aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorwes <wes@FreeBSD.org>2002-06-17 12:33:45 +0800
committerwes <wes@FreeBSD.org>2002-06-17 12:33:45 +0800
commit7788cd31f4f349b3fd0b990dffde4c3c91ef3df7 (patch)
tree9ee565356d472b431503be507418f2bd3ae1b495 /net
parent24477315b86c584c09338299b29b81705ae04f56 (diff)
downloadfreebsd-ports-gnome-7788cd31f4f349b3fd0b990dffde4c3c91ef3df7.tar.gz
freebsd-ports-gnome-7788cd31f4f349b3fd0b990dffde4c3c91ef3df7.tar.zst
freebsd-ports-gnome-7788cd31f4f349b3fd0b990dffde4c3c91ef3df7.zip
Don't allow environment variables to overflow their buffers.
Reviewed by: nectar@
Diffstat (limited to 'net')
-rw-r--r--net/sharity-light/files/patch-getenv74
1 files changed, 74 insertions, 0 deletions
diff --git a/net/sharity-light/files/patch-getenv b/net/sharity-light/files/patch-getenv
new file mode 100644
index 000000000000..c128a97bbb8c
--- /dev/null
+++ b/net/sharity-light/files/patch-getenv
@@ -0,0 +1,74 @@
+--- rumba.c.orig Tue Jun 11 11:27:59 2002
++++ rumba.c Tue Jun 11 13:32:39 2002
+@@ -24,6 +24,8 @@
+
+ /* ------------------------------------------------------------------------- */
+
++#define NAMESIZE 64
++
+ int debug_mode = 0;
+ char fake_dot_in_root = 1;
+ char fake_dotdot_in_root = 1;
+@@ -260,7 +262,7 @@
+ int got_password, upcase_password;
+ int port = -1, max_xmit = -1;
+ char server_name[17], client_name[17];
+-char username[64], password[64], run_as_daemon;
++char username[NAMESIZE], password[NAMESIZE], run_as_daemon;
+ char *mount_point, *server, *share, *root, *user_dummy, *p;
+ static fh_t root_fh[32/sizeof(fh_t)] = {0};
+ unsigned ipAddr;
+@@ -320,12 +322,17 @@
+ strcpy(server_name, hostName);
+ }
+ }
++
+ if(getenv("USER")){
+- strcpy(username, getenv("USER"));
++ if (strlcpy(username, getenv("USER"), NAMESIZE) >= NAMESIZE)
++ eprintf("$USER too long, truncated to \"%s\"\n",
++ username);
+ str_upper(username);
+ }
+- if(username[0] == 0 && getenv("LOGNAME")){
+- strcpy(username,getenv("LOGNAME"));
++ else if(getenv("LOGNAME")){
++ if (strlcpy(username, getenv("LOGNAME"), NAMESIZE) >= NAMESIZE);
++ eprintf("$LOGNAME too long, truncated to \"%s\"\n",
++ username);
+ str_upper(username);
+ }
+
+@@ -415,7 +422,7 @@
+ got_password = 1;
+ break;
+ case 'i':
+- if(fgets(password, sizeof(password), stdin) != NULL){
++ if(fgets(password, NAMESIZE, stdin) != NULL){
+ if((p = strrchr(password, '\n')) != NULL)
+ *p = 0;
+ got_password = 1;
+@@ -462,13 +469,18 @@
+ conf_dirmode = conf_filemode;
+ conf_dirmode |= (conf_dirmode & 0444) >> 2;
+ }
++
+ if(!got_password){
+- char *pw;
+- if((pw = getenv("PASSWD")))
+- strcpy(password, pw);
+- else
+- strcpy(password, getpass("Password: "));
++ char *pw, *src = "$PASSWD";
++ if ((pw = getenv("PASSWD")) == NULL) {
++ src = "User entered password";
++ pw = getpass("Password: ");
++ }
++ if (strlcpy(password, pw, NAMESIZE) >= NAMESIZE)
++ eprintf("%s too long, truncated to \"%s\"\n",
++ src, password);
+ }
++
+ if(upcase_password){
+ str_upper(password);
+ }