From c46e8ae80540713ec24fd6d1eea68744937ef158 Mon Sep 17 00:00:00 2001 From: Alan Coopersmith Date: Fri, 17 Mar 2006 03:05:32 +0000 Subject: Specs say SmsInitialize & SmcOpenConnection return NULL terminated strings in errorStringRet, but were just calling strncpy and not making sure strings were NULL terminated if errorLength wasn't long enough. (Noticed while evaluating Coverity ids 196 & 201.) --- src/sm_client.c | 39 +++++++++++++++++++++++++++------------ 1 file changed, 27 insertions(+), 12 deletions(-) (limited to 'src/sm_client.c') diff --git a/src/sm_client.c b/src/sm_client.c index 02f9ccd..047924b 100644 --- a/src/sm_client.c +++ b/src/sm_client.c @@ -1,3 +1,4 @@ +/* $XdotOrg: $ */ /* $Xorg: sm_client.c,v 1.4 2001/02/09 02:03:30 xorgcvs Exp $ */ /* @@ -90,8 +91,12 @@ char *errorStringRet; SmVendorString, SmReleaseString, _SmVersionCount, _SmcVersions, _SmAuthCount, _SmAuthNames, _SmcAuthProcs, NULL)) < 0) { - strncpy (errorStringRet, - "Could not register XSMP protocol with ICE", errorLength); + if (errorStringRet && errorLength > 0) { + strncpy (errorStringRet, + "Could not register XSMP protocol with ICE", + errorLength); + errorStringRet[errorLength - 1] = '\0'; + } return (NULL); } @@ -101,10 +106,12 @@ char *errorStringRet; { if ((ids = (char *) getenv ("SESSION_MANAGER")) == NULL) { - strncpy (errorStringRet, - "SESSION_MANAGER environment variable not defined", - errorLength); - + if (errorStringRet && errorLength > 0) { + strncpy (errorStringRet, + "SESSION_MANAGER environment variable not defined", + errorLength); + errorStringRet[errorLength - 1] = '\0'; + } return (NULL); } } @@ -121,7 +128,10 @@ char *errorStringRet; if ((smcConn = (SmcConn) malloc (sizeof (struct _SmcConn))) == NULL) { - strncpy (errorStringRet, "Can't malloc", errorLength); + if (errorStringRet && errorLength > 0) { + strncpy (errorStringRet, "Can't malloc", errorLength); + errorStringRet[errorLength - 1] = '\0'; + } IceCloseConnection (iceConn); return (NULL); } @@ -148,8 +158,11 @@ char *errorStringRet; */ free ((char *) smcConn); - strncpy (errorStringRet, "Internal error in IceOpenConnection", - errorLength); + if (errorStringRet && errorLength > 0) { + strncpy (errorStringRet, "Internal error in IceOpenConnection", + errorLength); + errorStringRet[errorLength - 1] = '\0'; + } return (NULL); } @@ -201,9 +214,11 @@ char *errorStringRet; if (ioErrorOccured) { - strncpy (errorStringRet, "IO error occured opening connection", - errorLength); - + if (errorStringRet && errorLength > 0) { + strncpy (errorStringRet, "IO error occured opening connection", + errorLength); + errorStringRet[errorLength - 1] = '\0'; + } free (smcConn->vendor); free (smcConn->release); free ((char *) smcConn); -- cgit v1.2.3