From owner-freebsd-audit  Fri Aug  4  1:30:19 2000
Delivered-To: freebsd-audit@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 758)
	id 5700137BC0F; Fri,  4 Aug 2000 01:29:59 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
	by hub.freebsd.org (Postfix) with ESMTP id 8D9982E8197
	for <audit@freebsd.org>; Fri,  4 Aug 2000 01:29:59 -0700 (PDT)
	(envelope-from kris@hub.freebsd.org)
Date: Fri, 4 Aug 2000 01:29:59 -0700 (PDT)
From: Kris Kennaway <kris@hub.freebsd.org>
To: audit@freebsd.org
Subject: catopen() patch
Message-ID: <Pine.BSF.4.21.0008040128220.66197-100000@hub.freebsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Can someone please review the following patch?

Kris

Index: msgcat.c
===================================================================
RCS file: /home/ncvs/src/lib/libc/nls/msgcat.c,v
retrieving revision 1.21
diff -u -r1.21 msgcat.c
--- msgcat.c	2000/01/27 23:06:33	1.21
+++ msgcat.c	2000/08/04 08:20:36
@@ -91,8 +91,9 @@
     __const char *catpath = NULL;
     char        *nlspath;
     char	*lang;
-    long	len;
     char	*base, *cptr, *pathP;
+    int		spcleft;
+    long	len;
     struct stat	sbuf;
 
     if (!name || !*name) {
@@ -129,13 +130,20 @@
 		*cptr = '\0';
 		for (pathP = path; *nlspath; ++nlspath) {
 		    if (*nlspath == '%') {
+		        spcleft = sizeof(path) - (pathP - path);
 			if (*(nlspath + 1) == 'L') {
 			    ++nlspath;
-			    strcpy(pathP, lang);
+			    if (strlcpy(pathP, lang, spcleft) >= spcleft) {
+				errno = ENAMETOOLONG;
+				return(NLERR);
+			    }
 			    pathP += strlen(lang);
 			} else if (*(nlspath + 1) == 'N') {
 			    ++nlspath;
-			    strcpy(pathP, name);
+			    if (strlcpy(pathP, name, spcleft) >= spcleft) {
+			        errno = ENAMETOOLONG;
+				return(NLERR);
+			    }
 			    pathP += strlen(name);
 			} else *(pathP++) = *nlspath;
 		    } else *(pathP++) = *nlspath;

--
In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <forsythe@alum.mit.edu>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message