Mercurial > dropbear
view .travis.yml @ 1630:9579377b5f8b
use strlcpy & strlcat (#74)
* refactor checkpubkeyperms() with safe BSD functions
fix gcc8 warnings
```
svr-authpubkey.c: In function 'checkpubkeyperms':
svr-authpubkey.c:427:2: warning: 'strncat' specified bound 5 equals source length [-Wstringop-overflow=]
strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
svr-authpubkey.c:433:2: warning: 'strncat' specified bound 16 equals source length [-Wstringop-overflow=]
strncat(filename, "/authorized_keys", 16);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
see https://www.sudo.ws/todd/papers/strlcpy.html
* restore strlcpy in xstrdup
see original https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/xmalloc.c?rev=1.16
author | François Perrad <francois.perrad@gadz.org> |
---|---|
date | Wed, 20 Mar 2019 15:09:19 +0100 |
parents | d17a6bab2179 |
children | 96e4c9b2cc00 d32bcb5c557d |
line wrap: on
line source
language: c git: depth: 3 matrix: include: # subsequent matrix options use these first settings - os: linux compiler: gcc env: WEXTRAFLAGS=-Werror sudo: false - env: MULTI=1 WEXTRAFLAGS=-Werror # libtom has some warnings, so no WEXTRAFLAGS - env: CONFIGURE_FLAGS=--enable-bundled-libtom WEXTRAFLAGS="" - env: NOWRITEV=1 WEXTRAFLAGS=-Werror # libtomcrypt 1.18.1 fixes clang problems, distro doesn't have that yet - os: linux compiler: clang env: CONFIGURE_FLAGS=--enable-bundled-libtom WEXTRAFLAGS="" - os: osx compiler: clang env: WEXTRAFLAGS="" # Note: the fuzzing malloc wrapper doesn't replace free() in system libtomcrypt, so need bundled. - env: DO_FUZZ=1 CONFIGURE_FLAGS="--enable-fuzz --disable-harden --enable-bundled-libtom" WEXTRAFLAGS="" LDFLAGS=-fsanitize=address EXTRACFLAGS=-fsanitize=address CXX=clang++ compiler: clang # sanitizers need ptrace which is privileged https://github.com/travis-ci/travis-ci/issues/9033 sudo: required # container-based builds addons: apt: packages: # packages list: https://github.com/travis-ci/apt-package-whitelist/blob/master/ubuntu-precise - zlib1g-dev - libtomcrypt-dev - libtommath-dev - mercurial before_install: - if [ "$CC" = "clang" ]; then WEXTRAFLAGS="$WEXTRAFLAGS -Wno-error=incompatible-library-redeclaration" ; fi # workaround install: - autoconf - autoheader - ./configure $CONFIGURE_FLAGS CFLAGS="-O2 -Wall -Wno-pointer-sign $WEXTRAFLAGS $EXTRACFLAGS" --prefix="$HOME/inst" || (cat config.log; exit 1) - if [ "$NOWRITEV" = "1" ]; then sed -i -e s/HAVE_WRITEV/DONT_HAVE_WRITEV/ config.h ; fi - make -j3 - test -z $DO_FUZZ || make fuzzstandalone # avoid concurrent install, osx/freebsd is racey (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208093) - make install script: - ~/inst/bin/dropbearkey -t rsa -f testrsa - ~/inst/bin/dropbearkey -t dss -f testdss - ~/inst/bin/dropbearkey -t ecdsa -f testec256 -s 256 - ~/inst/bin/dropbearkey -t ecdsa -f testec384 -s 384 - ~/inst/bin/dropbearkey -t ecdsa -f testec521 -s 521 - test -z $DO_FUZZ || ./fuzzers_test.sh branches: only: - master - coverity