- 
+1.8.4.2
+