comparison svr-authpubkey.c @ 1630:9579377b5f8b

use strlcpy & strlcat (#74) * refactor checkpubkeyperms() with safe BSD functions fix gcc8 warnings ``` svr-authpubkey.c: In function 'checkpubkeyperms': svr-authpubkey.c:427:2: warning: 'strncat' specified bound 5 equals source length [-Wstringop-overflow=] strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ svr-authpubkey.c:433:2: warning: 'strncat' specified bound 16 equals source length [-Wstringop-overflow=] strncat(filename, "/authorized_keys", 16); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ``` see https://www.sudo.ws/todd/papers/strlcpy.html * restore strlcpy in xstrdup see original https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/xmalloc.c?rev=1.16
author François Perrad <francois.perrad@gadz.org>
date Wed, 20 Mar 2019 15:09:19 +0100
parents 1fbe598a14fb
children 592a18dac250
comparison
equal deleted inserted replaced
1629:258b57b208ae 1630:9579377b5f8b
422 goto out; 422 goto out;
423 } 423 }
424 424
425 /* allocate max required pathname storage, 425 /* allocate max required pathname storage,
426 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */ 426 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
427 filename = m_malloc(len + 22); 427 len += 22;
428 strncpy(filename, ses.authstate.pw_dir, len+1); 428 filename = m_malloc(len);
429 strlcpy(filename, ses.authstate.pw_dir, len);
429 430
430 /* check ~ */ 431 /* check ~ */
431 if (checkfileperm(filename) != DROPBEAR_SUCCESS) { 432 if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
432 goto out; 433 goto out;
433 } 434 }
434 435
435 /* check ~/.ssh */ 436 /* check ~/.ssh */
436 strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */ 437 strlcat(filename, "/.ssh", len);
437 if (checkfileperm(filename) != DROPBEAR_SUCCESS) { 438 if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
438 goto out; 439 goto out;
439 } 440 }
440 441
441 /* now check ~/.ssh/authorized_keys */ 442 /* now check ~/.ssh/authorized_keys */
442 strncat(filename, "/authorized_keys", 16); 443 strlcat(filename, "/authorized_keys", len);
443 if (checkfileperm(filename) != DROPBEAR_SUCCESS) { 444 if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
444 goto out; 445 goto out;
445 } 446 }
446 447
447 /* file looks ok, return success */ 448 /* file looks ok, return success */