Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 27 Aug 2003 11:17:33 +0200
From:      Alexander Leidinger <Alexander@Leidinger.net>
To:        Pawel Jakub Dawidek <nick@garage.freebsd.pl>
Cc:        Chris Knight <chris@e-easy.com.au>
Subject:   Re: SecFix for databases/firebird, please review
Message-ID:  <20030827111733.23d7bb71.Alexander@Leidinger.net>
In-Reply-To: <20030827081036.GL47959@garage.freebsd.pl>
References:  <20030817130114.2bfb3cf1.Alexander@Leidinger.net> <20030817133824.GA71246@madman.celabo.org> <20030818115928.20c1c570.Alexander@Leidinger.net> <20030827081036.GL47959@garage.freebsd.pl>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 27 Aug 2003 10:10:36 +0200
Pawel Jakub Dawidek <nick@garage.freebsd.pl> wrote:

> On Mon, Aug 18, 2003 at 11:59:28AM +0200, Alexander Leidinger wrote:
> +> Thanks for the review. I've updated
> +> http://www.leidinger.net/FreeBSD/firebird-1.0.2-secfix.tar.bz2 (modulo
> +> Chris' work in progress). I'm looking forward to the next round. :-)
> 
> IMHO there are still problems with strncat(3).
> 
> If you use something like that:
> 
> 	strncat(buf, string, sizeof(buf) - 1);
> 
> why not just use:
> 
> 	strncpy(buf, string, sizeof(buf) - 1);

Because behavior of strncpy != behavior of strncat. And I want to
preserve as much as possible from the original code.

> because correct form is:
> 
> 	strncat(buf, string, sizeof(buf) - strlen(buf) - 1);

Where did I missed this? Yes, I don't use strlen(destination), I use
strlen(previous_source) instead, but the result is the same.

> There is also syntax error here:
> 
> 	strncat (ib_prefix_msg_val, MAXPATHLEN, ib_prefix_msg);

Oops. Fixed locally.

> You also still don't add:
> 
> 	buf[sizeof(buf) - 1] = '\0';
> 
> after all strncat(3)s.

Hmmm... yes, I see the problem...

> This was in first patch:)

It's the largest one...

> IMHO if you want to keep portability, just add some BSD-licensed strlcat(3)
> and strlcpy(3) implementations to firebird's code and use it, because
> strncat(3) is really fucked up.

Or just use strl* in the port und wait for firebird 1.5... Chris, what
do you think?

Bye,
Alexander.

-- 
   If Bill Gates had a dime for every time a Windows box crashed...
                ...Oh, wait a minute, he already does.

http://www.Leidinger.net                       Alexander @ Leidinger.net
  GPG fingerprint = C518 BC70 E67F 143F BE91  3365 79E2 9C60 B006 3FE7



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030827111733.23d7bb71.Alexander>