Mercurial > dropbear
annotate dbhelpers.c @ 1630:9579377b5f8b
use strlcpy & strlcat (#74)
* refactor checkpubkeyperms() with safe BSD functions
fix gcc8 warnings
```
svr-authpubkey.c: In function 'checkpubkeyperms':
svr-authpubkey.c:427:2: warning: 'strncat' specified bound 5 equals source length [-Wstringop-overflow=]
strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
svr-authpubkey.c:433:2: warning: 'strncat' specified bound 16 equals source length [-Wstringop-overflow=]
strncat(filename, "/authorized_keys", 16);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
see https://www.sudo.ws/todd/papers/strlcpy.html
* restore strlcpy in xstrdup
see original https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/xmalloc.c?rev=1.16
| author | François Perrad <francois.perrad@gadz.org> |
|---|---|
| date | Wed, 20 Mar 2019 15:09:19 +0100 |
| parents | e75dab5bec71 |
| children |
| rev | line source |
|---|---|
|
1283
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 #include "dbhelpers.h" |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 #include "includes.h" |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 /* Erase data */ |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 void m_burn(void *data, unsigned int len) { |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 #if defined(HAVE_MEMSET_S) |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 memset_s(data, len, 0x0, len); |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 #elif defined(HAVE_EXPLICIT_BZERO) |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 explicit_bzero(data, len); |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 #else |
|
1575
e75dab5bec71
some linting after fuzz merge (#60)
François Perrad <francois.perrad@gadz.org>
parents:
1568
diff
changeset
|
12 /* This must be volatile to avoid compiler optimisation */ |
|
1374
4b1a807a3188
Just use memset, it should'be be optimised out in a separate file
Matt Johnston <matt@ucc.asn.au>
parents:
1283
diff
changeset
|
13 volatile void *p = data; |
|
1575
e75dab5bec71
some linting after fuzz merge (#60)
François Perrad <francois.perrad@gadz.org>
parents:
1568
diff
changeset
|
14 memset((void*)p, 0x0, len); |
|
1283
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 #endif |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 } |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 |
|
3017bc7d6238
move m_burn and function attributes to dbhelpers
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 |