Get rid of strcat() and strcpy(), fixing a potential stack overflow.

With help and ok deraadt@, millert@, oga@.
author: Matthieu Herrb <matthieu@cvs.openbsd.org> 2008-03-20 20:45:11 +0000
committer: Matthieu Herrb <matthieu@cvs.openbsd.org> 2008-03-20 20:45:11 +0000
commit: 7345197aaeb25e63dab8fab28a5a94e53e2d30a1 (patch)
tree: f7cf390947fcbbbe7efb3f0b134b887a8c96094c /app/ssh-askpass/resources.c
parent: df8be2bf52dea73cda8e929f68e8636dc11e58f0 (diff)
1 files changed, 16 insertions, 6 deletions
diff --git a/app/ssh-askpass/resources.c b/app/ssh-askpass/resources.c
index 6553267ac..a39b0110b 100644
--- a/app/ssh-askpass/resources.c
+++ b/app/ssh-askpass/resources.c
@@ -53,12 +53,22 @@ get_string_resource (char *res_name, char *res_class)
   XrmValue value;
   char	*type;
   char full_name [1024], full_class [1024];
-  strcpy (full_name, progname);
-  strcat (full_name, ".");
-  strcat (full_name, res_name);
-  strcpy (full_class, progclass);
-  strcat (full_class, ".");
-  strcat (full_class, res_class);
+  int result;
+
+  result = snprintf(full_name, sizeof(full_name), "%s.%s", 
+      progname, res_name);
+  if (result == -1 || result >= sizeof(full_name)) {
+	  fprintf(stderr, "%s: resource name too long: %s.%s\n", progname,
+	      progname, res_name);
+	  return 0;
+  }
+  result = snprintf(full_class, sizeof(full_class), "%s.%s", 
+      progclass, res_class);
+  if (result == -1 || result >= sizeof(full_class)) {
+	 fprintf(stderr, "%s: resource name too long: %s.%s\n", progname,
+	      progclass, res_class);
+	  return 0;
+  }
   if (XrmGetResource (db, full_name, full_class, &type, &value))
     {
       char *str = (char *) malloc (value.size + 1);
author	Matthieu Herrb <matthieu@cvs.openbsd.org>	2008-03-20 20:45:11 +0000
committer	Matthieu Herrb <matthieu@cvs.openbsd.org>	2008-03-20 20:45:11 +0000
commit	7345197aaeb25e63dab8fab28a5a94e53e2d30a1 (patch)
tree	f7cf390947fcbbbe7efb3f0b134b887a8c96094c /app/ssh-askpass/resources.c
parent	df8be2bf52dea73cda8e929f68e8636dc11e58f0 (diff)