dropbear: svr-authpubkey.c comparison

comparison svr-authpubkey.c @ 1630:9579377b5f8b

use strlcpy & strlcat (#74) * refactor checkpubkeyperms() with safe BSD functions fix gcc8 warnings ``` svr-authpubkey.c: In function 'checkpubkeyperms': svr-authpubkey.c:427:2: warning: 'strncat' specified bound 5 equals source length [-Wstringop-overflow=] strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ svr-authpubkey.c:433:2: warning: 'strncat' specified bound 16 equals source length [-Wstringop-overflow=] strncat(filename, "/authorized_keys", 16); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``` see https://www.sudo.ws/todd/papers/strlcpy.html * restore strlcpy in xstrdup see original https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/xmalloc.c?rev=1.16

author	François Perrad <francois.perrad@gadz.org>
date	Wed, 20 Mar 2019 15:09:19 +0100
parents	1fbe598a14fb
children	592a18dac250

comparison

equal deleted inserted replaced

-:258b57b208ae
+:9579377b5f8b
 		goto out;
 	}
 	/* allocate max required pathname storage,
 	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
-	filename = m_malloc(len + 22);
+	len += 22;
-	strncpy(filename, ses.authstate.pw_dir, len+1);
+	filename = m_malloc(len);
+	strlcpy(filename, ses.authstate.pw_dir, len);
 	/* check ~ */
 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
 		goto out;
 	}
 	/* check ~/.ssh */
-	strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
+	strlcat(filename, "/.ssh", len);
 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
 		goto out;
 	}
 	/* now check ~/.ssh/authorized_keys */
-	strncat(filename, "/authorized_keys", 16);
+	strlcat(filename, "/authorized_keys", len);
 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
 		goto out;
 	}
 	/* file looks ok, return success */

Mercurial > dropbear

comparison svr-authpubkey.c @ 1630:9579377b5f8b