From owner-freebsd-audit Wed May 9 1:30:27 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-108.dsl.lsan03.pacbell.net [63.207.60.108]) by hub.freebsd.org (Postfix) with ESMTP id B791737B422; Wed, 9 May 2001 01:30:16 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 552F4678BA; Wed, 9 May 2001 01:30:16 -0700 (PDT) Date: Wed, 9 May 2001 01:30:16 -0700 From: Kris Kennaway To: audit@FreeBSD.org, jkh@FreeBSD.org Subject: pkg_add patch Message-ID: <20010509013016.A29331@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="a8Wt8u1KmwUX3Y2C" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --a8Wt8u1KmwUX3Y2C Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable This is part I of a patch to pkg_*. I started out doing this, then somehow got sidetracked into making all of pkg_install/* BDECFLAGS-clean (343 warnings!! I'm down to about 50, half of which are harmless/impossible to get rid of, the others I'm not immediately sure how to fix. I want to review the changes I've made before I send them out, so perhaps tomorrow). The rest of pkg_* needs a good cleaning up too, but I don't have the energy right now. This patch fixes the string buffer ops in pkg_add/main.c and tidies up the handling of the package version directory selection. Kris Index: add/main.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.sbin/pkg_install/add/main.c,v retrieving revision 1.35 diff -u -r1.35 main.c --- add/main.c 2001/04/26 06:48:59 1.35 +++ add/main.c 2001/05/09 08:18:37 @@ -49,6 +49,23 @@ char pkgnames[MAX_PKGS][MAXPATHLEN]; char *pkgs[MAX_PKGS]; =20 +struct { + int lowver; /* Lowest version number to match */ + int hiver; /* Highest version number to match */ + const char *directory; /* Directory it lives in */ +} releases[] =3D { + { 410000, 410000, "/packages-4.1-release" }, + { 420000, 420000, "/packages-4.2-release" }, + { 430000, 430000, "/packages-4.3-release" }, + { 440000, 440000, "/packages-4.4-release" }, + { 450000, 450000, "/packages-4.5-release" }, + { 300000, 399000, "/packages-3-stable" }, + { 400000, 499000, "/packages-4-stable" }, + { 510000, 599000, "/packages-5-stable" }, + { 0, 9999999, "/packages-current" }, + { 0, 0, NULL } +}; + static char *getpackagesite(void); int getosreldate(void); =20 @@ -57,11 +74,9 @@ int main(int argc, char **argv) { - int ch, err; + int ch, error; char **start; - char *cp; - - char *remotepkg =3D NULL, *ptr; + char *cp, *packagesite, *remotepkg =3D NULL, *ptr; static char temppackageroot[MAXPATHLEN]; =20 start =3D argv; @@ -97,7 +112,8 @@ break; =20 case 't': - strcpy(FirstPen, optarg); + if (s_strlcpy(FirstPen, optarg, sizeof(FirstPen))) + errx(1, "-t Argument too long."); break; =20 case 'S': @@ -119,8 +135,7 @@ argv +=3D optind; =20 if (argc > MAX_PKGS) { - warnx("too many packages (max %d)", MAX_PKGS); - return(1); + errx(1, "too many packages (max %d)", MAX_PKGS); } =20 if (AddMode !=3D SLAVE) { @@ -129,26 +144,42 @@ /* Get all the remaining package names, if any */ for (ch =3D 0; *argv; ch++, argv++) { if (Remote) { - strcpy(temppackageroot, getpackagesite()); - remotepkg =3D strcat(temppackageroot, *argv); + if ((packagesite =3D getpackagesite()) =3D=3D NULL) + errx(1, "package name too long"); + if (s_strlcpy(temppackageroot, packagesite, + sizeof(temppackageroot))) + errx(1, "package name too long"); + if (s_strlcat(temppackageroot, *argv, + sizeof(temppackageroot))) + errx(1, "package name too long"); + remotepkg =3D temppackageroot; if (!((ptr =3D strrchr(remotepkg, '.')) && ptr[1] =3D=3D 't' &&=20 ptr[2] =3D=3D 'g' && ptr[3] =3D=3D 'z' && !ptr[4])) - strcat(remotepkg, ".tgz"); + if (s_strlcat(remotepkg, ".tgz", sizeof(temppackageroot))) + errx(1, "package name too long"); } if (!strcmp(*argv, "-")) /* stdin? */ pkgs[ch] =3D "-"; - else if (isURL(*argv)) /* preserve URLs */ - pkgs[ch] =3D strcpy(pkgnames[ch], *argv); - else if ((Remote) && isURL(remotepkg)) - pkgs[ch] =3D strcpy(pkgnames[ch], remotepkg); - else { /* expand all pathnames to fullnames */ + else if (isURL(*argv)) { /* preserve URLs */ + if (s_strlcpy(pkgnames[ch], *argv, sizeof(pkgnames[ch]))) + errx(1, "package name too long"); + pkgs[ch] =3D pkgnames[ch]; + } + else if ((Remote) && isURL(remotepkg)) { + if (s_strlcpy(pkgnames[ch], remotepkg, sizeof(pkgnames[ch]))) + errx(1, "package name too long"); + pkgs[ch] =3D pkgnames[ch]; + } else { /* expand all pathnames to fullnames */ if (fexists(*argv)) /* refers to a file directly */ pkgs[ch] =3D realpath(*argv, pkgnames[ch]); else { /* look for the file in the expected places */ if (!(cp =3D fileFindByPath(NULL, *argv))) warnx("can't find package '%s'", *argv); - else - pkgs[ch] =3D strcpy(pkgnames[ch], cp); + else { + if (s_strlcpy(pkgnames[ch], cp, sizeof(pkgnames[ch]))) + errx(1, "package name too long"); + pkgs[ch] =3D pkgnames[ch]; + } } } } @@ -170,10 +201,10 @@ /* Set a reasonable umask */ umask(022); =20 - if ((err =3D pkg_perform(pkgs)) !=3D 0) { + if ((error =3D pkg_perform(pkgs)) !=3D 0) { if (Verbose) - warnx("%d package addition(s) failed", err); - return err; + warnx("%d package addition(s) failed", error); + return error; } else return 0; @@ -182,51 +213,43 @@ static char * getpackagesite(void) { - int reldate; + int reldate, i; static char sitepath[MAXPATHLEN]; struct utsname u; =20 if (getenv("PACKAGESITE")) { - strcpy(sitepath, getenv("PACKAGESITE")); + if (s_strlcpy(sitepath, getenv("PACKAGESITE"),=20 + sizeof(sitepath))) + return NULL; return sitepath; } - - if (getenv("PACKAGEMIRROR")) - strcpy(sitepath, getenv("PACKAGEMIRROR")); - else - strcpy(sitepath, "ftp://ftp.FreeBSD.org"); =20 - if (getenv("PACKAGEROOT")) - strcpy(sitepath, getenv("PACKAGEMIRRORROOT")); - else - strcat(sitepath, "/pub"); + if (getenv("PACKAGEROOT")) { + if (s_strlcpy(sitepath, getenv("PACKAGEROOT"), sizeof(sitepath))) + return NULL; + } else { + if (s_strlcat(sitepath, "ftp://ftp.freebsd.org", sizeof(sitepath))) + return NULL; + } =20 - strcat(sitepath, "/FreeBSD/ports/"); + if (s_strlcat(sitepath, "/pub/FreeBSD/ports/", sizeof(sitepath))) + return NULL; =20 uname(&u); - strcat(sitepath, u.machine); + if (s_strlcat(sitepath, u.machine, sizeof(sitepath))) + return NULL; =20 reldate =3D getosreldate(); - if (reldate =3D=3D 410000) - strcat(sitepath, "/packages-4.1-release"); - else if (reldate =3D=3D 420000) - strcat(sitepath, "/packages-4.2-release"); - else if (reldate =3D=3D 430000) - strcat(sitepath, "/packages-4.3-release"); - else if (reldate =3D=3D 440000) - strcat(sitepath, "/packages-4.4-release"); - else if (reldate =3D=3D 450000) - strcat(sitepath, "/packages-4.5-release"); - else if (300000 <=3D reldate && reldate <=3D 399000) - strcat(sitepath, "/packages-3-stable"); - else if (400000 <=3D reldate && reldate <=3D 499000) - strcat(sitepath, "/packages-4-stable"); - else if (510000 <=3D reldate && reldate <=3D 599000) /* get real value= s!! */ - strcat(sitepath, "/packages-5-stable"); - else - strcat(sitepath, "/packages-current"); + for(i =3D 0; releases[i].directory !=3D NULL; i++) { + if (reldate >=3D releases[i].lowver && reldate <=3D releases[i].hiver) { + if (s_strlcat(sitepath, releases[i].directory, sizeof(sitepath))) + return NULL; + continue; + } + } =20 - strcat(sitepath, "/Latest/"); + if (s_strlcat(sitepath, "/Latest/", sizeof(sitepath))) + return NULL; =20 return sitepath; =20 Index: lib/lib.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.sbin/pkg_install/lib/lib.h,v retrieving revision 1.34 diff -u -r1.34 lib.h --- lib/lib.h 2001/03/23 18:45:24 1.34 +++ lib/lib.h 2001/05/09 08:17:02 @@ -128,6 +128,8 @@ char *basename_of(char *); char *strconcat(char *, char *); char *get_string(char *, int, FILE *); +int s_strlcpy(char *, const char *, size_t); +int s_strlcat(char *, const char *, size_t); =20 /* File */ Boolean fexists(char *); Index: lib/str.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.sbin/pkg_install/lib/str.c,v retrieving revision 1.8 diff -u -r1.8 str.c --- lib/str.c 2001/03/23 18:45:24 1.8 +++ lib/str.c 2001/05/09 08:16:03 @@ -61,6 +61,20 @@ return *str; } =20 +/* Do a strlcpy and test for overflow */ +int +s_strlcpy(char *dst, const char *src, size_t size) +{ + return (strlcpy(dst, src, size) >=3D size); +} + +/* Do a strlcat and test for overflow */ +int +s_strlcat(char *dst, const char *src, size_t size) +{ + return (strlcat(dst, src, size) >=3D size); +} + /* Rather Obvious */ char * copy_string(char *str) --a8Wt8u1KmwUX3Y2C Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6+QAXWry0BWjoQKURAn6pAKDcFxG90FconKIQEqJZmOZMZxzadACgj+x4 s3cKXMjwrNLuZ+BXkgLAJ4U= =V5Og -----END PGP SIGNATURE----- --a8Wt8u1KmwUX3Y2C-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message