diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-09-25 08:17:32 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1996-09-25 08:17:32 +0000 |
commit | eb8f2f9d3b6352e8ee8055aeab2cb6faca69822a (patch) | |
tree | 3c08496a2b7b0f85a29fe48ca542cc2fc6d64c08 | |
parent | 4be416a1cf2ad90e16e2af4e712934208375a153 (diff) |
nls buffers are NL_TEXTMAX long -- not a security hole; netbsd pr#2780, mike.long@analog.com
-rw-r--r-- | lib/libc/string/__strerror.c | 13 | ||||
-rw-r--r-- | lib/libc/string/__strsignal.c | 12 |
2 files changed, 15 insertions, 10 deletions
diff --git a/lib/libc/string/__strerror.c b/lib/libc/string/__strerror.c index 16d82058683..9c023f8a534 100644 --- a/lib/libc/string/__strerror.c +++ b/lib/libc/string/__strerror.c @@ -32,7 +32,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char *rcsid = "$OpenBSD: __strerror.c,v 1.5 1996/09/16 05:43:38 tholo Exp $"; +static char *rcsid = "$OpenBSD: __strerror.c,v 1.6 1996/09/25 08:17:30 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #ifdef NLS @@ -46,6 +46,7 @@ static char *rcsid = "$OpenBSD: __strerror.c,v 1.5 1996/09/16 05:43:38 tholo Exp #define sys_nerr _sys_nerr #include <errno.h> +#include <limits.h> #include <stdio.h> #include <string.h> @@ -86,18 +87,20 @@ __strerror(num, buf) errnum = num; /* convert to unsigned */ if (errnum < sys_nerr) { #ifdef NLS - strcpy(buf, catgets(catd, 1, errnum, - (char *)sys_errlist[errnum])); + strncpy(buf, catgets(catd, 1, errnum, + (char *)sys_errlist[errnum]), NL_TEXTMAX-1); + buf[NL_TEXTMAX - 1] = '\0'; #else return(sys_errlist[errnum]); #endif } else { #ifdef NLS - strcpy(buf, catgets(catd, 1, 0xffff, UPREFIX)); + strncpy(buf, catgets(catd, 1, 0xffff, UPREFIX), NL_TEXTMAX-1); + buf[NL_TEXTMAX - 1] = '\0'; #else strcpy(buf, UPREFIX); #endif - strcat(buf, itoa(errnum)); + strncat(buf, itoa(errnum), NL_TEXTMAX-strlen(buf)-1); } #ifdef NLS diff --git a/lib/libc/string/__strsignal.c b/lib/libc/string/__strsignal.c index 5a424bfde28..53c9e59e59f 100644 --- a/lib/libc/string/__strsignal.c +++ b/lib/libc/string/__strsignal.c @@ -32,7 +32,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char *rcsid = "$OpenBSD: __strsignal.c,v 1.3 1996/09/16 05:43:39 tholo Exp $"; +static char *rcsid = "$OpenBSD: __strsignal.c,v 1.4 1996/09/25 08:17:31 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #ifdef NLS @@ -79,18 +79,20 @@ __strsignal(num, buf) signum = num; /* convert to unsigned */ if (signum < NSIG) { #ifdef NLS - strcpy(buf, catgets(catd, 2, signum, - (char *)sys_siglist[signum])); + strncpy(buf, catgets(catd, 2, signum, + (char *)sys_siglist[signum]), NL_TEXTMAX-1); + buf[NL_TEXTMAX-1] = '\0'; #else return((char *)sys_siglist[signum]); #endif } else { #ifdef NLS - strcpy(buf, catgets(catd, 1, 0xffff, UPREFIX)); + strncpy(buf, catgets(catd, 1, 0xffff, UPREFIX), NL_TEXTMAX-1); + buf[NL_TEXTMAX-1] = '\0'; #else strcpy(buf, UPREFIX); #endif - strcat(buf, itoa(signum)); + strncat(buf, itoa(signum), NL_TEXTMAX-strlen(buf)-1); } #ifdef NLS |