Always terminate strncpy results.

The function strncpy does not guarantee to append a terminating
NUL character to the destination.

This patch merges libSM's way of handling this issue into libICE.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

4 files changed, 110 insertions, 41 deletions

diff --git a/src/connect.c b/src/connect.c
index 086b7f3..1554ad6 100644
--- a/src/connect.c
+++ b/src/connect.c
@@ -66,8 +66,11 @@ IceOpenConnection (
 
     if (networkIdsList == NULL || *networkIdsList == '\0')
     {
-	strncpy (errorStringRet,
-	    "networkIdsList argument is NULL", errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet,
+		"networkIdsList argument is NULL", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 	return (NULL);
     }
 
@@ -144,7 +147,10 @@ IceOpenConnection (
 
     if ((iceConn = malloc (sizeof (struct _IceConn))) == NULL)
     {
-	strncpy (errorStringRet, "Can't malloc", errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet, "Can't malloc", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 	return (NULL);
     }
 
@@ -157,7 +163,10 @@ IceOpenConnection (
 	&iceConn->connection_string)) == NULL)
     {
 	free (iceConn);
-	strncpy (errorStringRet, "Could not open network socket", errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet, "Could not open network socket", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 	return (NULL);
     }
 
@@ -195,7 +204,10 @@ IceOpenConnection (
     if ((iceConn->inbuf = iceConn->inbufptr = malloc (ICE_INBUFSIZE)) == NULL)
     {
 	_IceFreeConnection (iceConn);
-	strncpy (errorStringRet, "Can't malloc", errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet, "Can't malloc", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 	return (NULL);
     }
 
@@ -204,7 +216,10 @@ IceOpenConnection (
     if ((iceConn->outbuf = iceConn->outbufptr = calloc (1, ICE_OUTBUFSIZE)) == NULL)
     {
 	_IceFreeConnection (iceConn);
-	strncpy (errorStringRet, "Can't malloc", errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet, "Can't malloc", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 	return (NULL);
     }
 
@@ -257,8 +272,11 @@ IceOpenConnection (
     if (ioErrorOccured)
     {
 	_IceFreeConnection (iceConn);
-	strncpy (errorStringRet, "IO error occured opening connection",
-	     errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet, "IO error occured opening connection",
+		 errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 	return (NULL);
     }
 
@@ -269,9 +287,12 @@ IceOpenConnection (
 	 */
 
 	_IceFreeConnection (iceConn);
-	strncpy (errorStringRet,
-	    "Internal error - did not receive the expected ByteOrder message",
-	     errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet,
+		"Internal error - did not receive the expected ByteOrder "
+		"message", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 	return (NULL);
     }
 
@@ -355,8 +376,11 @@ IceOpenConnection (
 
 	if (ioErrorOccured)
 	{
-	    strncpy (errorStringRet, "IO error occured opening connection",
-		errorLength);
+	    if (errorStringRet && errorLength > 0) {
+		strncpy (errorStringRet, "IO error occured opening connection",
+		    errorLength);
+		errorStringRet[errorLength - 1] = '\0';
+	    }
 	    _IceFreeConnection (iceConn);
 	    iceConn = NULL;
 	}
@@ -366,9 +390,12 @@ IceOpenConnection (
 	    {
 		if (reply.connection_reply.version_index >= _IceVersionCount)
 		{
-		    strncpy (errorStringRet,
-	    		"Got a bad version index in the Connection Reply",
-			errorLength);
+		    if (errorStringRet && errorLength > 0) {
+			strncpy (errorStringRet,
+			    "Got a bad version index in the Connection Reply",
+			    errorLength);
+			errorStringRet[errorLength - 1] = '\0';
+		    }
 
 		    free (reply.connection_reply.vendor);
 		    free (reply.connection_reply.release);
@@ -397,8 +424,11 @@ IceOpenConnection (
 	    {
 		/* Connection failed */
 
-		strncpy (errorStringRet, reply.connection_error.error_message,
-		    errorLength);
+		if (errorStringRet && errorLength > 0) {
+		    strncpy (errorStringRet,
+			reply.connection_error.error_message, errorLength);
+		    errorStringRet[errorLength - 1] = '\0';
+		}
 
 		free (reply.connection_error.error_message);
 
diff --git a/src/listen.c b/src/listen.c
index 802ea6a..2af9475 100644
--- a/src/listen.c
+++ b/src/listen.c
@@ -56,8 +56,11 @@ IceListenForConnections (
 	*listenObjsRet = NULL;
 	*countRet = 0;
 
-        strncpy (errorStringRet,
-	    "Cannot establish any listening sockets", errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet,
+		"Cannot establish any listening sockets", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 
 	return (0);
     }
@@ -91,8 +94,11 @@ IceListenForConnections (
     {
 	*listenObjsRet = NULL;
 
-        strncpy (errorStringRet,
-	    "Cannot establish any listening sockets", errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet,
+		"Cannot establish any listening sockets", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 
 	status = 0;
     }
@@ -102,7 +108,10 @@ IceListenForConnections (
 
 	if (*listenObjsRet == NULL)
 	{
-	    strncpy (errorStringRet, "Malloc failed", errorLength);
+	    if (errorStringRet && errorLength > 0) {
+		strncpy (errorStringRet, "Malloc failed", errorLength);
+		errorStringRet[errorLength - 1] = '\0';
+	    }
 
 	    status = 0;
 	}
@@ -114,7 +123,10 @@ IceListenForConnections (
 
 		if ((*listenObjsRet)[i] == NULL)
 		{
-		    strncpy (errorStringRet, "Malloc failed", errorLength);
+		    if (errorStringRet && errorLength > 0) {
+			strncpy (errorStringRet, "Malloc failed", errorLength);
+			errorStringRet[errorLength - 1] = '\0';
+		    }
 
 		    for (j = 0; j < i; j++)
 			free ((*listenObjsRet)[j]);
diff --git a/src/listenwk.c b/src/listenwk.c
index 4050989..37735b7 100644
--- a/src/listenwk.c
+++ b/src/listenwk.c
@@ -58,8 +58,11 @@ IceListenForWellKnownConnections (
 	*listenObjsRet = NULL;
 	*countRet = 0;
 
-        strncpy (errorStringRet,
-	    "Cannot establish any listening sockets", errorLength);
+	if (errorStringRet && errorLength > 0) {
+            strncpy (errorStringRet,
+		"Cannot establish any listening sockets", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 
 	return (0);
     }
@@ -91,8 +94,11 @@ IceListenForWellKnownConnections (
     {
 	*listenObjsRet = NULL;
 
-        strncpy (errorStringRet,
-	    "Cannot establish any listening sockets", errorLength);
+	if (errorStringRet && errorLength > 0) {
+            strncpy (errorStringRet,
+		"Cannot establish any listening sockets", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 
 	status = 0;
     }
@@ -102,7 +108,10 @@ IceListenForWellKnownConnections (
 
 	if (*listenObjsRet == NULL)
 	{
-	    strncpy (errorStringRet, "Malloc failed", errorLength);
+	    if (errorStringRet && errorLength > 0) {
+		strncpy (errorStringRet, "Malloc failed", errorLength);
+		errorStringRet[errorLength - 1] = '\0';
+	    }
 
 	    status = 0;
 	}
@@ -114,7 +123,10 @@ IceListenForWellKnownConnections (
 
 		if ((*listenObjsRet)[i] == NULL)
 		{
-		    strncpy (errorStringRet, "Malloc failed", errorLength);
+		    if (errorStringRet && errorLength > 0) {
+		        strncpy (errorStringRet, "Malloc failed", errorLength);
+			errorStringRet[errorLength - 1] = '\0';
+		    }
 
 		    for (j = 0; j < i; j++)
 			free ((*listenObjsRet)[j]);
diff --git a/src/protosetup.c b/src/protosetup.c
index fc6010a..8eaa9d6 100644
--- a/src/protosetup.c
+++ b/src/protosetup.c
@@ -71,7 +71,10 @@ IceProtocolSetup (
 
     if (myOpcode < 1 || myOpcode > _IceLastMajorOpcode)
     {
-	strncpy (errorStringRet, "myOpcode out of range", errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet, "myOpcode out of range", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 	return (IceProtocolSetupFailure);
     }
 
@@ -79,8 +82,11 @@ IceProtocolSetup (
 
     if (myProtocol->orig_client == NULL)
     {
-	strncpy (errorStringRet,
-	    "IceRegisterForProtocolSetup was not called", errorLength);
+	if (errorStringRet && errorLength > 0) {
+	    strncpy (errorStringRet,
+		"IceRegisterForProtocolSetup was not called", errorLength);
+	    errorStringRet[errorLength - 1] = '\0';
+	}
 	return (IceProtocolSetupFailure);
     }
 
@@ -198,9 +204,12 @@ IceProtocolSetup (
 
 	if (ioErrorOccured)
 	{
-	    strncpy (errorStringRet,
-		"IO error occured doing Protocol Setup on connection",
-		errorLength);
+	    if (errorStringRet && errorLength > 0) {
+		strncpy (errorStringRet,
+		    "IO error occured doing Protocol Setup on connection",
+		    errorLength);
+		errorStringRet[errorLength - 1] = '\0';
+	    }
 	    return (IceProtocolSetupIOError);
 	}
 	else if (gotReply)
@@ -210,9 +219,12 @@ IceProtocolSetup (
 		if (reply.protocol_reply.version_index >=
 		    myProtocol->orig_client->version_count)
 		{
-		    strncpy (errorStringRet,
-	                "Got a bad version index in the Protocol Reply",
-		        errorLength);
+		    if (errorStringRet && errorLength > 0) {
+			strncpy (errorStringRet,
+	                    "Got a bad version index in the Protocol Reply",
+		            errorLength);
+			errorStringRet[errorLength - 1] = '\0';
+		    }
 
 		    free (reply.protocol_reply.vendor);
 		    free (reply.protocol_reply.release);
@@ -229,8 +241,11 @@ IceProtocolSetup (
 	    {
 		/* Protocol Setup failed */
 
-		strncpy (errorStringRet, reply.protocol_error.error_message,
-		    errorLength);
+		if (errorStringRet && errorLength > 0) {
+		    strncpy (errorStringRet, reply.protocol_error.error_message,
+			errorLength);
+		    errorStringRet[errorLength - 1] = '\0';
+		}
 
 		free (reply.protocol_error.error_message);
 	    }