diff options
| author | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2015-08-27 01:02:36 +0000 |
|---|---|---|
| committer | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2015-08-27 01:02:36 +0000 |
| commit | 553213200882bc085868bf512bbf4477c5dac579 (patch) | |
| tree | 6897dff5893175a73737a3980277c531760722af | |
| parent | eda2bdd0db61b5036b1da7d4ecd90532f63db225 (diff) | |
Add a boundary check for safety and use snprintf() to construct the IP
address strings instead of strl{cpy,cat}(). Also make the function
return a valid string even in failure case.
input deraadt
ok deraadt
| -rw-r--r-- | usr.sbin/radiusd/util.c | 19 | ||||
| -rw-r--r-- | usr.sbin/radiusd/util.h | 4 |
2 files changed, 11 insertions, 12 deletions
diff --git a/usr.sbin/radiusd/util.c b/usr.sbin/radiusd/util.c index 1d3fccf2d3a..4c5b7bb1361 100644 --- a/usr.sbin/radiusd/util.c +++ b/usr.sbin/radiusd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.1 2015/07/21 04:06:04 yasuoka Exp $ */ +/* $OpenBSD: util.c,v 1.2 2015/08/27 01:02:35 yasuoka Exp $ */ /* * Copyright (c) 2013 Internet Initiative Japan Inc. @@ -21,6 +21,7 @@ #include <netdb.h> #include <string.h> +#include <stdio.h> #include "util.h" @@ -78,9 +79,10 @@ addrport_parse(const char *addrport, int proto, struct addrinfo **p_ai) * sockaddr */ const char * -addrport_tostring(struct sockaddr *sa, socklen_t salen, char *buf, int lbuf) +addrport_tostring(struct sockaddr *sa, socklen_t salen, char *buf, size_t lbuf) { char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV]; + int ret; if (getnameinfo(sa, salen, hbuf, sizeof(hbuf), sbuf, sizeof(sbuf), NI_NUMERICHOST | NI_NUMERICSERV) != 0) @@ -88,21 +90,18 @@ addrport_tostring(struct sockaddr *sa, socklen_t salen, char *buf, int lbuf) switch (sa->sa_family) { case AF_INET6: - strlcpy(buf, "[", lbuf); - strlcat(buf, hbuf, lbuf); - strlcat(buf, "]:", lbuf); - strlcat(buf, sbuf, lbuf); + ret = snprintf(buf, lbuf, "[%s]:%s", hbuf, sbuf); break; case AF_INET: - strlcpy(buf, hbuf, lbuf); - strlcat(buf, ":", lbuf); - strlcat(buf, sbuf, lbuf); + ret = snprintf(buf, lbuf, "%s:%s", hbuf, sbuf); break; default: - return (NULL); + return "error"; } + if (ret == -1 || ret >= (int)lbuf) + return "(error)"; return (buf); } diff --git a/usr.sbin/radiusd/util.h b/usr.sbin/radiusd/util.h index 4521c93bad7..bc6103bb13f 100644 --- a/usr.sbin/radiusd/util.h +++ b/usr.sbin/radiusd/util.h @@ -1,4 +1,4 @@ -/* $OpenBSD: util.h,v 1.1 2015/07/21 04:06:04 yasuoka Exp $ */ +/* $OpenBSD: util.h,v 1.2 2015/08/27 01:02:35 yasuoka Exp $ */ #ifndef RADIUSD_UTIL_H #define RADIUSD_UTIL_H @@ -25,7 +25,7 @@ __BEGIN_DECLS int addrport_parse(const char *, int, struct addrinfo **); -const char *addrport_tostring (struct sockaddr *, socklen_t, char *, int); +const char *addrport_tostring (struct sockaddr *, socklen_t, char *, size_t); __END_DECLS #endif |