src - OpenBSD base system

diff options


context:
space:
mode:

author	Hakan Olsson <ho@cvs.openbsd.org>	2002-01-23 17:16:43 +0000
committer	Hakan Olsson <ho@cvs.openbsd.org>	2002-01-23 17:16:43 +0000
commit	07a86abab7908a038045a0293c957625d7910c43 (patch)
tree	049b42f3e1da768edabe57cdfe604f79e3198924
parent	27e0872684c2ae0c73fa340a41e86d77fe3fb9e9 (diff)

strcpy->strlcpy

Diffstat

-rw-r--r--

sbin/isakmpd/ike_quick_mode.c

1 files changed, 17 insertions, 18 deletions

diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c
index e617eb3ac8d..ab54a4c301c 100644
--- a/sbin/isakmpd/ike_quick_mode.c
+++ b/sbin/isakmpd/ike_quick_mode.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ike_quick_mode.c,v 1.56 2001/10/26 12:03:07 ho Exp $ */

+/* $OpenBSD: ike_quick_mode.c,v 1.57 2002/01/23 17:16:42 ho Exp $ */

/* $EOM: ike_quick_mode.c,v 1.139 2001/01/26 10:43:17 niklas Exp $ */

@@ -109,7 +109,7 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

{

char *return_values[RETVALUES_NUM];

char **principal = 0;

- int i, result = 0, nprinc = 0;

+ int i, len, result = 0, nprinc = 0;

int *x509_ids = 0, *keynote_ids = 0;

unsigned char hashbuf[20]; /* Set to the largest digest result */

#ifdef USE_X509

@@ -186,46 +186,45 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

goto policydone;

}

- principal[0] = calloc (strlen (isakmp_sa->recv_key)

- + sizeof "passphrase:", sizeof (char));

+ len = strlen (isakmp_sa->recv_key) + sizeof "passphrase:";

+ principal[0] = calloc (len, sizeof (char));

if (!principal[0])

{

- log_error ("check_policy: calloc (%d, %d) failed",

- strlen (isakmp_sa->recv_key) + sizeof "passphrase:",

+ log_error ("check_policy: calloc (%d, %d) failed", len,

sizeof (char));

goto policydone;

}

/* XXX Consider changing the magic hash lengths with constants. */

- strcpy (principal[0], "passphrase:");

+ strlcpy (principal[0], "passphrase:", len);

memcpy (principal[0] + sizeof "passphrase:" - 1, isakmp_sa->recv_key,

strlen (isakmp_sa->recv_key));

- principal[1] = calloc (sizeof "passphrase-md5-hex:" + 2 * 16,

- sizeof (char));

+ len = sizeof "passphrase-md5-hex:" + 2 * 16;

+ principal[1] = calloc (len, sizeof (char));

if (!principal[1])

{

- log_error ("check_policy: calloc (%d, %d) failed",

- sizeof "passphrase-md5-hex:" + 2 * 16, sizeof (char));

+ log_error ("check_policy: calloc (%d, %d) failed", len,

+ sizeof (char));

goto policydone;

}

- strcpy (principal[1], "passphrase-md5-hex:");

+ strlcpy (principal[1], "passphrase-md5-hex:", len);

MD5 (isakmp_sa->recv_key, strlen (isakmp_sa->recv_key), hashbuf);

for (i = 0; i < 16; i++)

sprintf (principal[1] + 2 * i + sizeof "passphrase-md5-hex:" - 1,

"%02x", hashbuf[i]);

- principal[2] = calloc (sizeof "passphrase-sha1-hex:" + 2 * 20,

- sizeof (char));

+ len = sizeof "passphrase-sha1-hex:" + 2 * 20;

+ principal[2] = calloc (len, sizeof (char));

if (!principal[2])

{

- log_error ("check_policy: calloc (%d, %d) failed",

- sizeof "passphrase-sha1-hex:" + 2 * 20, sizeof (char));

+ log_error ("check_policy: calloc (%d, %d) failed", len,

+ sizeof (char));

goto policydone;

}

- strcpy (principal[2], "passphrase-sha1-hex:");

+ strlcpy (principal[2], "passphrase-sha1-hex:", len);

SHA1 (isakmp_sa->recv_key, strlen (isakmp_sa->recv_key), hashbuf);

for (i = 0; i < 20; i++)

sprintf (principal[2] + 2 * i + sizeof "passphrase-sha1-hex:" - 1,

@@ -313,7 +312,7 @@ check_policy (struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)

sizeof (char));

goto policydone;

}

- strcpy (principal[1], "DN:");

+ strlcpy (principal[1], "DN:", 259);

LC (X509_NAME_oneline, (subject, principal[1] + 3, 256));

nprinc = 2;

} else {