summaryrefslogtreecommitdiff
path: root/kerberosIV/krb
diff options
context:
space:
mode:
authorArtur Grabowski <art@cvs.openbsd.org>1997-12-09 07:57:43 +0000
committerArtur Grabowski <art@cvs.openbsd.org>1997-12-09 07:57:43 +0000
commiteded21a00a253859f474c1bcca5d418a3c82948f (patch)
tree94e38e1e18679c1a1a5af56a04c549d26eb42255 /kerberosIV/krb
parent49ac4cb4369b59297c067ed22daacd240c981029 (diff)
Removed one expliotable hole, one possibly exploitable hole, many buffer
overflows and lots of unchecked pointers. Tags are nice too.
Diffstat (limited to 'kerberosIV/krb')
-rw-r--r--kerberosIV/krb/base64.c4
-rw-r--r--kerberosIV/krb/check_time.c1
-rw-r--r--kerberosIV/krb/cr_err_reply.c1
-rw-r--r--kerberosIV/krb/create_auth_reply.c1
-rw-r--r--kerberosIV/krb/create_ciph.c1
-rw-r--r--kerberosIV/krb/create_death_packet.c1
-rw-r--r--kerberosIV/krb/create_ticket.c1
-rw-r--r--kerberosIV/krb/debug_decl.c1
-rw-r--r--kerberosIV/krb/decomp_ticket.c1
-rw-r--r--kerberosIV/krb/dest_tkt.c1
-rw-r--r--kerberosIV/krb/encrypt_ktext.c1
-rw-r--r--kerberosIV/krb/et_list.c1
-rw-r--r--kerberosIV/krb/get_ad_tkt.c1
-rw-r--r--kerberosIV/krb/get_cred.c3
-rw-r--r--kerberosIV/krb/get_default_principal.c8
-rw-r--r--kerberosIV/krb/get_host.c79
-rw-r--r--kerberosIV/krb/get_in_tkt.c4
-rw-r--r--kerberosIV/krb/get_krbrlm.c15
-rw-r--r--kerberosIV/krb/get_svc_in_tkt.c1
-rw-r--r--kerberosIV/krb/get_tf_fullname.c19
-rw-r--r--kerberosIV/krb/get_tf_realm.c1
-rw-r--r--kerberosIV/krb/getaddrs.c25
-rw-r--r--kerberosIV/krb/getrealm.c40
-rw-r--r--kerberosIV/krb/getst.c1
-rw-r--r--kerberosIV/krb/k_concat.c4
-rw-r--r--kerberosIV/krb/k_flock.c1
-rw-r--r--kerberosIV/krb/k_gethostname.c2
-rw-r--r--kerberosIV/krb/k_getport.c1
-rw-r--r--kerberosIV/krb/k_getsockinst.c4
-rw-r--r--kerberosIV/krb/k_localtime.c1
-rw-r--r--kerberosIV/krb/kdc_reply.c4
-rw-r--r--kerberosIV/krb/kntoln.c44
-rw-r--r--kerberosIV/krb/krb_check_auth.c1
-rw-r--r--kerberosIV/krb/krb_equiv.c1
-rw-r--r--kerberosIV/krb/krb_err_txt.c1
-rw-r--r--kerberosIV/krb/krb_get_in_tkt.c1
-rw-r--r--kerberosIV/krb/kuserok.c19
-rw-r--r--kerberosIV/krb/lifetime.c4
-rw-r--r--kerberosIV/krb/logging.c6
-rw-r--r--kerberosIV/krb/lsb_addr_comp.c1
-rw-r--r--kerberosIV/krb/mk_auth.c9
-rw-r--r--kerberosIV/krb/mk_err.c1
-rw-r--r--kerberosIV/krb/mk_priv.c4
-rw-r--r--kerberosIV/krb/mk_req.c5
-rw-r--r--kerberosIV/krb/mk_safe.c4
-rw-r--r--kerberosIV/krb/month_sname.c1
-rw-r--r--kerberosIV/krb/name2name.c4
-rw-r--r--kerberosIV/krb/netread.c4
-rw-r--r--kerberosIV/krb/netwrite.c4
-rw-r--r--kerberosIV/krb/one.c1
-rw-r--r--kerberosIV/krb/parse_name.c29
-rw-r--r--kerberosIV/krb/rd_err.c4
-rw-r--r--kerberosIV/krb/rd_priv.c4
-rw-r--r--kerberosIV/krb/rd_req.c10
-rw-r--r--kerberosIV/krb/rd_safe.c6
-rw-r--r--kerberosIV/krb/read_service_key.c16
-rw-r--r--kerberosIV/krb/realm_parse.c5
-rw-r--r--kerberosIV/krb/recvauth.c1
-rw-r--r--kerberosIV/krb/resolve.c25
-rw-r--r--kerberosIV/krb/rw.c20
-rw-r--r--kerberosIV/krb/save_credentials.c1
-rw-r--r--kerberosIV/krb/send_to_kdc.c44
-rw-r--r--kerberosIV/krb/sendauth.c3
-rw-r--r--kerberosIV/krb/stime.c1
-rw-r--r--kerberosIV/krb/str2key.c7
-rw-r--r--kerberosIV/krb/strtok_r.c1
-rw-r--r--kerberosIV/krb/tf_util.c1
-rw-r--r--kerberosIV/krb/tkt_string.c3
-rw-r--r--kerberosIV/krb/unparse_name.c37
-rw-r--r--kerberosIV/krb/util.c1
-rw-r--r--kerberosIV/krb/verify_user.c1
71 files changed, 435 insertions, 129 deletions
diff --git a/kerberosIV/krb/base64.c b/kerberosIV/krb/base64.c
index 4c67412fc64..2a7b9438253 100644
--- a/kerberosIV/krb/base64.c
+++ b/kerberosIV/krb/base64.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: base64.c,v 1.2 1997/12/09 07:57:09 art Exp $ */
/* $KTH: base64.c,v 1.1 1997/08/27 22:41:56 joda Exp $ */
/*
@@ -60,6 +61,9 @@ int base64_encode(const void *data, int size, char **str)
unsigned char *q;
p = s = (char*)malloc(size*4/3+4);
+ if (p == NULL || data == NULL || str == NULL)
+ return -1;
+
q = (unsigned char*)data;
i=0;
for(i = 0; i < size;){
diff --git a/kerberosIV/krb/check_time.c b/kerberosIV/krb/check_time.c
index fb00538256d..ac5d9d8d0a0 100644
--- a/kerberosIV/krb/check_time.c
+++ b/kerberosIV/krb/check_time.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: check_time.c,v 1.2 1997/12/09 07:57:10 art Exp $ */
/* $KTH: check_time.c,v 1.4 1997/04/01 08:18:18 joda Exp $ */
/*
diff --git a/kerberosIV/krb/cr_err_reply.c b/kerberosIV/krb/cr_err_reply.c
index e2890e9be0d..ea95e8e4121 100644
--- a/kerberosIV/krb/cr_err_reply.c
+++ b/kerberosIV/krb/cr_err_reply.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: cr_err_reply.c,v 1.3 1997/12/09 07:57:10 art Exp $ */
/* $KTH: cr_err_reply.c,v 1.9 1997/04/01 08:18:19 joda Exp $ */
/*
diff --git a/kerberosIV/krb/create_auth_reply.c b/kerberosIV/krb/create_auth_reply.c
index 0c2fc35cb8d..0ad7fda733a 100644
--- a/kerberosIV/krb/create_auth_reply.c
+++ b/kerberosIV/krb/create_auth_reply.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: create_auth_reply.c,v 1.3 1997/12/09 07:57:11 art Exp $ */
/* $KTH: create_auth_reply.c,v 1.11 1997/04/01 08:18:20 joda Exp $ */
/*
diff --git a/kerberosIV/krb/create_ciph.c b/kerberosIV/krb/create_ciph.c
index ab5a41f8232..65d9bbc0be4 100644
--- a/kerberosIV/krb/create_ciph.c
+++ b/kerberosIV/krb/create_ciph.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: create_ciph.c,v 1.3 1997/12/09 07:57:11 art Exp $ */
/* $KTH: create_ciph.c,v 1.9 1997/04/01 08:18:20 joda Exp $ */
diff --git a/kerberosIV/krb/create_death_packet.c b/kerberosIV/krb/create_death_packet.c
index c6fd5ecc60c..fb1c54488d7 100644
--- a/kerberosIV/krb/create_death_packet.c
+++ b/kerberosIV/krb/create_death_packet.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: create_death_packet.c,v 1.3 1997/12/09 07:57:11 art Exp $ */
/* $KTH: create_death_packet.c,v 1.8 1997/04/01 08:18:21 joda Exp $ */
/*
diff --git a/kerberosIV/krb/create_ticket.c b/kerberosIV/krb/create_ticket.c
index 7f355b52589..8c74a2a654a 100644
--- a/kerberosIV/krb/create_ticket.c
+++ b/kerberosIV/krb/create_ticket.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: create_ticket.c,v 1.3 1997/12/09 07:57:12 art Exp $ */
/* $KTH: create_ticket.c,v 1.12 1997/04/01 08:18:21 joda Exp $ */
/*
diff --git a/kerberosIV/krb/debug_decl.c b/kerberosIV/krb/debug_decl.c
index b96afa63baf..22c38023f52 100644
--- a/kerberosIV/krb/debug_decl.c
+++ b/kerberosIV/krb/debug_decl.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: debug_decl.c,v 1.3 1997/12/09 07:57:12 art Exp $ */
/* $KTH: debug_decl.c,v 1.7 1997/10/28 15:44:00 bg Exp $ */
/*
diff --git a/kerberosIV/krb/decomp_ticket.c b/kerberosIV/krb/decomp_ticket.c
index d1c3b7a8e18..f9c3205ab52 100644
--- a/kerberosIV/krb/decomp_ticket.c
+++ b/kerberosIV/krb/decomp_ticket.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: decomp_ticket.c,v 1.4 1997/12/09 07:57:13 art Exp $ */
/* $KTH: decomp_ticket.c,v 1.16 1997/04/01 08:18:22 joda Exp $ */
/*
diff --git a/kerberosIV/krb/dest_tkt.c b/kerberosIV/krb/dest_tkt.c
index 18f2f9a84a4..b530cd01bcb 100644
--- a/kerberosIV/krb/dest_tkt.c
+++ b/kerberosIV/krb/dest_tkt.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: dest_tkt.c,v 1.3 1997/12/09 07:57:13 art Exp $ */
/* $KTH: dest_tkt.c,v 1.11 1997/05/19 03:03:40 assar Exp $ */
/*
diff --git a/kerberosIV/krb/encrypt_ktext.c b/kerberosIV/krb/encrypt_ktext.c
index 89b78ec455f..95d1348b0fc 100644
--- a/kerberosIV/krb/encrypt_ktext.c
+++ b/kerberosIV/krb/encrypt_ktext.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: encrypt_ktext.c,v 1.2 1997/12/09 07:57:14 art Exp $ */
/* $KTH: encrypt_ktext.c,v 1.4 1997/04/01 08:18:26 joda Exp $ */
/*
diff --git a/kerberosIV/krb/et_list.c b/kerberosIV/krb/et_list.c
index 380c1b5d48a..68fe5ca0a77 100644
--- a/kerberosIV/krb/et_list.c
+++ b/kerberosIV/krb/et_list.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: et_list.c,v 1.2 1997/12/09 07:57:14 art Exp $ */
/* $KTH: et_list.c,v 1.12 1997/05/13 09:45:01 bg Exp $ */
/*
diff --git a/kerberosIV/krb/get_ad_tkt.c b/kerberosIV/krb/get_ad_tkt.c
index 98c9349daf2..54f8fc36cf3 100644
--- a/kerberosIV/krb/get_ad_tkt.c
+++ b/kerberosIV/krb/get_ad_tkt.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: get_ad_tkt.c,v 1.3 1997/12/09 07:57:15 art Exp $ */
/* $KTH: get_ad_tkt.c,v 1.16 1997/05/30 17:43:34 bg Exp $ */
/*
diff --git a/kerberosIV/krb/get_cred.c b/kerberosIV/krb/get_cred.c
index 03d38bf4fce..b9679519a86 100644
--- a/kerberosIV/krb/get_cred.c
+++ b/kerberosIV/krb/get_cred.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: get_cred.c,v 1.3 1997/12/09 07:57:15 art Exp $ */
/* $KTH: get_cred.c,v 1.6 1997/05/30 17:38:29 bg Exp $ */
/*
@@ -41,7 +42,7 @@ krb_get_cred(char *service, /* Service name */
int tf_status; /* return value of tf function calls */
CREDENTIALS cr;
- if (c == 0)
+ if (c == NULL)
c = &cr;
/* Open ticket file and lock it for shared reading */
diff --git a/kerberosIV/krb/get_default_principal.c b/kerberosIV/krb/get_default_principal.c
index 01054df3167..a2569e306c2 100644
--- a/kerberosIV/krb/get_default_principal.c
+++ b/kerberosIV/krb/get_default_principal.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: get_default_principal.c,v 1.2 1997/12/09 07:57:16 art Exp $ */
/* $KTH: get_default_principal.c,v 1.10 1997/04/01 08:18:28 joda Exp $ */
/*
@@ -66,8 +67,9 @@ krb_get_default_principal(char *name, char *instance, char *realm)
return -1;
}
- strcpy(name, pw->pw_name);
- strcpy(instance, "");
+ strncpy(name, pw->pw_name, ANAME_SZ);
+ name[ANAME_SZ-1] = '\0';
+ strncpy(instance, "", 2);
krb_get_lrealm(realm, 1);
if(strcmp(name, "root") == 0){
@@ -80,7 +82,7 @@ krb_get_default_principal(char *name, char *instance, char *realm)
if(p){
strncpy (name, p, ANAME_SZ);
name[ANAME_SZ - 1] = '\0';
- strcpy(instance, "root");
+ strncpy(instance, "root", 5);
}
}
return 1;
diff --git a/kerberosIV/krb/get_host.c b/kerberosIV/krb/get_host.c
index 8e62ceedf3e..519795019b6 100644
--- a/kerberosIV/krb/get_host.c
+++ b/kerberosIV/krb/get_host.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: get_host.c,v 1.2 1997/12/09 07:57:16 art Exp $ */
/* $KTH: get_host.c,v 1.31 1997/09/26 17:42:37 joda Exp $ */
/*
@@ -52,13 +53,20 @@ free_hosts(struct host_list *h)
{
struct host_list *t;
while(h){
- if(h->this->realm)
+ if(h->this->realm != NULL)
+ {
free(h->this->realm);
- if(h->this->host)
+ h->this->realm = NULL;
+ }
+ if(h->this->host != NULL)
+ {
free(h->this->host);
+ h->this->host = NULL;
+ }
t = h;
h = h->next;
free(t);
+ t=NULL;
}
}
@@ -67,6 +75,10 @@ parse_address(char *address, enum krb_host_proto *proto, char **host, int *port)
{
char *p, *q;
int default_port = krb_port;
+
+ if (proto == NULL || address == NULL || port == NULL || host == NULL)
+ return -1;
+
*proto = PROTO_UDP;
if(strncmp(address, "http://", 7) == 0){
p = address + 7;
@@ -77,9 +89,9 @@ parse_address(char *address, enum krb_host_proto *proto, char **host, int *port)
if(p){
char prot[32];
struct protoent *pp;
- strncpy(prot, address, p - address);
- prot[p - address] = 0;
- if((pp = getprotobyname(prot))){
+ strncpy(prot, address, MIN(p - address, 32));
+ prot[ MIN(p - address, 32) ] = '\0';
+ if((pp = getprotobyname(prot)) != NULL ){
switch(pp->p_proto){
case IPPROTO_UDP:
*proto = PROTO_UDP;
@@ -99,10 +111,12 @@ parse_address(char *address, enum krb_host_proto *proto, char **host, int *port)
p = address;
}
q = strchr(p, ':');
- if(q){
+ if(q != NULL){
*host = (char*)malloc(q - p + 1);
+ if (*host == NULL)
+ return -1;
strncpy(*host, p, q - p);
- (*host)[q - p] = 0;
+ (*host)[q - p] = '\0';
q++;
{
struct servent *sp = getservbyname(q, NULL);
@@ -128,10 +142,15 @@ add_host(char *realm, char *address, int admin, int validate)
struct krb_host *host;
struct host_list *p, **last = &hosts;
host = (struct krb_host*)malloc(sizeof(struct krb_host));
- parse_address(address, &host->proto, &host->host, &host->port);
+ if (host == NULL)
+ return 1;
+ if (parse_address(address, &host->proto, &host->host, &host->port))
+ return 1;
if(validate && gethostbyname(host->host) == NULL){
free(host->host);
+ host->host = NULL;
free(host);
+ host = NULL;
return 1;
}
host->admin = admin;
@@ -141,13 +160,31 @@ add_host(char *realm, char *address, int admin, int validate)
host->proto == p->this->proto &&
host->port == p->this->port){
free(host->host);
+ host->host = NULL;
free(host);
+ host = NULL;
return 1;
}
last = &p->next;
}
host->realm = strdup(realm);
+ if (host->realm == NULL){
+ free(host->host);
+ host->host = NULL;
+ free(host);
+ host = NULL;
+ return 1;
+ }
p = (struct host_list*)malloc(sizeof(struct host_list));
+ if (p == NULL){
+ free(host->realm);
+ host->realm==NULL;
+ free(host->host);
+ host->host = NULL;
+ free(host);
+ host = NULL;
+ return 1;
+ }
p->this = host;
p->next = NULL;
*last = p;
@@ -155,7 +192,6 @@ add_host(char *realm, char *address, int admin, int validate)
}
-
static int
read_file(const char *filename, const char *r)
{
@@ -165,12 +201,16 @@ read_file(const char *filename, const char *r)
char scratch[1024];
int n;
int nhosts = 0;
+ FILE *f;
+
+ if (filename == NULL)
+ return -1;
- FILE *f = fopen(filename, "r");
+ f = fopen(filename, "r");
if(f == NULL)
return -1;
while(fgets(line, sizeof(line), f)){
- n = sscanf(line, "%s %s admin %s", realm, address, scratch);
+ n = sscanf(line, "%1024s %1024s admin %1024s", realm, address, scratch);
if(n == 2 || n == 3){
if(strcmp(realm, r))
continue;
@@ -190,7 +230,7 @@ init_hosts(char *realm)
char *dir = getenv("KRBCONFDIR");
krb_port = ntohs(k_getportbyname (KRB_SERVICE, NULL, htons(KRB_PORT)));
- if(dir){
+ if(dir && getuid() != geteuid()){
char file[MAXPATHLEN];
if(k_concat(file, sizeof(file), dir, "/krb.conf", NULL) == 0)
read_file(file, realm);
@@ -206,6 +246,9 @@ srv_find_realm(char *realm, char *proto, char *service)
char *domain;
struct dns_reply *r;
struct resource_record *rr;
+
+ if (proto == NULL || realm == NULL || service == NULL)
+ return;
k_mconcat(&domain, 1024, service, ".", proto, ".", realm, ".", NULL);
@@ -217,6 +260,7 @@ srv_find_realm(char *realm, char *proto, char *service)
r = dns_lookup(domain, "txt");
if(r == NULL){
free(domain);
+ domain = NULL;
return;
}
for(rr = r->head; rr; rr = rr->next){
@@ -235,6 +279,7 @@ srv_find_realm(char *realm, char *proto, char *service)
}
dns_free_data(r);
free(domain);
+ domain = NULL;
}
struct krb_host*
@@ -246,7 +291,7 @@ krb_get_host(int nth, char *realm, int admin)
/* quick optimization */
if(realm && realm[0]){
strncpy(orealm, realm, sizeof(orealm) - 1);
- orealm[sizeof(orealm) - 1] = 0;
+ orealm[sizeof(orealm) - 1] = '\0';
}else{
int ret = krb_get_lrealm(orealm, 1);
if(ret != KSUCCESS)
@@ -268,7 +313,7 @@ krb_get_host(int nth, char *realm, int admin)
servers */
char host[REALM_SZ + sizeof("kerberos-XXXXX..")];
int i = 0;
- sprintf(host, "kerberos.%s.", orealm);
+ snprintf(host, sizeof(host), "kerberos.%s.", orealm);
add_host(orealm, host, 1, 1);
do{
i++;
@@ -294,7 +339,8 @@ krb_get_krbhst(char *host, char *realm, int nth)
struct krb_host *p = krb_get_host(nth, realm, 0);
if(p == NULL)
return KFAILURE;
- strcpy(host, p->host);
+ strncpy(host, p->host, MAXHOSTNAMELEN);
+ host[MAXHOSTNAMELEN-1] = '\0';
return KSUCCESS;
}
@@ -304,6 +350,7 @@ krb_get_admhst(char *host, char *realm, int nth)
struct krb_host *p = krb_get_host(nth, realm, 1);
if(p == NULL)
return KFAILURE;
- strcpy(host, p->host);
+ strncpy(host, p->host, MAXHOSTNAMELEN);
+ host[MAXHOSTNAMELEN-1] = '\0';
return KSUCCESS;
}
diff --git a/kerberosIV/krb/get_in_tkt.c b/kerberosIV/krb/get_in_tkt.c
index 393f25b8ab5..716cf573917 100644
--- a/kerberosIV/krb/get_in_tkt.c
+++ b/kerberosIV/krb/get_in_tkt.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: get_in_tkt.c,v 1.6 1997/12/09 07:57:16 art Exp $ */
/* $KTH: get_in_tkt.c,v 1.19 1997/10/03 21:51:42 joda Exp $ */
/*
@@ -56,6 +57,7 @@ passwd_to_5key(char *user, char *instance, char *realm, void *passwd,
des_string_to_key(p, key);
memset(p, 0, len);
free(p);
+ p = NULL;
return 0;
}
@@ -95,7 +97,7 @@ krb_get_pw_in_tkt(char *user, char *instance, char *realm, char *service,
int code;
/* Only request password once! */
- if (!password) {
+ if (password == NULL) {
if (des_read_pw_string(pword, sizeof(pword)-1, "Password: ", 0)){
memset(pword, 0, sizeof(pword));
return INTK_BADPW;
diff --git a/kerberosIV/krb/get_krbrlm.c b/kerberosIV/krb/get_krbrlm.c
index d771fa878eb..11de4231b19 100644
--- a/kerberosIV/krb/get_krbrlm.c
+++ b/kerberosIV/krb/get_krbrlm.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: get_krbrlm.c,v 1.9 1997/12/09 07:57:17 art Exp $ */
/* $KTH: get_krbrlm.c,v 1.16 1997/05/02 01:26:22 assar Exp $ */
/*
@@ -50,7 +51,8 @@ krb_get_lrealm_f(char *r, int n, const char *fname)
char *p = buf + strspn(buf, " \t");
p[strcspn(p, " \t\r\n")] = 0;
p[REALM_SZ - 1] = 0;
- strcpy(r, p);
+ strncpy(r, p, REALM_SZ);
+ r[REALM_SZ-1] = '\0';
if (*p != '#')
ret = KSUCCESS;
}
@@ -71,7 +73,7 @@ krb_get_lrealm(char *r, int n)
return(KFAILURE); /* Temporary restriction */
/* First try user specified file */
- if (dir != 0) {
+ if (dir != 0 && getuid() != geteuid()) {
char fname[MAXPATHLEN];
if(k_concat(fname, sizeof(fname), dir, "/krb.conf", NULL) == 0)
if (krb_get_lrealm_f(r, n, fname) == KSUCCESS)
@@ -92,7 +94,8 @@ krb_get_lrealm(char *r, int n)
k_gethostname(hostname, sizeof(hostname));
t = krb_realmofhost(hostname);
if (t) {
- strcpy (r, t);
+ strncpy (r, t, REALM_SZ);
+ r[REALM_SZ-1] = '\0';
return KSUCCESS;
}
t = strchr(hostname, '.');
@@ -114,7 +117,9 @@ char *
krb_get_default_realm(void)
{
static char local_realm[REALM_SZ]; /* local kerberos realm */
- if (krb_get_lrealm(local_realm, 1) != KSUCCESS)
- strcpy(local_realm, "NO.DEFAULT.REALM");
+ if (krb_get_lrealm(local_realm, 1) != KSUCCESS){
+ strncpy(local_realm, "NO.DEFAULT.REALM", REALM_SZ);
+ local_realm[REALM_SZ-1] = '\0';
+ }
return local_realm;
}
diff --git a/kerberosIV/krb/get_svc_in_tkt.c b/kerberosIV/krb/get_svc_in_tkt.c
index 13171952f42..1f6e73e04fb 100644
--- a/kerberosIV/krb/get_svc_in_tkt.c
+++ b/kerberosIV/krb/get_svc_in_tkt.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: get_svc_in_tkt.c,v 1.3 1997/12/09 07:57:17 art Exp $ */
/* $KTH: get_svc_in_tkt.c,v 1.8 1997/03/23 03:53:09 joda Exp $ */
/*
diff --git a/kerberosIV/krb/get_tf_fullname.c b/kerberosIV/krb/get_tf_fullname.c
index 893f49506c8..0ed02a501ec 100644
--- a/kerberosIV/krb/get_tf_fullname.c
+++ b/kerberosIV/krb/get_tf_fullname.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: get_tf_fullname.c,v 1.4 1997/12/09 07:57:18 art Exp $ */
/* $KTH: get_tf_fullname.c,v 1.6 1997/03/23 03:53:10 joda Exp $ */
/*
@@ -50,13 +51,19 @@ krb_get_tf_fullname(char *ticket_file, char *name, char *instance, char *realm)
((tf_status = tf_get_pinst(c.pinst)) != KSUCCESS))
return (tf_status);
- if (name)
- strcpy(name, c.pname);
- if (instance)
- strcpy(instance, c.pinst);
+ if (name != NULL){
+ strncpy(name, c.pname, ANAME_SZ);
+ name[ANAME_SZ-1] = '\0';
+ }
+ if (instance != NULL){
+ strncpy(instance, c.pinst, INST_SZ);
+ instance[INST_SZ-1] = '\0';
+ }
if ((tf_status = tf_get_cred(&c)) == KSUCCESS) {
- if (realm)
- strcpy(realm, c.realm);
+ if (realm != NULL){
+ strncpy(realm, c.realm, REALM_SZ);
+ realm[REALM_SZ-1] = '\0';
+ }
}
else {
if (tf_status == EOF)
diff --git a/kerberosIV/krb/get_tf_realm.c b/kerberosIV/krb/get_tf_realm.c
index fb02f775085..f4b1e71c428 100644
--- a/kerberosIV/krb/get_tf_realm.c
+++ b/kerberosIV/krb/get_tf_realm.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: get_tf_realm.c,v 1.3 1997/12/09 07:57:18 art Exp $ */
/* $KTH: get_tf_realm.c,v 1.5 1997/03/23 03:53:10 joda Exp $ */
/*
diff --git a/kerberosIV/krb/getaddrs.c b/kerberosIV/krb/getaddrs.c
index d58e2f67af5..1e7d7d2e672 100644
--- a/kerberosIV/krb/getaddrs.c
+++ b/kerberosIV/krb/getaddrs.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: getaddrs.c,v 1.3 1997/12/09 07:57:18 art Exp $ */
/* $KTH: getaddrs.c,v 1.20 1997/11/09 06:13:32 assar Exp $ */
/*
@@ -65,20 +66,25 @@ k_get_all_addrs (struct in_addr **l)
struct ifconf ifconf;
int num, j;
char *p;
+
+ if (l == NULL)
+ return -1;
fd = socket(AF_INET, SOCK_DGRAM, 0);
if (fd < 0)
- return -1;
+ return -1;
ifconf.ifc_len = sizeof(buf);
ifconf.ifc_buf = buf;
- if(ioctl(fd, SIOCGIFCONF, &ifconf) < 0)
- return -1;
+ if(ioctl(fd, SIOCGIFCONF, &ifconf) < 0){
+ close (fd);
+ return -1;
+ }
num = ifconf.ifc_len / sizeof(struct ifreq);
*l = malloc(num * sizeof(struct in_addr));
if(*l == NULL) {
- close (fd);
- return -1;
+ close (fd);
+ return -1;
}
j = 0;
@@ -92,12 +98,14 @@ k_get_all_addrs (struct in_addr **l)
if(ioctl(fd, SIOCGIFFLAGS, ifr) < 0) {
close (fd);
free (*l);
+ *l = NULL;
return -1;
}
if (ifr->ifr_flags & IFF_UP) {
if(ioctl(fd, SIOCGIFADDR, ifr) < 0) {
close (fd);
free (*l);
+ *l = NULL;
return -1;
}
(*l)[j++] = ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr;
@@ -107,7 +115,12 @@ k_get_all_addrs (struct in_addr **l)
p = p + sz;
}
if (j != num)
- *l = realloc (*l, j * sizeof(struct in_addr));
+ if ((*l = realloc (*l, j * sizeof(struct in_addr))) == NULL)
+ {
+ close(fd);
+ return -1;
+ }
+
close (fd);
return j;
}
diff --git a/kerberosIV/krb/getrealm.c b/kerberosIV/krb/getrealm.c
index 91878e8817a..b4c8b6fbcbf 100644
--- a/kerberosIV/krb/getrealm.c
+++ b/kerberosIV/krb/getrealm.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: getrealm.c,v 1.7 1997/12/09 07:57:19 art Exp $ */
/* $KTH: getrealm.c,v 1.26 1997/10/08 22:51:13 joda Exp $ */
/*
@@ -100,7 +101,7 @@ open_krb_realms(void)
const char *dir = getenv("KRBCONFDIR");
/* First try user specified file */
- if (dir != 0) {
+ if (dir != 0 && getuid() != geteuid()) {
char fname[MAXPATHLEN];
if(k_concat(fname, sizeof(fname), dir, "/krb.realms", NULL) == 0)
@@ -116,41 +117,44 @@ open_krb_realms(void)
}
static int
-file_find_realm(const char *phost, const char *domain, char *ret_realm)
+file_find_realm(const char *phost, const char *domain,
+ char *ret_realm, size_t ret_realm_sz)
{
FILE *trans_file;
char buf[1024];
- char trans_host[MAXHOSTNAMELEN];
- char trans_realm[REALM_SZ];
int ret = -1;
if ((trans_file = open_krb_realms()) == NULL)
return -1;
- while (fgets(buf, sizeof(buf), trans_file)) {
+ while (fgets(buf, sizeof(buf), trans_file) != NULL) {
char *save = NULL;
- char *tok = strtok_r(buf, " \t\r\n", &save);
- if(tok == NULL)
- continue;
- strncpy(trans_host, tok, MAXHOSTNAMELEN);
- trans_host[MAXHOSTNAMELEN - 1] = 0;
+ char *tok;
+ char *tmp_host;
+ char *tmp_realm;
+
+ tok = strtok_r(buf, " \t\r\n", &save);
+ if(tok == NULL)
+ continue;
+ tmp_host = tok;
tok = strtok_r(NULL, " \t\r\n", &save);
if(tok == NULL)
continue;
- strcpy(trans_realm, tok);
- trans_realm[REALM_SZ - 1] = 0;
- if (!strcasecmp(trans_host, phost)) {
+ tmp_realm = tok;
+ if (strcasecmp(tmp_host, phost) == 0) {
/* exact match of hostname, so return the realm */
- strcpy(ret_realm, trans_realm);
+ strncpy(ret_realm, tmp_realm, ret_realm_sz);
+ ret_realm[ret_realm_sz - 1] = '\0';
ret = 0;
break;
}
- if ((trans_host[0] == '.') && domain) {
+ if ((tmp_host[0] == '.') && domain) {
const char *cp = domain;
do {
- if(strcasecmp(trans_host, domain) == 0){
+ if(strcasecmp(tmp_host, domain) == 0){
/* domain match, save for later */
- strcpy(ret_realm, trans_realm);
+ strncpy(ret_realm, tmp_realm, ret_realm_sz);
+ ret_realm[ret_realm_sz - 1] = '\0';
ret = 0;
break;
}
@@ -173,7 +177,7 @@ krb_realmofhost(const char *host)
domain = strchr(phost, '.');
- if(file_find_realm(phost, domain, ret_realm) == 0)
+ if(file_find_realm(phost, domain, ret_realm, sizeof(ret_realm)) == 0)
return ret_realm;
if(dns_find_realm(phost, ret_realm) >= 0)
diff --git a/kerberosIV/krb/getst.c b/kerberosIV/krb/getst.c
index a7c5a031b19..ff7af988cfe 100644
--- a/kerberosIV/krb/getst.c
+++ b/kerberosIV/krb/getst.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: getst.c,v 1.3 1997/12/09 07:57:19 art Exp $ */
/* $KTH: getst.c,v 1.6 1997/03/23 03:53:11 joda Exp $ */
/*
diff --git a/kerberosIV/krb/k_concat.c b/kerberosIV/krb/k_concat.c
index 354c8ddcb49..341bc19d71d 100644
--- a/kerberosIV/krb/k_concat.c
+++ b/kerberosIV/krb/k_concat.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: k_concat.c,v 1.2 1997/12/09 07:57:20 art Exp $ */
/* $KTH: k_concat.c,v 1.5 1997/05/02 08:56:39 joda Exp $ */
/*
@@ -87,11 +88,13 @@ k_vmconcat (char **s, size_t max_len, va_list args)
if(max_len && len + n > max_len){
free(p);
+ p = NULL;
return 0;
}
q = realloc(p, len + n);
if(q == NULL){
free(p);
+ p = NULL;
return 0;
}
p = q;
@@ -113,4 +116,3 @@ k_mconcat (char **s, size_t max_len, ...)
va_end(args);
return ret;
}
-
diff --git a/kerberosIV/krb/k_flock.c b/kerberosIV/krb/k_flock.c
index 6891dbc3845..790c2dbcaa6 100644
--- a/kerberosIV/krb/k_flock.c
+++ b/kerberosIV/krb/k_flock.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: k_flock.c,v 1.2 1997/12/09 07:57:20 art Exp $ */
/* $KTH: k_flock.c,v 1.8 1997/04/01 08:18:30 joda Exp $ */
/*
diff --git a/kerberosIV/krb/k_gethostname.c b/kerberosIV/krb/k_gethostname.c
index 78e64acdd22..f95f59bfbb4 100644
--- a/kerberosIV/krb/k_gethostname.c
+++ b/kerberosIV/krb/k_gethostname.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: k_gethostname.c,v 1.2 1997/12/09 07:57:21 art Exp $ */
/* $KTH: k_gethostname.c,v 1.10 1997/03/23 03:53:12 joda Exp $ */
/*
@@ -36,5 +37,4 @@ int
k_gethostname(char *name, int namelen)
{
return gethostname(name, namelen);
-
}
diff --git a/kerberosIV/krb/k_getport.c b/kerberosIV/krb/k_getport.c
index be4c2f534f1..a1f691f2155 100644
--- a/kerberosIV/krb/k_getport.c
+++ b/kerberosIV/krb/k_getport.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: k_getport.c,v 1.2 1997/12/09 07:57:21 art Exp $ */
/* $KTH: k_getport.c,v 1.10 1997/04/01 08:18:30 joda Exp $ */
/*
diff --git a/kerberosIV/krb/k_getsockinst.c b/kerberosIV/krb/k_getsockinst.c
index 89468812dec..f36c3264b3e 100644
--- a/kerberosIV/krb/k_getsockinst.c
+++ b/kerberosIV/krb/k_getsockinst.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: k_getsockinst.c,v 1.2 1997/12/09 07:57:22 art Exp $ */
/* $KTH: k_getsockinst.c,v 1.10 1997/05/02 14:29:17 assar Exp $ */
/*
@@ -52,6 +53,9 @@ k_getsockinst(int fd, char *inst, size_t inst_size)
int len = sizeof(addr);
struct hostent *hnam;
+ if (inst == NULL)
+ return -1;
+
if (getsockname(fd, (struct sockaddr *)&addr, &len) < 0)
goto fail;
diff --git a/kerberosIV/krb/k_localtime.c b/kerberosIV/krb/k_localtime.c
index 09fb165c158..36f26df2b2a 100644
--- a/kerberosIV/krb/k_localtime.c
+++ b/kerberosIV/krb/k_localtime.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: k_localtime.c,v 1.3 1997/12/09 07:57:22 art Exp $ */
/* $KTH: k_localtime.c,v 1.7 1997/04/01 08:18:31 joda Exp $ */
/*
diff --git a/kerberosIV/krb/kdc_reply.c b/kerberosIV/krb/kdc_reply.c
index 3561955847f..9e2805e4892 100644
--- a/kerberosIV/krb/kdc_reply.c
+++ b/kerberosIV/krb/kdc_reply.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: kdc_reply.c,v 1.2 1997/12/09 07:57:22 art Exp $ */
/* $KTH: kdc_reply.c,v 1.9 1997/04/15 21:52:14 assar Exp $ */
/*
@@ -46,6 +47,9 @@ int
kdc_reply_cred(KTEXT cip, CREDENTIALS *cred)
{
unsigned char *p = cip->dat;
+
+ if (cred == NULL || p == NULL)
+ return KFAILURE;
memcpy(cred->session, p, 8);
p += 8;
diff --git a/kerberosIV/krb/kntoln.c b/kerberosIV/krb/kntoln.c
index 8d63ac7f1d9..f7f28c98181 100644
--- a/kerberosIV/krb/kntoln.c
+++ b/kerberosIV/krb/kntoln.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: kntoln.c,v 1.3 1997/12/09 07:57:23 art Exp $ */
/* $KTH: kntoln.c,v 1.7 1997/03/23 03:53:12 joda Exp $ */
/*
@@ -54,6 +55,9 @@ krb_kntoln(AUTH_DAT *ad, char *lname)
{
static char lrealm[REALM_SZ] = "";
+ if (ad == NULL || lname == NULL)
+ return KFAILURE;
+
if (!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE))
return(KFAILURE);
@@ -61,7 +65,8 @@ krb_kntoln(AUTH_DAT *ad, char *lname)
return(KFAILURE);
if (strcmp(ad->prealm, lrealm))
return(KFAILURE);
- strcpy(lname, ad->pname);
+ strncpy(lname, ad->pname, ANAME_SZ);
+ lname[ANAME_SZ-1] = '\0';
return(KSUCCESS);
}
@@ -91,9 +96,9 @@ extern int errno;
static char lrealm[REALM_SZ] = "";
-an_to_ln(ad,lname)
-AUTH_DAT *ad;
-char *lname;
+int
+an_to_ln(AUTH_DAT *ad,
+ char *lname)
{
static DBM *aname = NULL;
char keyname[ANAME_SZ+INST_SZ+REALM_SZ+2];
@@ -125,17 +130,22 @@ strcmp(ad->prealm,lrealm)) {
return(KFAILURE);
}
/* Got it! */
- strcpy(lname,val.dptr);
+ strncpy(lname, val.dptr, ANAME_SZ);
+ lname[ANAME_SZ-1] = '\0';
return(KSUCCESS);
- } else strcpy(lname,ad->pname);
+ } else{
+ strncpy(lname, ad->pname, ANAME_SZ);
+ lname[ANAME_SZ-1] = '\0';
+ }
return(KSUCCESS);
}
-an_to_a(ad, str)
- AUTH_DAT *ad;
- char *str;
+int
+an_to_a(AUTH_DAT *ad,
+ char *str)
{
- strcpy(str, ad->pname);
+ strncpy(str, ad->pname, ANAME_SZ);
+ str[ANAME_SZ-1] = '\0';
if(*ad->pinst) {
strcat(str, ".");
strcat(str, ad->pinst);
@@ -148,20 +158,23 @@ an_to_a(ad, str)
* Parse a string of the form "user[.instance][@realm]"
* into a struct AUTH_DAT.
*/
-
-a_to_an(str, ad)
- AUTH_DAT *ad;
- char *str;
+int
+a_to_an(cahr *str, AUTH_DAT *ad)
{
char *buf = (char *)malloc(strlen(str)+1);
char *rlm, *inst, *princ;
+ if (buf == NULL)
+ return KFAILURE;
+
if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) {
free(buf);
+ buf = NULL;
return(KFAILURE);
}
/* destructive string hacking is more fun.. */
- strcpy(buf, str);
+ strncpy(buf, str, strlen(str)+1);
+ buf[strlen(str)] = '\0';
if (rlm = index(buf, '@')) {
*rlm++ = '\0';
@@ -175,6 +188,7 @@ a_to_an(str, ad)
if (rlm) strcpy(ad->prealm, rlm);
else strcpy(ad->prealm, lrealm);
free(buf);
+ buf = NULL;
return(KSUCCESS);
}
#endif
diff --git a/kerberosIV/krb/krb_check_auth.c b/kerberosIV/krb/krb_check_auth.c
index ddb52d6a9f0..47b8e546ef2 100644
--- a/kerberosIV/krb/krb_check_auth.c
+++ b/kerberosIV/krb/krb_check_auth.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: krb_check_auth.c,v 1.2 1997/12/09 07:57:23 art Exp $ */
/* $KTH: krb_check_auth.c,v 1.4 1997/04/01 08:18:33 joda Exp $ */
/*
diff --git a/kerberosIV/krb/krb_equiv.c b/kerberosIV/krb/krb_equiv.c
index 8dcc7184853..ccc3972a109 100644
--- a/kerberosIV/krb/krb_equiv.c
+++ b/kerberosIV/krb/krb_equiv.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: krb_equiv.c,v 1.4 1997/12/09 07:57:24 art Exp $ */
/* $KTH: krb_equiv.c,v 1.13 1997/04/01 08:18:33 joda Exp $ */
/*
diff --git a/kerberosIV/krb/krb_err_txt.c b/kerberosIV/krb/krb_err_txt.c
index 18eb61bba8c..01fbb0afc9c 100644
--- a/kerberosIV/krb/krb_err_txt.c
+++ b/kerberosIV/krb/krb_err_txt.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: krb_err_txt.c,v 1.3 1997/12/09 07:57:24 art Exp $ */
/* $KTH: krb_err_txt.c,v 1.12 1997/04/02 05:37:10 joda Exp $ */
/*
diff --git a/kerberosIV/krb/krb_get_in_tkt.c b/kerberosIV/krb/krb_get_in_tkt.c
index 4910e1fe052..b959d224438 100644
--- a/kerberosIV/krb/krb_get_in_tkt.c
+++ b/kerberosIV/krb/krb_get_in_tkt.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: krb_get_in_tkt.c,v 1.3 1997/12/09 07:57:25 art Exp $ */
/* $KTH: krb_get_in_tkt.c,v 1.22 1997/08/23 15:49:11 joda Exp $ */
/*
diff --git a/kerberosIV/krb/kuserok.c b/kerberosIV/krb/kuserok.c
index 6908354e5fe..45e6ce0028b 100644
--- a/kerberosIV/krb/kuserok.c
+++ b/kerberosIV/krb/kuserok.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: kuserok.c,v 1.4 1997/12/09 07:57:26 art Exp $ */
/* $KTH: kuserok.c,v 1.21 1997/04/01 08:18:35 joda Exp $ */
/*
@@ -89,19 +90,26 @@ krb_kuserok(char *name, char *instance, char *realm, char *luser)
char file[MAXPATHLEN];
struct stat st;
+ if (luser == NULL)
+ return NOTOK;
+
pwd = getpwnam(luser);
if(pwd == NULL)
return NOTOK;
+
if(krb_get_lrealm(lrealm, 1))
return NOTOK;
+
if(pwd->pw_uid != 0 &&
strcmp(name, luser) == 0 &&
strcmp(instance, "") == 0 &&
strcmp(realm, lrealm) == 0)
return OK;
- strcpy(file, pwd->pw_dir);
- strcat(file, "/.klogin");
-
+ strncpy(file, pwd->pw_dir, MAXPATHLEN);
+ file[MAXPATHLEN-1] = '\0';
+ strncat(file, "/.klogin", MAXPATHLEN);
+ file[MAXPATHLEN-1] = '\0';
+
f = fopen(file, "r");
if(f == NULL)
return NOTOK;
@@ -136,7 +144,10 @@ krb_kuserok(char *name, char *instance, char *realm, char *luser)
if(strcmp(instance, finst))
continue;
if(frealm[0] == 0)
- strcpy(frealm, lrealm);
+ {
+ strncpy(frealm, lrealm, REALM_SZ);
+ frealm[REALM_SZ-1] = '\0';
+ }
if(strcmp(realm, frealm))
continue;
fclose(f);
diff --git a/kerberosIV/krb/lifetime.c b/kerberosIV/krb/lifetime.c
index 1795bade304..3a02f1a4a01 100644
--- a/kerberosIV/krb/lifetime.c
+++ b/kerberosIV/krb/lifetime.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: lifetime.c,v 1.4 1997/12/09 07:57:26 art Exp $ */
/* $KTH: lifetime.c,v 1.9 1997/05/02 14:29:18 assar Exp $ */
/*
@@ -177,6 +178,9 @@ krb_atime_to_life(char *atime)
int colon = 0, plus = 0;
int n = 0;
+ if (atime == NULL)
+ return 0;
+
if (strcasecmp(atime, "forever") == 0)
return(TKTLIFENOEXPIRE);
diff --git a/kerberosIV/krb/logging.c b/kerberosIV/krb/logging.c
index 46c7ba2c998..68ad7074d8d 100644
--- a/kerberosIV/krb/logging.c
+++ b/kerberosIV/krb/logging.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: logging.c,v 1.2 1997/12/09 07:57:27 art Exp $ */
/* $KTH: logging.c,v 1.14 1997/05/11 09:01:40 assar Exp $ */
/*
@@ -87,7 +88,10 @@ krb_openlog(struct krb_log_facility *f,
FILE *file,
krb_log_func_t func)
{
- strcpy(f->filename, filename);
+ if (f == NULL)
+ return KFAILURE;
+ strncpy(f->filename, filename, MAXPATHLEN);
+ f->filename[MAXPATHLEN-1] = '\0';
f->file = file;
f->func = func;
return KSUCCESS;
diff --git a/kerberosIV/krb/lsb_addr_comp.c b/kerberosIV/krb/lsb_addr_comp.c
index 6e1c11fed0b..da93c97ff6f 100644
--- a/kerberosIV/krb/lsb_addr_comp.c
+++ b/kerberosIV/krb/lsb_addr_comp.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: lsb_addr_comp.c,v 1.2 1997/12/09 07:57:27 art Exp $ */
/* $KTH: lsb_addr_comp.c,v 1.9 1997/04/01 08:18:37 joda Exp $ */
/*
diff --git a/kerberosIV/krb/mk_auth.c b/kerberosIV/krb/mk_auth.c
index 343f05acc80..196e085e782 100644
--- a/kerberosIV/krb/mk_auth.c
+++ b/kerberosIV/krb/mk_auth.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: mk_auth.c,v 1.2 1997/12/09 07:57:28 art Exp $ */
/* $KTH: mk_auth.c,v 1.4 1997/04/01 08:18:35 joda Exp $ */
/*
@@ -63,11 +64,15 @@ krb_mk_auth(int32_t options,
char realrealm[REALM_SZ];
int ret;
unsigned char *p;
+ char *tmp;
if (options & KOPT_DONT_CANON)
- strncpy(realinst, instance, sizeof(realinst));
+ tmp = instance;
else
- strncpy(realinst, krb_get_phost (instance), sizeof(realinst));
+ tmp = krb_get_phost (instance);
+
+ strncpy(realinst, tmp, sizeof(realinst));
+ realinst[sizeof(realinst) - 1] = '\0';
if (realm == NULL) {
ret = krb_get_lrealm (realrealm, 1);
diff --git a/kerberosIV/krb/mk_err.c b/kerberosIV/krb/mk_err.c
index 1a28e4d178a..a245d1bbd84 100644
--- a/kerberosIV/krb/mk_err.c
+++ b/kerberosIV/krb/mk_err.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: mk_err.c,v 1.3 1997/12/09 07:57:28 art Exp $ */
/* $KTH: mk_err.c,v 1.6 1997/03/23 03:53:14 joda Exp $ */
/*
diff --git a/kerberosIV/krb/mk_priv.c b/kerberosIV/krb/mk_priv.c
index 6075f361b1f..bc6ae0eb50a 100644
--- a/kerberosIV/krb/mk_priv.c
+++ b/kerberosIV/krb/mk_priv.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: mk_priv.c,v 1.4 1997/12/09 07:57:29 art Exp $ */
/* $KTH: mk_priv.c,v 1.18 1997/04/01 08:18:37 joda Exp $ */
/*
@@ -93,6 +94,9 @@ krb_mk_priv(void *in, void *out, u_int32_t length,
u_int32_t src_addr;
u_int32_t len;
+ if (p == NULL)
+ return 0;
+
p += krb_put_int(KRB_PROT_VERSION, p, 1);
p += krb_put_int(AUTH_MSG_PRIVATE, p, 1);
diff --git a/kerberosIV/krb/mk_req.c b/kerberosIV/krb/mk_req.c
index 7219fa957ff..e00a1badd61 100644
--- a/kerberosIV/krb/mk_req.c
+++ b/kerberosIV/krb/mk_req.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: mk_req.c,v 1.3 1997/12/09 07:57:29 art Exp $ */
/* $KTH: mk_req.c,v 1.17 1997/05/30 17:42:38 bg Exp $ */
/*
@@ -155,8 +156,10 @@ krb_mk_req(KTEXT authent, char *service, char *instance, char *realm,
*/
retval = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, 0);
- if (retval == KSUCCESS)
+ if (retval == KSUCCESS){
strncpy(myrealm, realm, REALM_SZ);
+ myrealm[REALM_SZ-1] = '\0';
+ }
else
retval = krb_get_tf_realm(TKT_FILE, myrealm);
diff --git a/kerberosIV/krb/mk_safe.c b/kerberosIV/krb/mk_safe.c
index 1f2abc91244..6d6192978b9 100644
--- a/kerberosIV/krb/mk_safe.c
+++ b/kerberosIV/krb/mk_safe.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: mk_safe.c,v 1.4 1997/12/09 07:57:30 art Exp $ */
/* $KTH: mk_safe.c,v 1.21 1997/04/19 23:18:03 joda Exp $ */
/*
@@ -89,6 +90,9 @@ krb_mk_safe(void *in, void *out, u_int32_t length, des_cblock *key,
unsigned char *start;
u_int32_t src_addr;
+ if (p == NULL)
+ return 0;
+
p += krb_put_int(KRB_PROT_VERSION, p, 1);
p += krb_put_int(AUTH_MSG_SAFE, p, 1);
diff --git a/kerberosIV/krb/month_sname.c b/kerberosIV/krb/month_sname.c
index 32542c27501..f0625360575 100644
--- a/kerberosIV/krb/month_sname.c
+++ b/kerberosIV/krb/month_sname.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: month_sname.c,v 1.3 1997/12/09 07:57:30 art Exp $ */
/* $KTH: month_sname.c,v 1.5 1997/03/23 03:53:14 joda Exp $ */
/*
diff --git a/kerberosIV/krb/name2name.c b/kerberosIV/krb/name2name.c
index aa847057353..05da49ab1d5 100644
--- a/kerberosIV/krb/name2name.c
+++ b/kerberosIV/krb/name2name.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: name2name.c,v 1.2 1997/12/09 07:57:31 art Exp $ */
/* $KTH: name2name.c,v 1.15 1997/04/30 04:30:36 assar Exp $ */
/*
@@ -51,6 +52,9 @@ krb_name_to_name(const char *host, char *phost, size_t phost_size)
struct hostent *hp;
struct in_addr adr;
const char *tmp;
+
+ if (phost == NULL || phost_size == 0)
+ return 1;
adr.s_addr = inet_addr(host);
hp = gethostbyname(host);
diff --git a/kerberosIV/krb/netread.c b/kerberosIV/krb/netread.c
index 0149aba2635..03dab7a7faf 100644
--- a/kerberosIV/krb/netread.c
+++ b/kerberosIV/krb/netread.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: netread.c,v 1.3 1997/12/09 07:57:31 art Exp $ */
/* $KTH: netread.c,v 1.7 1997/06/19 23:56:44 assar Exp $ */
/*
@@ -39,6 +40,9 @@ krb_net_read (int fd, void *v, size_t len)
int cc, len2 = 0;
char *buf = v;
+ if (buf == NULL)
+ return -1;
+
do {
cc = read(fd, buf, len);
if (cc < 0)
diff --git a/kerberosIV/krb/netwrite.c b/kerberosIV/krb/netwrite.c
index edd2d80b476..ff7c22820d1 100644
--- a/kerberosIV/krb/netwrite.c
+++ b/kerberosIV/krb/netwrite.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: netwrite.c,v 1.3 1997/12/09 07:57:32 art Exp $ */
/* $KTH: netwrite.c,v 1.8 1997/06/19 23:56:25 assar Exp $ */
/*
@@ -39,6 +40,9 @@ krb_net_write(int fd, const void *v, size_t len)
int wrlen = len;
const char *buf = (const char*)v;
+ if (buf == NULL)
+ return -1;
+
do {
cc = write(fd, buf, wrlen);
if (cc < 0)
diff --git a/kerberosIV/krb/one.c b/kerberosIV/krb/one.c
index d43b2840e08..f1b726e11f3 100644
--- a/kerberosIV/krb/one.c
+++ b/kerberosIV/krb/one.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: one.c,v 1.3 1997/12/09 07:57:32 art Exp $ */
/*
Copyright (C) 1989 by the Massachusetts Institute of Technology
diff --git a/kerberosIV/krb/parse_name.c b/kerberosIV/krb/parse_name.c
index 281a3389391..6c7f3366f66 100644
--- a/kerberosIV/krb/parse_name.c
+++ b/kerberosIV/krb/parse_name.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: parse_name.c,v 1.2 1997/12/09 07:57:33 art Exp $ */
/* $KTH: parse_name.c,v 1.4 1997/04/01 08:18:39 joda Exp $ */
/*
@@ -47,11 +48,15 @@ krb_parse_name(const char *fullname, krb_principal *principal)
char *ns, *np;
enum {n, i, r} pos = n;
int quote = 0;
+
+ if (principal == NULL)
+ return KFAILURE;
+
ns = np = principal->name;
- principal->name[0] = 0;
- principal->instance[0] = 0;
- principal->realm[0] = 0;
+ principal->name[0] = '\0';
+ principal->instance[0] = '\0';
+ principal->realm[0] = '\0';
for(p = fullname; *p; p++){
if(np - ns == ANAME_SZ - 1) /* XXX they have the same size */
@@ -75,7 +80,7 @@ krb_parse_name(const char *fullname, krb_principal *principal)
*np++ = *p;
}
*np = 0;
- if(quote || principal->name[0] == 0)
+ if(quote || principal->name[0] == '\0')
return KNAME_FMT;
return KSUCCESS;
}
@@ -86,10 +91,14 @@ kname_parse(char *np, char *ip, char *rp, char *fullname)
krb_principal p;
int ret;
if((ret = krb_parse_name(fullname, &p)) == 0){
- strcpy(np, p.name);
- strcpy(ip, p.instance);
- if(p.realm[0])
- strcpy(rp, p.realm);
+ strncpy(np, p.name, ANAME_SZ);
+ np[ANAME_SZ-1] = '\0';
+ strncpy(ip, p.instance, INST_SZ);
+ ip[INST_SZ-1] = '\0';
+ if(p.realm[0] != '\0'){
+ strncpy(rp, p.realm, REALM_SZ);
+ rp[REALM_SZ-1] = '\0';
+ }
}
return ret;
}
@@ -104,7 +113,7 @@ k_isname(char *s)
char c;
int backslash = 0;
- if (!*s)
+ if (s[0] == '\0')
return 0;
if (strlen(s) > ANAME_SZ - 1)
return 0;
@@ -177,7 +186,7 @@ k_isrealm(char *s)
char c;
int backslash = 0;
- if (!*s)
+ if (s[0] == '\0')
return 0;
if (strlen(s) > REALM_SZ - 1)
return 0;
diff --git a/kerberosIV/krb/rd_err.c b/kerberosIV/krb/rd_err.c
index c1024ace9e3..38508825873 100644
--- a/kerberosIV/krb/rd_err.c
+++ b/kerberosIV/krb/rd_err.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: rd_err.c,v 1.3 1997/12/09 07:57:33 art Exp $ */
/* $KTH: rd_err.c,v 1.8 1997/04/01 08:18:40 joda Exp $ */
/*
@@ -63,6 +64,9 @@ krb_rd_err(u_char *in, u_int32_t in_length, int32_t *code, MSG_DAT *m_data)
unsigned char pvno, type;
int little_endian;
+ if (p == NULL)
+ return KFAILURE;
+
pvno = *p++;
if(pvno != KRB_PROT_VERSION)
return RD_AP_VERSION;
diff --git a/kerberosIV/krb/rd_priv.c b/kerberosIV/krb/rd_priv.c
index 9c8c6327dcf..efba87e8014 100644
--- a/kerberosIV/krb/rd_priv.c
+++ b/kerberosIV/krb/rd_priv.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: rd_priv.c,v 1.4 1997/12/09 07:57:33 art Exp $ */
/* $KTH: rd_priv.c,v 1.24 1997/05/14 17:53:29 joda Exp $ */
/*
@@ -75,6 +76,9 @@ krb_rd_priv(void *in, u_int32_t in_length,
unsigned char pvno, type;
+ if (p == NULL)
+ return KFAILURE;
+
pvno = *p++;
if(pvno != KRB_PROT_VERSION)
return RD_AP_VERSION;
diff --git a/kerberosIV/krb/rd_req.c b/kerberosIV/krb/rd_req.c
index adcbabe8937..2072c0519e1 100644
--- a/kerberosIV/krb/rd_req.c
+++ b/kerberosIV/krb/rd_req.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: rd_req.c,v 1.5 1997/12/09 07:57:34 art Exp $ */
/* $KTH: rd_req.c,v 1.24 1997/05/11 11:05:28 assar Exp $ */
/*
@@ -217,9 +218,12 @@ krb_rd_req(KTEXT authent, /* The received message */
return(RD_AP_UNDEC);
if ((status = krb_set_key((char*)skey, 0)))
return(status);
- strcpy(st_rlm, realm);
- strcpy(st_nam, service);
- strcpy(st_inst, instance);
+ strncpy(st_rlm, realm, REALM_SZ);
+ st_rlm[REALM_SZ-1] = '\0';
+ strncpy(st_nam, service, SNAME_SZ);
+ st_nam[SNAME_SZ-1] = '\0';
+ strncpy(st_inst, instance, INST_SZ);
+ st_inst[INST_SZ-1] = '\0';
}
tkt->length = *p++;
diff --git a/kerberosIV/krb/rd_safe.c b/kerberosIV/krb/rd_safe.c
index 90d97b06365..eb66c799237 100644
--- a/kerberosIV/krb/rd_safe.c
+++ b/kerberosIV/krb/rd_safe.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: rd_safe.c,v 1.4 1997/12/09 07:57:34 art Exp $ */
/* $KTH: rd_safe.c,v 1.24 1997/04/19 23:18:20 joda Exp $ */
/*
@@ -55,6 +56,9 @@ void
fixup_quad_cksum(void *start, size_t len, des_cblock *key,
void *new_checksum, void *old_checksum, int little)
{
+ if (old_checksum == NULL || new_checksum == NULL)
+ return;
+
des_quad_cksum((des_cblock*)start, (des_cblock*)new_checksum, len, 2, key);
if(HOST_BYTE_ORDER){
if(little){
@@ -117,6 +121,8 @@ krb_rd_safe(void *in, u_int32_t in_length, des_cblock *key,
u_int32_t src_addr;
int delta_t;
+ if (p == NULL)
+ return KFAILURE;
pvno = *p++;
if(pvno != KRB_PROT_VERSION)
diff --git a/kerberosIV/krb/read_service_key.c b/kerberosIV/krb/read_service_key.c
index 5bee36177f2..1960c255950 100644
--- a/kerberosIV/krb/read_service_key.c
+++ b/kerberosIV/krb/read_service_key.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: read_service_key.c,v 1.3 1997/12/09 07:57:35 art Exp $ */
/* $KTH: read_service_key.c,v 1.8 1997/03/23 03:53:16 joda Exp $ */
/*
@@ -73,7 +74,10 @@ read_service_key(char *service, /* Service Name */
int stab;
if ((stab = open(file, O_RDONLY, 0)) < 0)
- return(KFAILURE);
+ return KFAILURE;
+
+ if (instance == NULL)
+ return KFAILURE;
wcard = (instance[0] == '*') && (instance[1] == '\0');
@@ -83,15 +87,15 @@ read_service_key(char *service, /* Service Name */
/* Vers number */
if (read(stab, &vno, 1) != 1) {
close(stab);
- return(KFAILURE);
+ return KFAILURE;
}
/* Key */
if (read(stab,key,8) != 8) {
close(stab);
- return(KFAILURE);
+ return KFAILURE;
}
/* Is this the right service */
- if (strcmp(serv,service))
+ if (service != NULL && strcmp(serv,service))
continue;
/* How about instance */
if (!wcard && strcmp(inst,instance))
@@ -99,7 +103,7 @@ read_service_key(char *service, /* Service Name */
if (wcard)
strncpy(instance,inst,INST_SZ);
/* Is this the right realm */
- if (strcmp(rlm,realm))
+ if (realm != NULL && strcmp(rlm,realm))
continue;
/* How about the key version number */
@@ -107,7 +111,7 @@ read_service_key(char *service, /* Service Name */
continue;
close(stab);
- return(KSUCCESS);
+ return KSUCCESS;
}
/* Can't find the requested service */
diff --git a/kerberosIV/krb/realm_parse.c b/kerberosIV/krb/realm_parse.c
index 8ce892c1835..18c46921790 100644
--- a/kerberosIV/krb/realm_parse.c
+++ b/kerberosIV/krb/realm_parse.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: realm_parse.c,v 1.2 1997/12/09 07:57:35 art Exp $ */
/* $KTH: realm_parse.c,v 1.10 1997/06/01 03:14:50 assar Exp $ */
/*
@@ -55,6 +56,8 @@ realm_parse(char *realm, int length, const char *file)
p = strtok_r(tr, " \t\n\r", &unused);
if(p && strcasecmp(p, realm) == 0){
fclose(F);
+ if (realm == NULL)
+ return -1;
strncpy(realm, p, length);
return 0;
}
@@ -73,7 +76,7 @@ krb_realm_parse(char *realm, int length)
const char *dir = getenv("KRBCONFDIR");
/* First try user specified file */
- if (dir != 0) {
+ if (dir != 0 && getuid() != geteuid()) {
char fname[MAXPATHLEN];
if(k_concat(fname, sizeof(fname), dir, "/krb.conf", NULL) == 0)
diff --git a/kerberosIV/krb/recvauth.c b/kerberosIV/krb/recvauth.c
index 70e3df67f79..d4a360f3cdb 100644
--- a/kerberosIV/krb/recvauth.c
+++ b/kerberosIV/krb/recvauth.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: recvauth.c,v 1.4 1997/12/09 07:57:36 art Exp $ */
/* $KTH: recvauth.c,v 1.18 1997/07/05 01:35:15 assar Exp $ */
/*
diff --git a/kerberosIV/krb/resolve.c b/kerberosIV/krb/resolve.c
index 2fe607d13af..c9c85e2c659 100644
--- a/kerberosIV/krb/resolve.c
+++ b/kerberosIV/krb/resolve.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: resolve.c,v 1.2 1997/12/09 07:57:36 art Exp $ */
/* $KTH: resolve.c,v 1.12 1997/10/28 15:37:39 bg Exp $ */
/*
@@ -84,18 +85,26 @@ void
dns_free_data(struct dns_reply *r)
{
struct resource_record *rr;
- if(r->q.domain)
+ if(r->q.domain){
free(r->q.domain);
+ r->q.domain = NULL;
+ }
for(rr = r->head; rr;){
struct resource_record *tmp = rr;
- if(rr->domain)
+ if(rr->domain){
free(rr->domain);
- if(rr->u.data)
+ rr->domain = NULL;
+ }
+ if(rr->u.data){
free(rr->u.data);
+ rr->u.data = NULL;
+ }
rr = rr->next;
free(tmp);
+ tmp = NULL;
}
free (r);
+ r = NULL;
}
static struct dns_reply*
@@ -109,6 +118,10 @@ parse_reply(unsigned char *data, int len)
struct resource_record **rr;
r = (struct dns_reply*)malloc(sizeof(struct dns_reply));
+
+ if (r == NULL)
+ return NULL;
+
memset(r, 0, sizeof(struct dns_reply));
p = data;
@@ -170,7 +183,8 @@ parse_reply(unsigned char *data, int len)
(*rr)->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) +
strlen(host));
(*rr)->u.mx->preference = (p[0] << 8) | p[1];
- strcpy((*rr)->u.mx->domain, host);
+ strncpy((*rr)->u.mx->domain, host, MAXHOSTNAMELEN);
+ (*rr)->u.mx->domain[MAXHOSTNAMELEN-1] = '\0';
break;
}
case T_SRV:{
@@ -185,7 +199,8 @@ parse_reply(unsigned char *data, int len)
(*rr)->u.srv->priority = (p[0] << 8) | p[1];
(*rr)->u.srv->weight = (p[2] << 8) | p[3];
(*rr)->u.srv->port = (p[4] << 8) | p[5];
- strcpy((*rr)->u.srv->target, host);
+ strncpy((*rr)->u.srv->target, host, MAXHOSTNAMELEN);
+ (*rr)->u.srv->target[MAXHOSTNAMELEN-1] = '\0';
break;
}
case T_TXT:{
diff --git a/kerberosIV/krb/rw.c b/kerberosIV/krb/rw.c
index 7ee546050a2..f032f83b2e7 100644
--- a/kerberosIV/krb/rw.c
+++ b/kerberosIV/krb/rw.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: rw.c,v 1.2 1997/12/09 07:57:37 art Exp $ */
/* $KTH: rw.c,v 1.8 1997/04/01 08:18:44 joda Exp $ */
/*
@@ -51,6 +52,9 @@ krb_get_int(void *f, u_int32_t *to, int size, int lsb)
int i;
unsigned char *from = (unsigned char *)f;
+ if (from == NULL)
+ return 0;
+
*to = 0;
if(lsb){
for(i = size-1; i >= 0; i--)
@@ -67,6 +71,10 @@ krb_put_int(u_int32_t from, void *to, int size)
{
int i;
unsigned char *p = (unsigned char *)to;
+
+ if (p == NULL)
+ return 0;
+
for(i = size - 1; i >= 0; i--){
p[i] = from & 0xff;
from >>= 8;
@@ -81,6 +89,10 @@ int
krb_get_address(void *from, u_int32_t *to)
{
unsigned char *p = (unsigned char*)from;
+
+ if (from == NULL || p == NULL)
+ return 0;
+
*to = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
return 4;
}
@@ -94,6 +106,8 @@ krb_put_address(u_int32_t addr, void *to)
int
krb_put_string(char *from, void *to)
{
+ if (to == NULL || from == NULL)
+ return 0;
strcpy((char *)to, from);
return strlen(from) + 1;
}
@@ -109,6 +123,9 @@ krb_get_nir(void *from, char *name, char *instance, char *realm)
{
char *p = (char *)from;
+ if (p == NULL)
+ return 0;
+
p += krb_get_string(p, name);
p += krb_get_string(p, instance);
if(realm)
@@ -120,6 +137,9 @@ int
krb_put_nir(char *name, char *instance, char *realm, void *to)
{
char *p = (char *)to;
+ if (p == NULL)
+ return 0;
+
p += krb_put_string(name, p);
p += krb_put_string(instance, p);
if(realm)
diff --git a/kerberosIV/krb/save_credentials.c b/kerberosIV/krb/save_credentials.c
index d9ef94b449d..186640d008d 100644
--- a/kerberosIV/krb/save_credentials.c
+++ b/kerberosIV/krb/save_credentials.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: save_credentials.c,v 1.3 1997/12/09 07:57:38 art Exp $ */
/* $KTH: save_credentials.c,v 1.5 1997/03/23 03:53:17 joda Exp $ */
/*
diff --git a/kerberosIV/krb/send_to_kdc.c b/kerberosIV/krb/send_to_kdc.c
index f7a5865ad93..3f04c5865d1 100644
--- a/kerberosIV/krb/send_to_kdc.c
+++ b/kerberosIV/krb/send_to_kdc.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: send_to_kdc.c,v 1.5 1997/12/09 07:57:38 art Exp $ */
/* $KTH: send_to_kdc.c,v 1.47 1997/11/07 17:31:38 bg Exp $ */
/*
@@ -91,8 +92,10 @@ send_to_kdc(KTEXT pkt, KTEXT rpkt, char *realm)
* If "realm" is non-null, use that, otherwise get the
* local realm.
*/
- if (realm)
- strcpy(lrealm, realm);
+ if (realm != NULL){
+ strncpy(lrealm, realm, REALM_SZ);
+ lrealm[REALM_SZ-1] = '\0';
+ }
else
if (krb_get_lrealm(lrealm,1)) {
if (krb_debug)
@@ -163,6 +166,7 @@ send_to_kdc(KTEXT pkt, KTEXT rpkt, char *realm)
retval = SKDC_RETRY;
rtn:
free(hosts);
+ hosts = NULL;
return(retval);
}
@@ -210,6 +214,8 @@ static int udptcp_recv(void *buf, size_t len, KTEXT rpkt)
static int url_parse(const char *url, char *host, size_t len, short *port)
{
const char *p;
+ if (url == NULL || host == NULL)
+ return -1;
if(strncmp(url, "http://", 7))
return -1;
url += 7;
@@ -232,17 +238,24 @@ static int url_parse(const char *url, char *host, size_t len, short *port)
static int http_connect(int s, struct sockaddr_in *adr)
{
char *proxy = getenv(PROXY_VAR);
- char host[MAXHOSTNAMELEN + 1];
+ char host[MAXHOSTNAMELEN];
short port;
struct hostent *hp;
struct sockaddr_in sin;
+
+ if (adr == NULL)
+ return -1;
+
if(proxy == NULL)
return tcp_connect(s, adr);
+
if(url_parse(proxy, host, sizeof(host), &port) < 0)
return -1;
+
hp = gethostbyname(host);
if(hp == NULL)
return -1;
+
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
memcpy(&sin.sin_addr, hp->h_addr, sizeof(sin.sin_addr));
@@ -257,19 +270,27 @@ static int http_send(int s, struct sockaddr_in* adr, KTEXT pkt)
base64_encode(pkt->dat, pkt->length, &str);
if(getenv(PROXY_VAR)){
- asprintf(&msg, "GET http://%s:%d/%s HTTP/1.0\r\n\r\n",
- inet_ntoa(adr->sin_addr),
- ntohs(adr->sin_port),
- str);
+ if (asprintf(&msg, "GET http://%s:%d/%s HTTP/1.0\r\n\r\n",
+ inet_ntoa(adr->sin_addr),
+ ntohs(adr->sin_port),
+ str) == -1)
+ return -1;
}else
- asprintf(&msg, "GET %s HTTP/1.0\r\n\r\n", str);
+ if (asprintf(&msg, "GET %s HTTP/1.0\r\n\r\n", str) == -1){
+ free(str);
+ str = NULL;
+ return -1;
+ }
free(str);
+ str = NULL;
if(send(s, msg, strlen(msg), 0) != strlen(msg)){
free(msg);
+ msg = NULL;
return -1;
}
free(msg);
+ msg = NULL;
return 0;
}
@@ -282,12 +303,19 @@ static int http_recv(void *buf, size_t len, KTEXT rpkt)
p = strstr(tmp, "\r\n\r\n");
if(p == NULL){
free(tmp);
+ tmp = NULL;
return -1;
}
p += 4;
+ if (p >= tmp+len){
+ free(tmp);
+ tmp = NULL;
+ return -1;
+ }
memcpy(rpkt->dat, p, (tmp + len) - p);
rpkt->length = (tmp + len) - p;
free(tmp);
+ tmp = NULL;
return 0;
}
diff --git a/kerberosIV/krb/sendauth.c b/kerberosIV/krb/sendauth.c
index 96ff7c30ba5..d0c71d3e1b4 100644
--- a/kerberosIV/krb/sendauth.c
+++ b/kerberosIV/krb/sendauth.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: sendauth.c,v 1.4 1997/12/09 07:57:38 art Exp $ */
/* $KTH: sendauth.c,v 1.15 1997/04/18 14:11:36 joda Exp $ */
/*
@@ -148,6 +149,8 @@ krb_sendauth(int32_t options, /* bit-pattern of options */
else
strncpy (inst, krb_get_phost(instance), sizeof(inst));
+ inst[sizeof(inst)-1] = '\0';
+
ret = krb_get_cred (service, inst, realm, cred);
if (ret != KSUCCESS)
return ret;
diff --git a/kerberosIV/krb/stime.c b/kerberosIV/krb/stime.c
index b3f5ce270ec..7102a3b8853 100644
--- a/kerberosIV/krb/stime.c
+++ b/kerberosIV/krb/stime.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: stime.c,v 1.2 1997/12/09 07:57:39 art Exp $ */
/* $KTH: stime.c,v 1.6 1997/05/02 14:29:20 assar Exp $ */
/*
diff --git a/kerberosIV/krb/str2key.c b/kerberosIV/krb/str2key.c
index 8e967a63610..8aebe070afd 100644
--- a/kerberosIV/krb/str2key.c
+++ b/kerberosIV/krb/str2key.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: str2key.c,v 1.5 1997/12/09 07:57:39 art Exp $ */
/* $KTH: str2key.c,v 1.10 1997/03/23 03:53:19 joda Exp $ */
/* This defines the Andrew string_to_key function. It accepts a password
@@ -11,7 +12,7 @@
static void
mklower(char *s)
{
- for (; *s; s++)
+ for (; s[0] != '\0'; s++)
if ('A' <= *s && *s <= 'Z')
*s = *s - 'A' + 'a';
}
@@ -26,10 +27,11 @@ afs_cmu_StringToKey (char *str, char *cell, des_cblock *key)
int i;
int passlen;
- memset (key, 0, sizeof(key));
+ memset(key, 0, sizeof(key));
memset(password, 0, sizeof(password));
strncpy (password, cell, 8);
+ password[8] = '\0';
passlen = strlen (str);
if (passlen > 8) passlen = 8;
@@ -70,6 +72,7 @@ afs_transarc_StringToKey (char *str, char *cell, des_cblock *key)
int passlen;
strncpy (password, str, sizeof(password));
+ password[sizeof(password)-1] = '\0';
if ((passlen = strlen (password)) < sizeof(password)-1)
strncat (password, cell, sizeof(password)-passlen);
if ((passlen = strlen(password)) > sizeof(password)) passlen = sizeof(password);
diff --git a/kerberosIV/krb/strtok_r.c b/kerberosIV/krb/strtok_r.c
index 30c4874d469..8da8c9d57a0 100644
--- a/kerberosIV/krb/strtok_r.c
+++ b/kerberosIV/krb/strtok_r.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: strtok_r.c,v 1.2 1997/12/09 07:57:40 art Exp $ */
/* $KTH: strtok_r.c,v 1.4 1997/05/19 03:05:47 assar Exp $ */
/*
diff --git a/kerberosIV/krb/tf_util.c b/kerberosIV/krb/tf_util.c
index f37c2f242d6..70c75f0f493 100644
--- a/kerberosIV/krb/tf_util.c
+++ b/kerberosIV/krb/tf_util.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: tf_util.c,v 1.3 1997/12/09 07:57:40 art Exp $ */
/* $KTH: tf_util.c,v 1.25 1997/11/04 09:44:28 bg Exp $ */
/*
diff --git a/kerberosIV/krb/tkt_string.c b/kerberosIV/krb/tkt_string.c
index 5bc67e2562c..2795995035e 100644
--- a/kerberosIV/krb/tkt_string.c
+++ b/kerberosIV/krb/tkt_string.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: tkt_string.c,v 1.5 1997/12/09 07:57:41 art Exp $ */
/* $KTH: tkt_string.c,v 1.11 1997/10/24 10:18:07 assar Exp $ */
/*
@@ -44,7 +45,7 @@ tkt_string(void)
{
char *env;
- if (!*krb_ticket_string) {
+ if (krb_ticket_string[0] == '\0') {
if ((env = getenv("KRBTKFILE"))) {
strncpy(krb_ticket_string, env,
sizeof(krb_ticket_string)-1);
diff --git a/kerberosIV/krb/unparse_name.c b/kerberosIV/krb/unparse_name.c
index e7cde58fda7..2b74e030156 100644
--- a/kerberosIV/krb/unparse_name.c
+++ b/kerberosIV/krb/unparse_name.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: unparse_name.c,v 1.2 1997/12/09 07:57:41 art Exp $ */
/* $KTH: unparse_name.c,v 1.7 1997/04/01 08:18:46 joda Exp $ */
/*
@@ -59,11 +60,13 @@ krb_unparse_name_r(krb_principal *pr, char *fullname)
{
quote_string("'@\\", pr->name, fullname);
if(pr->instance[0]){
- strcat(fullname, ".");
+ strncat(fullname, ".", MAXPATHLEN);
+ fullname[MAXPATHLEN-1] = '\0';
quote_string("@\\", pr->instance, fullname + strlen(fullname));
}
if(pr->realm[0]){
- strcat(fullname, "@");
+ strncat(fullname, "@", MAXPATHLEN);
+ fullname[MAXPATHLEN-1] = '\0';
quote_string("\\", pr->realm, fullname + strlen(fullname));
}
return fullname;
@@ -75,11 +78,16 @@ krb_unparse_name_long_r(char *name, char *instance, char *realm,
{
krb_principal pr;
memset(&pr, 0, sizeof(pr));
- strcpy(pr.name, name);
- if(instance)
- strcpy(pr.instance, instance);
- if(realm)
- strcpy(pr.realm, realm);
+ strncpy(pr.name, name, ANAME_SZ-1);
+ pr.name[ANAME_SZ-1] = '\0';
+ if(instance != NULL){
+ strncpy(pr.instance, instance, INST_SZ-1);
+ pr.instance[INST_SZ-1] = '\0';
+ }
+ if(realm != NULL){
+ strncpy(pr.realm, realm, REALM_SZ-1);
+ pr.realm[REALM_SZ-1] = '\0';
+ }
return krb_unparse_name_r(&pr, fullname);
}
@@ -96,10 +104,15 @@ krb_unparse_name_long(char *name, char *instance, char *realm)
{
krb_principal pr;
memset(&pr, 0, sizeof(pr));
- strcpy(pr.name, name);
- if(instance)
- strcpy(pr.instance, instance);
- if(realm)
- strcpy(pr.realm, realm);
+ strncpy(pr.name, name, ANAME_SZ-1);
+ pr.name[ANAME_SZ-1] = '\0';
+ if(instance != NULL){
+ strncpy(pr.instance, instance, INST_SZ-1);
+ pr.instance[INST_SZ-1] = '\0';
+ }
+ if(realm != NULL){
+ strncpy(pr.realm, realm, REALM_SZ-1);
+ pr.realm[REALM_SZ-1] = '\0';
+ }
return krb_unparse_name(&pr);
}
diff --git a/kerberosIV/krb/util.c b/kerberosIV/krb/util.c
index b187276ffd7..334e6079337 100644
--- a/kerberosIV/krb/util.c
+++ b/kerberosIV/krb/util.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: util.c,v 1.2 1997/12/09 07:57:42 art Exp $ */
/* $KTH: util.c,v 1.6 1996/10/05 00:18:34 joda Exp $ */
/*
diff --git a/kerberosIV/krb/verify_user.c b/kerberosIV/krb/verify_user.c
index 0058a00a64f..55175d3af42 100644
--- a/kerberosIV/krb/verify_user.c
+++ b/kerberosIV/krb/verify_user.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: verify_user.c,v 1.2 1997/12/09 07:57:42 art Exp $ */
/* $KTH: verify_user.c,v 1.8 1997/04/01 08:18:46 joda Exp $ */
/*
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-28 22:16:10 +0000