cleanup patches

Thu Nov 28 03:55:17 MST 2013

Hi!

Attached find two consistency patches.

Please review & push!

Thanks,

Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From 51636a7029e6e93126a4077035d921555446ca84 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Thu, 28 Nov 2013 09:33:59 +0100
Subject: [PATCH 1/2] replace: Don't run over dst in strlcat

If "d" is not 0-terminated, the pure strlen will read beyond the end
of the given bufsize. strlcat in libbsd deliberately avoids this, so we
should do the same.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/replace/replace.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 37edb31..effe5de 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -84,7 +84,7 @@ size_t rep_strlcpy(char *d, const char *s, size_t bufsize)
    be one more than the maximum resulting string length */
 size_t rep_strlcat(char *d, const char *s, size_t bufsize)
 {
-	size_t len1 = strlen(d);
+	size_t len1 = strnlen(d, bufsiz);
 	size_t len2 = strlen(s);
 	size_t ret = len1 + len2;
 
-- 
1.7.9.5


From 3a18da3f053561a79571ca41754c31cc1f285a28 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Thu, 28 Nov 2013 09:37:47 +0100
Subject: [PATCH 2/2] pam_winbind: Use strlcat in safe_append_string

We have that available via libreplace, so use it.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 nsswitch/pam_winbind.c |   12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index 2e37662..9322971 100644
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -1043,15 +1043,9 @@ static bool safe_append_string(char *dest,
 			       const char *src,
 			       int dest_buffer_size)
 {
-	int dest_length = strlen(dest);
-	int src_length = strlen(src);
-
-	if (dest_length + src_length + 1 > dest_buffer_size) {
-		return false;
-	}
-
-	memcpy(dest + dest_length, src, src_length + 1);
-	return true;
+	size_t len;
+	len = strlcat(dest, src, dest_buffer_size);
+	return (len < dest_buffer_size);
 }
 
 /**
-- 
1.7.9.5

