diff options
author | Martin Hedenfal <martinh@cvs.openbsd.org> | 2011-01-13 06:05:19 +0000 |
---|---|---|
committer | Martin Hedenfal <martinh@cvs.openbsd.org> | 2011-01-13 06:05:19 +0000 |
commit | 8541a45bdf6dbb310f29759e3bb7643f16676427 (patch) | |
tree | db5e956272b1a2620d1581dc7221a674a3e07e5b | |
parent | b5b832bcbbe288fec88117f6cab7521c179164f0 (diff) |
Extract common preparation of key in ypmatch handling, and check the
argument length.
ok pyr@
-rw-r--r-- | usr.sbin/ypldap/yp.c | 24 |
1 files changed, 9 insertions, 15 deletions
diff --git a/usr.sbin/ypldap/yp.c b/usr.sbin/ypldap/yp.c index 4e8b677f344..e02f1da9783 100644 --- a/usr.sbin/ypldap/yp.c +++ b/usr.sbin/ypldap/yp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: yp.c,v 1.7 2010/11/20 05:12:38 deraadt Exp $ */ +/* $OpenBSD: yp.c,v 1.8 2011/01/13 06:05:18 martinh Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> * @@ -333,12 +333,16 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *req) */ return (NULL); } + + if (arg->key.keydat_len > YPMAXRECORD) { + log_debug("argument too long"); + return (NULL); + } + bzero(key, sizeof(key)); + (void)strncpy(key, arg->key.keydat_val, arg->key.keydat_len); + if (strcmp(arg->map, "passwd.byname") == 0 || strcmp(arg->map, "master.passwd.byname") == 0) { - bzero(key, sizeof(key)); - (void)strncpy(key, arg->key.keydat_val, - arg->key.keydat_len); - ukey.ue_line = key; if ((ue = RB_FIND(user_name_tree, env->sc_user_names, &ukey)) == NULL) { @@ -350,9 +354,6 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *req) return (&res); } else if (strcmp(arg->map, "passwd.byuid") == 0 || strcmp(arg->map, "master.passwd.byuid") == 0) { - bzero(key, sizeof(key)); - (void)strncpy(key, arg->key.keydat_val, - arg->key.keydat_len); ukey.ue_uid = strtonum(key, 0, UID_MAX, &estr); if (estr) { res.stat = YP_BADARGS; @@ -368,9 +369,6 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *req) yp_make_val(&res, ue->ue_line); return (&res); } else if (strcmp(arg->map, "group.bygid") == 0) { - bzero(key, sizeof(key)); - (void)strncpy(key, arg->key.keydat_val, - arg->key.keydat_len); gkey.ge_gid = strtonum(key, 0, GID_MAX, &estr); if (estr) { res.stat = YP_BADARGS; @@ -385,10 +383,6 @@ ypproc_match_2_svc(ypreq_key *arg, struct svc_req *req) yp_make_val(&res, ge->ge_line); return (&res); } else if (strcmp(arg->map, "group.byname") == 0) { - bzero(key, sizeof(key)); - (void)strncpy(key, arg->key.keydat_val, - arg->key.keydat_len); - gkey.ge_line = key; if ((ge = RB_FIND(group_name_tree, env->sc_group_names, &gkey)) == NULL) { |