From: schwarze@mdocml.bsd.lv
To: source@mdocml.bsd.lv
Subject: mdocml: Audit strlcpy(3)/strlcat(3) usage: * Add missing truncation
Date: Wed, 23 Apr 2014 15:09:16 -0400 (EDT) [thread overview]
Message-ID: <201404231909.s3NJ9G9m019132@krisdoz.my.domain> (raw)
Log Message:
-----------
Audit strlcpy(3)/strlcat(3) usage:
* Add missing truncation checks to three calls.
* In four cases where we know that the distination buffer is large enough,
cast the return vailue to (void).
Modified Files:
--------------
mdocml:
mandocdb.c
Revision Data
-------------
Index: mandocdb.c
===================================================================
RCS file: /usr/vhosts/mdocml.bsd.lv/cvs/mdocml/mandocdb.c,v
retrieving revision 1.142
retrieving revision 1.143
diff -Lmandocdb.c -Lmandocdb.c -u -p -r1.142 -r1.143
--- mandocdb.c
+++ mandocdb.c
@@ -663,7 +663,13 @@ treescan(void)
fsec[-1] = '\0';
mlink = mandoc_calloc(1, sizeof(struct mlink));
- strlcpy(mlink->file, path, sizeof(mlink->file));
+ if (strlcpy(mlink->file, path,
+ sizeof(mlink->file)) >=
+ sizeof(mlink->file)) {
+ say(path, "Filename too long");
+ free(mlink);
+ continue;
+ }
mlink->dform = dform;
mlink->dsec = dsec;
mlink->arch = arch;
@@ -819,13 +825,20 @@ filescan(const char *file)
say(file, "&stat");
return;
}
- strlcpy(buf, file, sizeof(buf));
+ if (strlcpy(buf, file, sizeof(buf)) >= sizeof(buf)) {
+ say(file, "Filename too long");
+ return;
+ }
start = strstr(buf, basedir) == buf ?
buf + strlen(basedir) + 1 : buf;
}
mlink = mandoc_calloc(1, sizeof(struct mlink));
- strlcpy(mlink->file, start, sizeof(mlink->file));
+ if (strlcpy(mlink->file, start, sizeof(mlink->file)) >=
+ sizeof(mlink->file)) {
+ say(start, "Filename too long");
+ return;
+ }
/*
* First try to guess our directory structure.
@@ -973,17 +986,13 @@ mlinks_undupe(struct mpage *mpage)
mpage->form = FORM_NONE;
goto nextlink;
}
- if (strlcpy(buf, mlink->file, PATH_MAX) >= PATH_MAX) {
- if (warnings)
- say(mlink->file, "Filename too long");
- goto nextlink;
- }
+ (void)strlcpy(buf, mlink->file, sizeof(buf));
bufp = strstr(buf, "cat");
assert(NULL != bufp);
memcpy(bufp, "man", 3);
if (NULL != (bufp = strrchr(buf, '.')))
*++bufp = '\0';
- strlcat(buf, mlink->dsec, PATH_MAX);
+ (void)strlcat(buf, mlink->dsec, sizeof(buf));
if (NULL == ohash_find(&mlinks,
ohash_qlookup(&mlinks, buf)))
goto nextlink;
@@ -2216,24 +2225,15 @@ dbopen(int real)
return(0);
}
- if (strlcpy(tempfilename, "/tmp/mandocdb.XXXXXX",
- sizeof(tempfilename)) >= sizeof(tempfilename)) {
- exitcode = (int)MANDOCLEVEL_SYSERR;
- say("", "/tmp/mandocdb.XXXXXX: Filename too long");
- return(0);
- }
+ (void)strlcpy(tempfilename, "/tmp/mandocdb.XXXXXX",
+ sizeof(tempfilename));
if (NULL == mkdtemp(tempfilename)) {
exitcode = (int)MANDOCLEVEL_SYSERR;
say("", "&%s", tempfilename);
return(0);
}
- if (strlcat(tempfilename, "/" MANDOC_DB,
- sizeof(tempfilename)) >= sizeof(tempfilename)) {
- exitcode = (int)MANDOCLEVEL_SYSERR;
- say("", "%s/" MANDOC_DB ": Filename too long",
- tempfilename);
- return(0);
- }
+ (void)strlcat(tempfilename, "/" MANDOC_DB,
+ sizeof(tempfilename));
rc = sqlite3_open_v2(tempfilename, &db, ofl, NULL);
if (SQLITE_OK != rc) {
exitcode = (int)MANDOCLEVEL_SYSERR;
--
To unsubscribe send an email to source+unsubscribe@mdocml.bsd.lv
reply other threads:[~2014-04-23 19:09 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201404231909.s3NJ9G9m019132@krisdoz.my.domain \
--to=schwarze@mdocml.bsd.lv \
--cc=source@mdocml.bsd.lv \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).