Skip to content

L
lxc
Unverified Commit 1076f938 by Donghwa Jeong Committed by Christian Brauner
Options

secure coding: strcat => strncat

Signed-off-by: 's avatarDonghwa Jeong <dh48.jeong@samsung.com>
parent 9bb379ba
Showing with 41 additions and 26 deletions
src/lxc/conf.c
...@@ -856,8 +856,8 @@ static bool append_ttyname(char **pp, char *name) ...@@ -856,8 +856,8 @@ static bool append_ttyname(char **pp, char *name)
return false; return false;
*pp = p; *pp = p;
strcat(p, " "); strncat(p, " ", 1);
strcat(p, name); strncat(p, name, strlen(name));
return true; return true;
} }
...@@ -1788,9 +1788,10 @@ static int lxc_setup_console(const struct lxc_rootfs *rootfs, ...@@ -1788,9 +1788,10 @@ static int lxc_setup_console(const struct lxc_rootfs *rootfs,
return lxc_setup_ttydir_console(rootfs, console, ttydir); return lxc_setup_ttydir_console(rootfs, console, ttydir);
} }
static void parse_mntopt(char *opt, unsigned long *flags, char **data) static void parse_mntopt(char *opt, unsigned long *flags, char **data, size_t size)
{ {
struct mount_opt *mo; struct mount_opt *mo;
size_t cursize;
/* If opt is found in mount_opt, set or clear flags. /* If opt is found in mount_opt, set or clear flags.
* Otherwise append it to data. */ * Otherwise append it to data. */
...@@ -1805,15 +1806,23 @@ static void parse_mntopt(char *opt, unsigned long *flags, char **data) ...@@ -1805,15 +1806,23 @@ static void parse_mntopt(char *opt, unsigned long *flags, char **data)
} }
} }
if (strlen(*data)) cursize = strlen(*data);
strcat(*data, ","); if (cursize)
strcat(*data, opt); cursize += 1;
if (size - cursize > 1) {
if (cursize)
strncat(*data, ",", 1);
strncat(*data, opt, size - cursize - 1);
}
} }
int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata) int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata)
{ {
char *data, *p, *s; char *data, *p, *s;
char *saveptr = NULL; char *saveptr = NULL;
size_t size;
*mntdata = NULL; *mntdata = NULL;
*mntflags = 0L; *mntflags = 0L;
...@@ -1825,7 +1834,8 @@ int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata) ...@@ -1825,7 +1834,8 @@ int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata)
if (!s) if (!s)
return -1; return -1;
data = malloc(strlen(s) + 1); size = strlen(s) + 1;
data = malloc(size);
if (!data) { if (!data) {
free(s); free(s);
return -1; return -1;
...@@ -1833,7 +1843,7 @@ int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata) ...@@ -1833,7 +1843,7 @@ int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata)
*data = 0; *data = 0;
for (; (p = strtok_r(s, ",", &saveptr)); s = NULL) for (; (p = strtok_r(s, ",", &saveptr)); s = NULL)
parse_mntopt(p, mntflags, &data); parse_mntopt(p, mntflags, &data, size);
if (*data) if (*data)
*mntdata = data; *mntdata = data;
......
src/lxc/confile.c
...@@ -2046,10 +2046,11 @@ int append_unexp_config_line(const char *line, struct lxc_conf *conf) ...@@ -2046,10 +2046,11 @@ int append_unexp_config_line(const char *line, struct lxc_conf *conf)
conf->unexpanded_config = tmp; conf->unexpanded_config = tmp;
conf->unexpanded_alloced += 1024; conf->unexpanded_alloced += 1024;
} }
strcat(conf->unexpanded_config, line);
strncat(conf->unexpanded_config, line, linelen);
conf->unexpanded_len += linelen; conf->unexpanded_len += linelen;
if (line[linelen - 1] != '\n') { if (line[linelen - 1] != '\n') {
strcat(conf->unexpanded_config, "\n"); strncat(conf->unexpanded_config, "\n", 1);
conf->unexpanded_len++; conf->unexpanded_len++;
} }
......
src/lxc/pam/pam_cgfs.c
...@@ -1634,8 +1634,8 @@ static char *string_join(const char *sep, const char **parts, bool use_as_prefix ...@@ -1634,8 +1634,8 @@ static char *string_join(const char *sep, const char **parts, bool use_as_prefix
for (p = (char **)parts; *p; p++) { for (p = (char **)parts; *p; p++) {
if (p > (char **)parts) if (p > (char **)parts)
strcat(result, sep); strncat(result, sep, sep_len);
strcat(result, *p); strncat(result, *p, strlen(*p));
} }
return result; return result;
......
src/lxc/pam/utils.c
...@@ -77,10 +77,12 @@ char *must_make_path(const char *first, ...) ...@@ -77,10 +77,12 @@ char *must_make_path(const char *first, ...)
full_len += strlen(cur); full_len += strlen(cur);
if (cur[0] != '/') if (cur[0] != '/')
full_len++; full_len++;
dest = must_realloc(dest, full_len + 1); dest = must_realloc(dest, full_len + 1);
if (cur[0] != '/') if (cur[0] != '/')
strcat(dest, "/"); strncat(dest, "/", 1);
strcat(dest, cur); strncat(dest, cur, strlen(cur));
} }
va_end(args); va_end(args);
......
src/lxc/tools/tool_utils.c
...@@ -517,8 +517,8 @@ char *lxc_string_join(const char *sep, const char **parts, bool use_as_prefix) ...@@ -517,8 +517,8 @@ char *lxc_string_join(const char *sep, const char **parts, bool use_as_prefix)
for (p = (char **)parts; *p; p++) { for (p = (char **)parts; *p; p++) {
if (p > (char **)parts) if (p > (char **)parts)
strcat(result, sep); strncat(result, sep, sep_len);
strcat(result, *p); strncat(result, *p, strlen(*p));
} }
return result; return result;
...@@ -1079,10 +1079,12 @@ char *must_make_path(const char *first, ...) ...@@ -1079,10 +1079,12 @@ char *must_make_path(const char *first, ...)
full_len += strlen(cur); full_len += strlen(cur);
if (cur[0] != '/') if (cur[0] != '/')
full_len++; full_len++;
dest = must_realloc(dest, full_len + 1); dest = must_realloc(dest, full_len + 1);
if (cur[0] != '/') if (cur[0] != '/')
strcat(dest, "/"); strncat(dest, "/", 1);
strcat(dest, cur); strncat(dest, cur, strlen(cur));
} }
va_end(args); va_end(args);
......
src/lxc/utils.c
...@@ -649,8 +649,8 @@ char *lxc_string_join(const char *sep, const char **parts, bool use_as_prefix) ...@@ -649,8 +649,8 @@ char *lxc_string_join(const char *sep, const char **parts, bool use_as_prefix)
for (p = (char **)parts; *p; p++) { for (p = (char **)parts; *p; p++) {
if (p > (char **)parts) if (p > (char **)parts)
strcat(result, sep); strncat(result, sep, sep_len);
strcat(result, *p); strncat(result, *p, strlen(*p));
} }
return result; return result;
...@@ -2318,10 +2318,12 @@ char *must_make_path(const char *first, ...) ...@@ -2318,10 +2318,12 @@ char *must_make_path(const char *first, ...)
full_len += strlen(cur); full_len += strlen(cur);
if (cur[0] != '/') if (cur[0] != '/')
full_len++; full_len++;
dest = must_realloc(dest, full_len + 1); dest = must_realloc(dest, full_len + 1);
if (cur[0] != '/') if (cur[0] != '/')
strcat(dest, "/"); strncat(dest, "/", 1);
strcat(dest, cur); strncat(dest, cur, strlen(cur));
} }
va_end(args); va_end(args);
...@@ -2339,16 +2341,14 @@ char *must_append_path(char *first, ...) ...@@ -2339,16 +2341,14 @@ char *must_append_path(char *first, ...)
va_start(args, first); va_start(args, first);
while ((cur = va_arg(args, char *)) != NULL) { while ((cur = va_arg(args, char *)) != NULL) {
full_len += strlen(cur); full_len += strlen(cur);
if (cur[0] != '/') if (cur[0] != '/')
full_len++; full_len++;
dest = must_realloc(dest, full_len + 1); dest = must_realloc(dest, full_len + 1);
if (cur[0] != '/') if (cur[0] != '/')
strcat(dest, "/"); strncat(dest, "/", 1);
strncat(dest, cur, strlen(cur));
strcat(dest, cur);
} }
va_end(args); va_end(args);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment