Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 07 Aug 2000 18:55:03 -0400 (EDT)
From:      Mike Heffner <mheffner@mailandnews.com>
To:        Kris Kennaway <kris@FreeBSD.org>
Cc:        audit@freebsd.org
Subject:   RE: catopen() patch
Message-ID:  <XFMail.20000807185503.mheffner@mailandnews.com>
In-Reply-To: <Pine.BSF.4.21.0008062231250.6484-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Well, I think we need to calculate spcleft at the end of each iteration, and
there needs to be one char left for the NULL. How does this patch look (against
rev. 1.22):

--- msgcat.c.orig       Mon Aug  7 18:42:28 2000
+++ msgcat.c    Mon Aug  7 18:51:42 2000
@@ -128,9 +128,10 @@
        for (nlspath = cptr; *cptr; ++cptr) {
            if (*cptr == ':') {
                *cptr = '\0';
-               for (pathP = path; *nlspath; ++nlspath) {
+               for (pathP = path, spcleft = sizeof(path);
+                        *nlspath && spcleft > 1;
+                        ++nlspath, spcleft = sizeof(path) - (pathP - path)) {
                    if (*nlspath == '%') {
-                       spcleft = sizeof(path) - (pathP - path);
                        if (*(nlspath + 1) == 'L') {
                            ++nlspath;
                            if (strlcpy(pathP, lang, spcleft) >= spcleft) {



On 07-Aug-2000 Kris Kennaway wrote:
|  
|  Right you are! This isn't such a big deal since $NLSPATH isn't read if
|  we;re setugid, but how does this patch look (relative to the one I
|  already committed):
|  
|  Index: msgcat.c
|  ===================================================================
|  RCS file: /home/ncvs/src/lib/libc/nls/msgcat.c,v
|  retrieving revision 1.22
|  diff -u -r1.22 msgcat.c
|  --- msgcat.c 2000/08/05 04:56:43     1.22
|  +++ msgcat.c 2000/08/07 05:28:46
|  @@ -124,13 +124,14 @@
|       strcpy(cptr, nlspath);
|       cptr[len] = ':';
|       cptr[len+1] = '\0';
|  +    spcleft = sizeof(path);
|   
|       for (nlspath = cptr; *cptr; ++cptr) {
|           if (*cptr == ':') {
|               *cptr = '\0';
|  -            for (pathP = path; *nlspath; ++nlspath) {
|  +            for (pathP = path; *nlspath && spcleft > 0; ++nlspath) {
|  +                spcleft = sizeof(path) - (pathP - path);
|                   if (*nlspath == '%') {
|  -                    spcleft = sizeof(path) - (pathP - path);
|                       if (*(nlspath + 1) == 'L') {
|                           ++nlspath;
|                           if (strlcpy(pathP, lang, spcleft) >= spcleft) {
|  


-- 
  Mike Heffner  <spock@techfour.net>
  Fredericksburg, VA     ICQ# 882073
  http://my.ispchannel.com/~mheffner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.20000807185503.mheffner>