From 9c13063ca6f2b176f231d4d30482ebb7c4cd8c1d Mon Sep 17 00:00:00 2001
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Thu, 29 Sep 2005 20:40:36 +0000
Subject: bounded string handlings; ok otto

---
 gnu/usr.bin/ld/ldconfig/ldconfig.c |  8 ++++----
 gnu/usr.bin/ld/rrs.c               | 16 ++++++++++------
 2 files changed, 14 insertions(+), 10 deletions(-)

(limited to 'gnu/usr.bin/ld')

diff --git a/gnu/usr.bin/ld/ldconfig/ldconfig.c b/gnu/usr.bin/ld/ldconfig/ldconfig.c
index 7d4380a6452..363cc01d7aa 100644
--- a/gnu/usr.bin/ld/ldconfig/ldconfig.c
+++ b/gnu/usr.bin/ld/ldconfig/ldconfig.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ldconfig.c,v 1.17 2004/08/14 03:08:24 drahn Exp $	*/
+/*	$OpenBSD: ldconfig.c,v 1.18 2005/09/29 20:40:35 deraadt Exp $	*/
 
 /*
  * Copyright (c) 1993,1995 Paul Kranenburg
@@ -361,11 +361,11 @@ buildhints(void)
 
 		/* Insert strings in string table */
 		bp->hi_namex = str_index;
-		strcpy(strtab + str_index, shp->name);
+		strlcpy(strtab + str_index, shp->name, strtab_sz - str_index);
 		str_index += 1 + strlen(shp->name);
 
 		bp->hi_pathx = str_index;
-		strcpy(strtab + str_index, shp->path);
+		strlcpy(strtab + str_index, shp->path, strtab_sz - str_index);
 		str_index += 1 + strlen(shp->path);
 
 		/* Copy versions */
@@ -374,7 +374,7 @@ buildhints(void)
 	}
 
 	/* Copy search directories */
-	strcpy(strtab + str_index, dir_list);
+	strlcpy(strtab + str_index, dir_list, strtab_sz - str_index);
 	str_index += 1 + strlen(dir_list);
 
 	/* Sanity check */
diff --git a/gnu/usr.bin/ld/rrs.c b/gnu/usr.bin/ld/rrs.c
index b062d24cc57..9af8f3c2619 100644
--- a/gnu/usr.bin/ld/rrs.c
+++ b/gnu/usr.bin/ld/rrs.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rrs.c,v 1.10 2002/09/07 01:25:34 marc Exp $*/
+/*	$OpenBSD: rrs.c,v 1.11 2005/09/29 20:40:35 deraadt Exp $*/
 /*
  * Copyright (c) 1993 Paul Kranenburg
  * All rights reserved.
@@ -1037,7 +1037,7 @@ write_rrs_text(void)
 	nlp->nz_value = dynamic_symbol->value;
 	nlp->nz_value = dynamic_symbol->value;
 	nlp->nz_strx = offset;
-	strcpy(rrs_strtab + offset, dynamic_symbol->name);
+	strlcpy(rrs_strtab + offset, dynamic_symbol->name, rrs_strtab_size - offset);
 	offset += 1 + strlen(dynamic_symbol->name);
 	INCR_NLP(nlp);
 
@@ -1060,7 +1060,8 @@ write_rrs_text(void)
 			nlp->nz_other = 0;
 			nlp->nz_desc = 0;
 			nlp->nz_size = 0;
-			strcpy(rrs_strtab + offset, sp->warning);
+			strlcpy(rrs_strtab + offset, sp->warning,
+			    rrs_strtab_size - offset);
 			offset += 1 + strlen(sp->warning);
 			INCR_NLP(nlp);
 
@@ -1070,7 +1071,8 @@ write_rrs_text(void)
 			nlp->nz_other = 0;
 			nlp->nz_desc = 0;
 			nlp->nz_size = 0;
-			strcpy(rrs_strtab + offset, sp->name);
+			strlcpy(rrs_strtab + offset, sp->name,
+			    rrs_strtab_size - offset);
 			offset += 1 + strlen(sp->name);
 			INCR_NLP(nlp);
 		}
@@ -1149,7 +1151,8 @@ write_rrs_text(void)
 
 		/* Set symbol's name */
 		nlp->nz_strx = offset;
-		strcpy(rrs_strtab + offset, sp->name);
+		strlcpy(rrs_strtab + offset, sp->name,
+		    rrs_strtab_size - offset);
 		offset += 1 + strlen(sp->name);
 
 		if (sp->alias) {
@@ -1166,7 +1169,8 @@ write_rrs_text(void)
 			nlp->nz_other = 0;
 			nlp->nz_desc = 0;
 			nlp->nz_size = 0;
-			strcpy(rrs_strtab + offset, sp->alias->name);
+			strlcpy(rrs_strtab + offset, sp->alias->name,
+			    rrs_strtab_size - offset);
 			offset += 1 + strlen(sp->alias->name);
 		}
 
-- 
cgit v1.2.3