GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 08:46:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

use strlcpy() instead of snprintf() where it make sense

Browse Source 
That should reduce wasted cycles.
This commit is contained in:
Nikos Mavrogiannopoulos
2014-12-14 19:24:11 +01:00
parent 853f7876cd
commit 07e01d06b5
16 changed files with 108 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
configure.ac
View File

@@ -256,7 +256,8 @@ AC_CHECK_MEMBER([struct sockaddr.sa_len],
AC_CHECK_HEADERS([net/if_tun.h linux/if_tun.h netinet/in_systm.h], [], [], []) AC_CHECK_HEADERS([net/if_tun.h linux/if_tun.h netinet/in_systm.h], [], [], [])
AC_CHECK_FUNCS([setproctitle vasprintf clock_gettime isatty pselect getpeereid sigaltstack posix_memalign malloc_trim]) AC_CHECK_FUNCS([setproctitle vasprintf clock_gettime isatty pselect getpeereid sigaltstack])
AC_CHECK_FUNCS([strlcpy posix_memalign malloc_trim])
if [ test -z "$LIBWRAP" ];then if [ test -z "$LIBWRAP" ];then
libwrap_enabled="no" libwrap_enabled="no"

54
src/common.c
View File

@@ -419,3 +419,57 @@ void *_talloc_size2(void *ctx, size_t size)
{ {
return talloc_size(ctx, size); return talloc_size(ctx, size);
} }
#ifndef HAVE_STRLCPY
/*
* Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
* Copyright 2006 The FreeRADIUS server project
*/
/*
* Copy src to string dst of size siz. At most siz-1 characters
* will be copied. Always NUL terminates (unless siz == 0).
* Returns strlen(src); if retval >= siz, truncation occurred.
*/
size_t
oc_strlcpy(char *dst, char const *src, size_t siz)
{
char *d = dst;
char const *s = src;
size_t n = siz;
/* Copy as many bytes as will fit */
if (n != 0 && --n != 0) {
do {
if ((*d++ = *s++) == 0)
break;
} while (--n != 0);
}
/* Not enough room in dst, add NUL and traverse rest of src */
if (n == 0) {
if (siz != 0)
*d = '\0'; /* NUL-terminate dst */
while (*s++)
;
}
return(s - src - 1); /* count does not include NUL */
}
#endif

5
src/common.h
View File

@@ -114,4 +114,9 @@ void ms_sleep(unsigned ms)
nanosleep(&tv, NULL); nanosleep(&tv, NULL);
} }
#ifndef HAVE_STRLCPY
size_t oc_strlcpy(char *dst, char const *src, size_t siz);
# define strlcpy oc_strlcpy
#endif
#endif #endif

4
src/config.c
View File

@@ -233,7 +233,7 @@ unsigned j;
#define READ_STATIC_STRING(name, s_name) { \ #define READ_STATIC_STRING(name, s_name) { \
val = get_option(name, &mand); \ val = get_option(name, &mand); \
if (val != NULL && val->valType == OPARG_TYPE_STRING) \ if (val != NULL && val->valType == OPARG_TYPE_STRING) \
snprintf(s_name, sizeof(s_name), "%s", val->v.strVal); \ strlcpy(s_name, val->v.strVal, sizeof(s_name)); \
else if (mand != 0) { \ else if (mand != 0) { \
fprintf(stderr, "Configuration option %s is mandatory.\n", name); \ fprintf(stderr, "Configuration option %s is mandatory.\n", name); \
exit(1); \ exit(1); \
@@ -796,7 +796,7 @@ int cmd_parser (void *pool, int argc, char **argv, struct cfg_st** config)
(*config)->foreground = 1; (*config)->foreground = 1;
if (HAVE_OPT(PID_FILE)) { if (HAVE_OPT(PID_FILE)) {
snprintf(pid_file, sizeof(pid_file), "%s", OPT_ARG(PID_FILE)); strlcpy(pid_file, OPT_ARG(PID_FILE), sizeof(pid_file));
} }
if (HAVE_OPT(DEBUG)) if (HAVE_OPT(DEBUG))

6
src/main-auth.c
View File

@@ -183,7 +183,7 @@ struct cookie_entry_st *old;
if (cmsg->username == NULL) if (cmsg->username == NULL)
return -1; return -1;
snprintf(proc->username, sizeof(proc->username), "%s", cmsg->username); strlcpy(proc->username, cmsg->username, sizeof(proc->username));
if (cmsg->sid.len != sizeof(proc->sid)) if (cmsg->sid.len != sizeof(proc->sid))
return -1; return -1;
@@ -201,7 +201,7 @@ struct cookie_entry_st *old;
/* override the group name in order to load the correct configuration in /* override the group name in order to load the correct configuration in
* case his group is specified in the certificate */ * case his group is specified in the certificate */
if (cmsg->groupname) if (cmsg->groupname)
snprintf(proc->groupname, sizeof(proc->groupname), "%s", cmsg->groupname); strlcpy(proc->groupname, cmsg->groupname, sizeof(proc->groupname));
/* cookie is good so far, now read config (in order to know /* cookie is good so far, now read config (in order to know
* whether roaming is allowed or not */ * whether roaming is allowed or not */
@@ -277,7 +277,7 @@ struct cookie_entry_st *old;
} }
if (cmsg->hostname) if (cmsg->hostname)
snprintf(proc->hostname, sizeof(proc->hostname), "%s", cmsg->hostname); strlcpy(proc->hostname, cmsg->hostname, sizeof(proc->hostname));
memcpy(proc->ipv4_seed, &cmsg->ipv4_seed, sizeof(proc->ipv4_seed)); memcpy(proc->ipv4_seed, &cmsg->ipv4_seed, sizeof(proc->ipv4_seed));

2
src/main-ctl-unix.c
View File

@@ -108,7 +108,7 @@ int ctl_handler_init(main_server_st * s)
mslog(s, NULL, LOG_DEBUG, "initializing control unix socket: %s", s->config->occtl_socket_file); mslog(s, NULL, LOG_DEBUG, "initializing control unix socket: %s", s->config->occtl_socket_file);
memset(&sa, 0, sizeof(sa)); memset(&sa, 0, sizeof(sa));
sa.sun_family = AF_UNIX; sa.sun_family = AF_UNIX;
snprintf(sa.sun_path, sizeof(sa.sun_path), "%s", s->config->occtl_socket_file); strlcpy(sa.sun_path, s->config->occtl_socket_file, sizeof(sa.sun_path));
remove(s->config->occtl_socket_file); remove(s->config->occtl_socket_file);
sd = socket(AF_UNIX, SOCK_STREAM, 0); sd = socket(AF_UNIX, SOCK_STREAM, 0);

22
src/main-misc.c
View File

@@ -74,7 +74,7 @@ int set_tun_mtu(main_server_st * s, struct proc_st *proc, unsigned mtu)
return -1; return -1;
memset(&ifr, 0, sizeof(ifr)); memset(&ifr, 0, sizeof(ifr));
snprintf(ifr.ifr_name, IFNAMSIZ, "%s", name); strlcpy(ifr.ifr_name, name, IFNAMSIZ);
ifr.ifr_mtu = mtu; ifr.ifr_mtu = mtu;
ret = ioctl(fd, SIOCSIFMTU, &ifr); ret = ioctl(fd, SIOCSIFMTU, &ifr);
@@ -580,17 +580,14 @@ int handle_commands(main_server_st * s, struct proc_st *proc)
} }
if (tmsg->tls_ciphersuite) if (tmsg->tls_ciphersuite)
snprintf(proc->tls_ciphersuite, strlcpy(proc->tls_ciphersuite, tmsg->tls_ciphersuite,
sizeof(proc->tls_ciphersuite), "%s", sizeof(proc->tls_ciphersuite));
tmsg->tls_ciphersuite);
if (tmsg->dtls_ciphersuite) if (tmsg->dtls_ciphersuite)
snprintf(proc->dtls_ciphersuite, strlcpy(proc->dtls_ciphersuite, tmsg->dtls_ciphersuite,
sizeof(proc->dtls_ciphersuite), "%s", sizeof(proc->dtls_ciphersuite));
tmsg->dtls_ciphersuite);
if (tmsg->user_agent) if (tmsg->user_agent)
snprintf(proc->user_agent, strlcpy(proc->user_agent, tmsg->user_agent,
sizeof(proc->user_agent), "%s", sizeof(proc->user_agent));
tmsg->user_agent);
session_info_msg__free_unpacked(tmsg, &pa); session_info_msg__free_unpacked(tmsg, &pa);
} }
@@ -759,8 +756,7 @@ void run_sec_mod(main_server_st * s)
snprintf(s->full_socket_file, sizeof(s->full_socket_file), "%s/%s", snprintf(s->full_socket_file, sizeof(s->full_socket_file), "%s/%s",
s->config->chroot_dir, s->socket_file); s->config->chroot_dir, s->socket_file);
} else { } else {
snprintf(s->full_socket_file, sizeof(s->full_socket_file), "%s", strlcpy(s->full_socket_file, s->socket_file, sizeof(s->full_socket_file));
s->socket_file);
} }
p = s->full_socket_file; p = s->full_socket_file;
@@ -800,7 +796,7 @@ void put_into_cgroup(main_server_st * s, const char *_cgroup, pid_t pid)
#ifdef __linux__ #ifdef __linux__
/* format: cpu,memory:cgroup-name */ /* format: cpu,memory:cgroup-name */
snprintf(cgroup, sizeof(cgroup), "%s", _cgroup); strlcpy(cgroup, _cgroup, sizeof(cgroup));
name = strchr(cgroup, ':'); name = strchr(cgroup, ':');
if (name == NULL) { if (name == NULL) {

6
src/main-user.c
View File

@@ -169,8 +169,8 @@ add_utmp_entry(main_server_st *s, struct proc_st* proc)
memset(&entry, 0, sizeof(entry)); memset(&entry, 0, sizeof(entry));
entry.ut_type = USER_PROCESS; entry.ut_type = USER_PROCESS;
entry.ut_pid = proc->pid; entry.ut_pid = proc->pid;
snprintf(entry.ut_line, sizeof(entry.ut_line), "%s", proc->tun_lease.name); strlcpy(entry.ut_line, proc->tun_lease.name, sizeof(entry.ut_line));
snprintf(entry.ut_user, sizeof(entry.ut_user), "%s", proc->username); strlcpy(entry.ut_user, proc->username, sizeof(entry.ut_user));
#ifdef __linux__ #ifdef __linux__
if (proc->remote_addr_len == sizeof(struct sockaddr_in)) if (proc->remote_addr_len == sizeof(struct sockaddr_in))
memcpy(entry.ut_addr_v6, SA_IN_P(&proc->remote_addr), sizeof(struct in_addr)); memcpy(entry.ut_addr_v6, SA_IN_P(&proc->remote_addr), sizeof(struct in_addr));
@@ -207,7 +207,7 @@ static void remove_utmp_entry(main_server_st *s, struct proc_st* proc)
memset(&entry, 0, sizeof(entry)); memset(&entry, 0, sizeof(entry));
entry.ut_type = DEAD_PROCESS; entry.ut_type = DEAD_PROCESS;
if (proc->tun_lease.name[0] != 0) if (proc->tun_lease.name[0] != 0)
snprintf(entry.ut_line, sizeof(entry.ut_line), "%s", proc->tun_lease.name); strlcpy(entry.ut_line, proc->tun_lease.name, sizeof(entry.ut_line));
entry.ut_pid = proc->pid; entry.ut_pid = proc->pid;
setutxent(); setutxent();

4
src/main.c
View File

@@ -201,7 +201,7 @@ int _listen_unix_ports(void *pool, struct cfg_st* config,
if (config->unix_conn_file) { if (config->unix_conn_file) {
memset(&sa, 0, sizeof(sa)); memset(&sa, 0, sizeof(sa));
sa.sun_family = AF_UNIX; sa.sun_family = AF_UNIX;
snprintf(sa.sun_path, sizeof(sa.sun_path), "%s", config->unix_conn_file); strlcpy(sa.sun_path, config->unix_conn_file, sizeof(sa.sun_path));
remove(sa.sun_path); remove(sa.sun_path);
if (config->foreground != 0) if (config->foreground != 0)
@@ -1004,7 +1004,7 @@ int main(int argc, char** argv)
tls_load_certs(s, &creds); tls_load_certs(s, &creds);
s->secmod_addr.sun_family = AF_UNIX; s->secmod_addr.sun_family = AF_UNIX;
snprintf(s->secmod_addr.sun_path, sizeof(s->secmod_addr.sun_path), "%s", s->socket_file); strlcpy(s->secmod_addr.sun_path, s->socket_file, sizeof(s->secmod_addr.sun_path));
s->secmod_addr_len = SUN_LEN(&s->secmod_addr); s->secmod_addr_len = SUN_LEN(&s->secmod_addr);
/* initialize memory for worker process */ /* initialize memory for worker process */

13
src/sec-mod-auth.c
View File

@@ -221,11 +221,9 @@ static int check_user_group_status(sec_mod_st * sec, client_entry_st * e,
return -1; return -1;
} }
snprintf(e->username, sizeof(e->username), "%s", strlcpy(e->username, cert_user, sizeof(e->username));
cert_user);
if (cert_groups_size > 0 && sec->config->cert_group_oid != NULL && e->groupname[0] == 0) if (cert_groups_size > 0 && sec->config->cert_group_oid != NULL && e->groupname[0] == 0)
snprintf(e->groupname, sizeof(e->groupname), strlcpy(e->groupname, cert_groups[0], sizeof(e->groupname));
"%s", cert_groups[0]);
} else { } else {
if (sec->config->cert_user_oid != NULL && cert_user && strcmp(e->username, cert_user) != 0) { if (sec->config->cert_user_oid != NULL && cert_user && strcmp(e->username, cert_user) != 0) {
seclog(sec, LOG_INFO, seclog(sec, LOG_INFO,
@@ -482,7 +480,7 @@ int handle_sec_auth_init(int cfd, sec_mod_st * sec, const SecAuthInitMsg * req)
} }
if (req->hostname != NULL) { if (req->hostname != NULL) {
snprintf(e->hostname, sizeof(e->hostname), "%s", req->hostname); strlcpy(e->hostname, req->hostname, sizeof(e->hostname));
} }
if (sec->config->auth_types & AUTH_TYPE_USERNAME_PASS) { if (sec->config->auth_types & AUTH_TYPE_USERNAME_PASS) {
@@ -506,8 +504,7 @@ int handle_sec_auth_init(int cfd, sec_mod_st * sec, const SecAuthInitMsg * req)
module->auth_user(e->auth_ctx, e->username, module->auth_user(e->auth_ctx, e->username,
sizeof(e->username)); sizeof(e->username));
if (ret != 0 && req->user_name != NULL) { if (ret != 0 && req->user_name != NULL) {
snprintf(e->username, sizeof(e->username), "%s", strlcpy(e->username, req->user_name, sizeof(e->username));
req->user_name);
} }
} }
@@ -517,7 +514,7 @@ int handle_sec_auth_init(int cfd, sec_mod_st * sec, const SecAuthInitMsg * req)
for (i=0;i<req->n_cert_group_names;i++) { for (i=0;i<req->n_cert_group_names;i++) {
if (strcmp(req->group_name, req->cert_group_names[i]) == 0) { if (strcmp(req->group_name, req->cert_group_names[i]) == 0) {
snprintf(e->groupname, sizeof(e->groupname), "%s", req->cert_group_names[i]); strlcpy(e->groupname, req->cert_group_names[i], sizeof(e->groupname));
found = 1; found = 1;
break; break;
} }

4
src/sec-mod-ban.c
View File

@@ -99,7 +99,7 @@ void add_ip_to_ban_list(sec_mod_st *sec, const char *ip, time_t reenable_time)
return; return;
} }
snprintf(e->ip, sizeof(e->ip), "%s", ip); strlcpy(e->ip, ip, sizeof(e->ip));
e->expires = reenable_time; e->expires = reenable_time;
if (htable_add(db, rehash(e, NULL), e) == 0) { if (htable_add(db, rehash(e, NULL), e) == 0) {
@@ -138,7 +138,7 @@ unsigned check_if_banned(sec_mod_st *sec, const char *ip)
/* pass the current time somehow */ /* pass the current time somehow */
t.expires = time(0); t.expires = time(0);
snprintf(t.ip, sizeof(t.ip), "%s", ip); strlcpy(t.ip, ip, sizeof(t.ip));
if (htable_get(db, rehash(&t, NULL), ban_entry_cmp, &t) != 0) if (htable_get(db, rehash(&t, NULL), ban_entry_cmp, &t) != 0)
return 1; return 1;

2
src/sec-mod-db.c
View File

@@ -94,7 +94,7 @@ client_entry_st *new_client_entry(sec_mod_st *sec, const char *ip)
return NULL; return NULL;
} }
snprintf(e->ip, sizeof(e->ip), "%s", ip); strlcpy(e->ip, ip, sizeof(e->ip));
ret = gnutls_rnd(GNUTLS_RND_RANDOM, e->sid, sizeof(e->sid)); ret = gnutls_rnd(GNUTLS_RND_RANDOM, e->sid, sizeof(e->sid));
if (ret < 0) { if (ret < 0) {
seclog(sec, LOG_ERR, "error generating SID"); seclog(sec, LOG_ERR, "error generating SID");

2
src/sec-mod.c
View File

@@ -488,7 +488,7 @@ void sec_mod_server(void *main_pool, struct cfg_st *config, const char *socket_f
memset(&sa, 0, sizeof(sa)); memset(&sa, 0, sizeof(sa));
sa.sun_family = AF_UNIX; sa.sun_family = AF_UNIX;
snprintf(sa.sun_path, sizeof(sa.sun_path), "%s", socket_file); strlcpy(sa.sun_path, socket_file, sizeof(sa.sun_path));
remove(socket_file); remove(socket_file);
#define SOCKET_FILE sa.sun_path #define SOCKET_FILE sa.sun_path

2
src/tlslib.c
View File

@@ -644,7 +644,7 @@ struct key_cb_data * cdata;
memset(&cdata->sa, 0, sizeof(cdata->sa)); memset(&cdata->sa, 0, sizeof(cdata->sa));
cdata->sa.sun_family = AF_UNIX; cdata->sa.sun_family = AF_UNIX;
snprintf(cdata->sa.sun_path, sizeof(cdata->sa.sun_path), "%s", s->socket_file); strlcpy(cdata->sa.sun_path, s->socket_file, sizeof(cdata->sa.sun_path));
cdata->sa_len = SUN_LEN(&cdata->sa); cdata->sa_len = SUN_LEN(&cdata->sa);
/* load the private key */ /* load the private key */

21
src/tun.c
View File

@@ -77,7 +77,7 @@ int set_ipv6_addr(main_server_st * s, struct proc_st *proc)
} }
memset(&ifr, 0, sizeof(ifr)); memset(&ifr, 0, sizeof(ifr));
snprintf(ifr.ifr_name, IFNAMSIZ, "%s", proc->tun_lease.name); strlcpy(ifr.ifr_name, proc->tun_lease.name, IFNAMSIZ);
ret = ioctl(fd, SIOGIFINDEX, &ifr); ret = ioctl(fd, SIOGIFINDEX, &ifr);
if (ret != 0) { if (ret != 0) {
@@ -108,7 +108,7 @@ int set_ipv6_addr(main_server_st * s, struct proc_st *proc)
memset(&ifr, 0, sizeof(ifr)); memset(&ifr, 0, sizeof(ifr));
ifr.ifr_addr.sa_family = AF_INET6; ifr.ifr_addr.sa_family = AF_INET6;
ifr.ifr_flags |= IFF_UP | IFF_RUNNING; ifr.ifr_flags |= IFF_UP | IFF_RUNNING;
snprintf(ifr.ifr_name, IFNAMSIZ, "%s", proc->tun_lease.name); strlcpy(ifr.ifr_name, proc->tun_lease.name, IFNAMSIZ);
ret = ioctl(fd, SIOCSIFFLAGS, &ifr); ret = ioctl(fd, SIOCSIFFLAGS, &ifr);
if (ret != 0) { if (ret != 0) {
@@ -146,7 +146,7 @@ int set_ipv6_addr(main_server_st * s, struct proc_st *proc)
} }
memset(&ifr6, 0, sizeof(ifr6)); memset(&ifr6, 0, sizeof(ifr6));
snprintf(ifr6.ifra_name, IFNAMSIZ, "%s", proc->tun_lease.name); strlcpy(ifr6.ifra_name, proc->tun_lease.name, IFNAMSIZ);
memcpy(&ifr6.ifra_addr.sin6_addr, SA_IN6_P(&proc->ipv6->lip), memcpy(&ifr6.ifra_addr.sin6_addr, SA_IN6_P(&proc->ipv6->lip),
SA_IN_SIZE(proc->ipv6->lip_len)); SA_IN_SIZE(proc->ipv6->lip_len));
@@ -177,7 +177,7 @@ int set_ipv6_addr(main_server_st * s, struct proc_st *proc)
memset(&ifr, 0, sizeof(ifr)); memset(&ifr, 0, sizeof(ifr));
ifr.ifr_addr.sa_family = AF_INET6; ifr.ifr_addr.sa_family = AF_INET6;
ifr.ifr_flags |= IFF_UP | IFF_RUNNING; ifr.ifr_flags |= IFF_UP | IFF_RUNNING;
snprintf(ifr.ifr_name, IFNAMSIZ, "%s", proc->tun_lease.name); strlcpy(ifr.ifr_name, oroc->tun_lease.name, IFNAMSIZ);
ret = ioctl(fd, SIOCSIFFLAGS, &ifr); ret = ioctl(fd, SIOCSIFFLAGS, &ifr);
if (ret != 0) { if (ret != 0) {
@@ -221,7 +221,7 @@ static int set_network_info(main_server_st * s, struct proc_st *proc)
return -1; return -1;
#ifdef SIOCAIFADDR #ifdef SIOCAIFADDR
snprintf(ifr.ifra_name, IFNAMSIZ, "%s", proc->tun_lease.name); strlcpy(ifr.ifra_name, proc->tun_lease.name, IFNAMSIZ);
memcpy(&ifr.ifra_addr, &proc->ipv4->lip, proc->ipv4->lip_len); memcpy(&ifr.ifra_addr, &proc->ipv4->lip, proc->ipv4->lip_len);
ifr.ifra_addr.sin_len = sizeof(struct sockaddr_in); ifr.ifra_addr.sin_len = sizeof(struct sockaddr_in);
@@ -244,7 +244,7 @@ static int set_network_info(main_server_st * s, struct proc_st *proc)
goto cleanup; goto cleanup;
} }
#else #else
snprintf(ifr.ifr_name, IFNAMSIZ, "%s", proc->tun_lease.name); strlcpy(ifr.ifr_name, proc->tun_lease.name, IFNAMSIZ);
memcpy(&ifr.ifr_addr, &proc->ipv4->lip, proc->ipv4->lip_len); memcpy(&ifr.ifr_addr, &proc->ipv4->lip, proc->ipv4->lip_len);
ifr.ifr_addr.sa_family = AF_INET; ifr.ifr_addr.sa_family = AF_INET;
@@ -259,7 +259,7 @@ static int set_network_info(main_server_st * s, struct proc_st *proc)
memset(&ifr, 0, sizeof(ifr)); memset(&ifr, 0, sizeof(ifr));
snprintf(ifr.ifr_name, IFNAMSIZ, "%s", proc->tun_lease.name); strlcpy(ifr.ifr_name, proc->tun_lease.name, IFNAMSIZ);
memcpy(&ifr.ifr_dstaddr, &proc->ipv4->rip, proc->ipv4->rip_len); memcpy(&ifr.ifr_dstaddr, &proc->ipv4->rip, proc->ipv4->rip_len);
ifr.ifr_dstaddr.sa_family = AF_INET; ifr.ifr_dstaddr.sa_family = AF_INET;
@@ -277,7 +277,7 @@ static int set_network_info(main_server_st * s, struct proc_st *proc)
memset(&ifr, 0, sizeof(ifr)); memset(&ifr, 0, sizeof(ifr));
ifr.ifr_addr.sa_family = AF_INET; ifr.ifr_addr.sa_family = AF_INET;
ifr.ifr_flags |= IFF_UP | IFF_RUNNING; ifr.ifr_flags |= IFF_UP | IFF_RUNNING;
snprintf(ifr.ifr_name, IFNAMSIZ, "%s", proc->tun_lease.name); strlcpy(ifr.ifr_name, proc->tun_lease.name, IFNAMSIZ);
ret = ioctl(fd, SIOCSIFFLAGS, &ifr); ret = ioctl(fd, SIOCSIFFLAGS, &ifr);
if (ret != 0) { if (ret != 0) {
@@ -410,8 +410,7 @@ int open_tun(main_server_st * s, struct proc_st *proc)
goto fail; goto fail;
} }
snprintf(proc->tun_lease.name, sizeof(proc->tun_lease.name), strlcpy(proc->tun_lease.name, devname(st.st_rdev, S_IFCHR), sizeof(proc->tun_lease.name));
"%s", devname(st.st_rdev, S_IFCHR));
} }
set_cloexec_flag(tunfd, 1); set_cloexec_flag(tunfd, 1);
@@ -455,7 +454,7 @@ void close_tun(main_server_st * s, struct proc_st *proc)
return -1; return -1;
memset(&ifr, 0, sizeof(struct ifreq)); memset(&ifr, 0, sizeof(struct ifreq));
snprintf(ifr.ifr_name, IFNAMSIZ, "%s", proc->tun_lease.name); strlcpy(ifr.ifr_name, proc->tun_lease.name, IFNAMSIZ);
ret = ioctl(fd, SIOCIFDESTROY, &ifr); ret = ioctl(fd, SIOCIFDESTROY, &ifr);
if (ret != 0) { if (ret != 0) {

20
src/worker-auth.c
View File

@@ -490,14 +490,11 @@ static int recv_cookie_auth_reply(worker_st * ws)
goto cleanup; goto cleanup;
} }
snprintf(ws->vinfo.name, sizeof(ws->vinfo.name), "%s", strlcpy(ws->vinfo.name, msg->vname, sizeof(ws->vinfo.name));
msg->vname); strlcpy(ws->username, msg->user_name, sizeof(ws->username));
snprintf(ws->username, sizeof(ws->username), "%s",
msg->user_name);
if (msg->group_name != NULL) { if (msg->group_name != NULL) {
snprintf(ws->groupname, sizeof(ws->groupname), "%s", strlcpy(ws->groupname, msg->group_name, sizeof(ws->groupname));
msg->group_name);
} else { } else {
ws->groupname[0] = 0; ws->groupname[0] = 0;
} }
@@ -691,7 +688,7 @@ static int recv_auth_reply(worker_st * ws, int sd, char *txt,
return ERR_AUTH_FAIL; return ERR_AUTH_FAIL;
} }
snprintf(txt, max_txt_size, "%s", msg->msg); strlcpy(txt, msg->msg, max_txt_size);
if (msg->has_sid && msg->sid.len == sizeof(ws->sid)) { if (msg->has_sid && msg->sid.len == sizeof(ws->sid)) {
/* update our sid */ /* update our sid */
memcpy(ws->sid, msg->sid.data, sizeof(ws->sid)); memcpy(ws->sid, msg->sid.data, sizeof(ws->sid));
@@ -706,8 +703,7 @@ static int recv_auth_reply(worker_st * ws, int sd, char *txt,
goto cleanup; goto cleanup;
} }
snprintf(ws->username, sizeof(ws->username), "%s", strlcpy(ws->username, msg->user_name, sizeof(ws->username));
msg->user_name);
if (msg->has_sid && msg->sid.len == sizeof(ws->sid)) { if (msg->has_sid && msg->sid.len == sizeof(ws->sid)) {
/* update our sid */ /* update our sid */
@@ -1087,8 +1083,7 @@ int post_auth_handler(worker_st * ws, unsigned http_ver)
strcmp(groupname, ws->config->default_select_group) == 0) { strcmp(groupname, ws->config->default_select_group) == 0) {
def_group = 1; def_group = 1;
} else { } else {
snprintf(ws->groupname, sizeof(ws->groupname), "%s", strlcpy(ws->groupname, groupname, sizeof(ws->groupname));
groupname);
ireq.group_name = ws->groupname; ireq.group_name = ws->groupname;
} }
} }
@@ -1105,8 +1100,7 @@ int post_auth_handler(worker_st * ws, unsigned http_ver)
goto ask_auth; goto ask_auth;
} }
snprintf(ws->username, sizeof(ws->username), "%s", strlcpy(ws->username, username, sizeof(ws->username));
username);
talloc_free(username); talloc_free(username);
ireq.user_name = ws->username; ireq.user_name = ws->username;
} }