summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>1996-09-25 08:17:32 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>1996-09-25 08:17:32 +0000
commiteb8f2f9d3b6352e8ee8055aeab2cb6faca69822a (patch)
tree3c08496a2b7b0f85a29fe48ca542cc2fc6d64c08
parent4be416a1cf2ad90e16e2af4e712934208375a153 (diff)
nls buffers are NL_TEXTMAX long -- not a security hole; netbsd pr#2780, mike.long@analog.com
-rw-r--r--lib/libc/string/__strerror.c13
-rw-r--r--lib/libc/string/__strsignal.c12
2 files changed, 15 insertions, 10 deletions
diff --git a/lib/libc/string/__strerror.c b/lib/libc/string/__strerror.c
index 16d82058683..9c023f8a534 100644
--- a/lib/libc/string/__strerror.c
+++ b/lib/libc/string/__strerror.c
@@ -32,7 +32,7 @@
*/
#if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: __strerror.c,v 1.5 1996/09/16 05:43:38 tholo Exp $";
+static char *rcsid = "$OpenBSD: __strerror.c,v 1.6 1996/09/25 08:17:30 deraadt Exp $";
#endif /* LIBC_SCCS and not lint */
#ifdef NLS
@@ -46,6 +46,7 @@ static char *rcsid = "$OpenBSD: __strerror.c,v 1.5 1996/09/16 05:43:38 tholo Exp
#define sys_nerr _sys_nerr
#include <errno.h>
+#include <limits.h>
#include <stdio.h>
#include <string.h>
@@ -86,18 +87,20 @@ __strerror(num, buf)
errnum = num; /* convert to unsigned */
if (errnum < sys_nerr) {
#ifdef NLS
- strcpy(buf, catgets(catd, 1, errnum,
- (char *)sys_errlist[errnum]));
+ strncpy(buf, catgets(catd, 1, errnum,
+ (char *)sys_errlist[errnum]), NL_TEXTMAX-1);
+ buf[NL_TEXTMAX - 1] = '\0';
#else
return(sys_errlist[errnum]);
#endif
} else {
#ifdef NLS
- strcpy(buf, catgets(catd, 1, 0xffff, UPREFIX));
+ strncpy(buf, catgets(catd, 1, 0xffff, UPREFIX), NL_TEXTMAX-1);
+ buf[NL_TEXTMAX - 1] = '\0';
#else
strcpy(buf, UPREFIX);
#endif
- strcat(buf, itoa(errnum));
+ strncat(buf, itoa(errnum), NL_TEXTMAX-strlen(buf)-1);
}
#ifdef NLS
diff --git a/lib/libc/string/__strsignal.c b/lib/libc/string/__strsignal.c
index 5a424bfde28..53c9e59e59f 100644
--- a/lib/libc/string/__strsignal.c
+++ b/lib/libc/string/__strsignal.c
@@ -32,7 +32,7 @@
*/
#if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: __strsignal.c,v 1.3 1996/09/16 05:43:39 tholo Exp $";
+static char *rcsid = "$OpenBSD: __strsignal.c,v 1.4 1996/09/25 08:17:31 deraadt Exp $";
#endif /* LIBC_SCCS and not lint */
#ifdef NLS
@@ -79,18 +79,20 @@ __strsignal(num, buf)
signum = num; /* convert to unsigned */
if (signum < NSIG) {
#ifdef NLS
- strcpy(buf, catgets(catd, 2, signum,
- (char *)sys_siglist[signum]));
+ strncpy(buf, catgets(catd, 2, signum,
+ (char *)sys_siglist[signum]), NL_TEXTMAX-1);
+ buf[NL_TEXTMAX-1] = '\0';
#else
return((char *)sys_siglist[signum]);
#endif
} else {
#ifdef NLS
- strcpy(buf, catgets(catd, 1, 0xffff, UPREFIX));
+ strncpy(buf, catgets(catd, 1, 0xffff, UPREFIX), NL_TEXTMAX-1);
+ buf[NL_TEXTMAX-1] = '\0';
#else
strcpy(buf, UPREFIX);
#endif
- strcat(buf, itoa(signum));
+ strncat(buf, itoa(signum), NL_TEXTMAX-strlen(buf)-1);
}
#ifdef NLS