[SCM] Samba Shared Repository - branch master updated

Thu, 28 Nov 2013 05:36:07 -0800 

The branch, master has been updated
       via  ffae8a1 pam_winbind: Use strlcat in safe_append_string
       via  13550a2 replace: Don't run over dst in strlcat
      from  e2db9c5 ctdb:tests: in the stub "ip link show" command use echo 
instead of cat

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit ffae8a13b62433e5b74f1bc317db6c9979718cbb
Author: Volker Lendecke <[email protected]>
Date:   Thu Nov 28 09:37:47 2013 +0100

    pam_winbind: Use strlcat in safe_append_string
    
    We have that available via libreplace, so use it.
    
    Signed-off-by: Volker Lendecke <[email protected]>
    Reviewed-by: David Disseldorp <[email protected]>
    
    Autobuild-User(master): David Disseldorp <[email protected]>
    Autobuild-Date(master): Thu Nov 28 14:33:32 CET 2013 on sn-devel-104

commit 13550a2b5eed57084a5d9671d9493a9a2e08d7e3
Author: Volker Lendecke <[email protected]>
Date:   Thu Nov 28 09:33:59 2013 +0100

    replace: Don't run over dst in strlcat
    
    If "d" is not 0-terminated, the pure strlen will read beyond the end
    of the given bufsize. strlcat in libbsd deliberately avoids this, so we
    should do the same.
    
    Signed-off-by: Volker Lendecke <[email protected]>
    Reviewed-by: David Disseldorp <[email protected]>

-----------------------------------------------------------------------

Summary of changes:
 lib/replace/replace.c  |    2 +-
 nsswitch/pam_winbind.c |   12 +++---------
 2 files changed, 4 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 37edb31..effe5de 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -84,7 +84,7 @@ size_t rep_strlcpy(char *d, const char *s, size_t bufsize)
    be one more than the maximum resulting string length */
 size_t rep_strlcat(char *d, const char *s, size_t bufsize)
 {
-       size_t len1 = strlen(d);
+       size_t len1 = strnlen(d, bufsiz);
        size_t len2 = strlen(s);
        size_t ret = len1 + len2;
 
diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index 2e37662..9322971 100644
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -1043,15 +1043,9 @@ static bool safe_append_string(char *dest,
                               const char *src,
                               int dest_buffer_size)
 {
-       int dest_length = strlen(dest);
-       int src_length = strlen(src);
-
-       if (dest_length + src_length + 1 > dest_buffer_size) {
-               return false;
-       }
-
-       memcpy(dest + dest_length, src, src_length + 1);
-       return true;
+       size_t len;
+       len = strlcat(dest, src, dest_buffer_size);
+       return (len < dest_buffer_size);
 }
 
 /**


-- 
Samba Shared Repository

Reply via email to