Replaced snprintf calls by the SNPRINTF macro to avoid buffer overflows when copying strings

2025-02-28 17:31:52 -05:00 · 2005-03-29 17:18:59 +00:00 · 2005-03-29 17:18:59 +00:00 · 6063424c82
commit 6063424c82
parent 3ac94cc719
9 changed files with 48 additions and 40 deletions
--- a/lib/libalpm/add.c
+++ b/lib/libalpm/add.c
@ -349,7 +349,7 @@ int add_commit(pmdb_t *db, pmtrans_t *trans)
 			info->reason = PM_PKG_REASON_DEPEND;
 		}*/
 		/* make an install date (in UTC) */
-		strncpy(info->installdate, asctime(gmtime(&t)), sizeof(info->installdate));
+		STRNCPY(info->installdate, asctime(gmtime(&t)), sizeof(info->installdate));
 		if(db_write(db, info, INFRQ_ALL)) {
 			_alpm_log(PM_LOG_ERROR, "could not update database entry %s/%s-%s", db->treename, info->name, info->version);
 			alpm_logaction(NULL, "error updating database for %s-%s!", info->name, info->version);
@ -415,7 +415,7 @@ int add_commit(pmdb_t *db, pmtrans_t *trans)
 			char pathname[PATH_MAX];
 			struct stat buf;

-			strncpy(pathname, th_get_pathname(tar), PATH_MAX);
+			STRNCPY(pathname, th_get_pathname(tar), PATH_MAX);

 			if(!strcmp(pathname, ".PKGINFO") || !strcmp(pathname, ".FILELIST")) {
 				tar_skip_regfile(tar);
--- a/lib/libalpm/alpm.c
+++ b/lib/libalpm/alpm.c
@ -74,7 +74,7 @@ int alpm_initialize(char *root)
 		}
 	}

-	strncpy(str, (root) ? root : PM_ROOT, PATH_MAX);
+	STRNCPY(str, (root) ? root : PM_ROOT, PATH_MAX);
 	/* add a trailing '/' if there isn't one */
 	if(str[strlen(str)-1] != '/') {
 		strcat(str, "/");
--- a/lib/libalpm/cache.c
+++ b/lib/libalpm/cache.c
@ -28,6 +28,7 @@
 #include <sys/stat.h>
 /* pacman */
 #include "list.h"
+#include "util.h"
 #include "package.h"
 #include "group.h"
 #include "db.h"
@ -125,7 +126,7 @@ int db_load_grpcache(pmdb_t *db)
 			if(!pm_list_is_strin(i->data, db->grpcache)) {
 				pmgrp_t *grp = grp_new();

-				strncpy(grp->name, (char *)i->data, 256);
+				STRNCPY(grp->name, (char *)i->data, GRP_NAME_LEN);
 				grp->packages = pm_list_add_sorted(grp->packages, pkg->name, grp_cmp);
 				db->grpcache = pm_list_add_sorted(db->grpcache, grp, grp_cmp);
 			} else {
--- a/lib/libalpm/db.c
+++ b/lib/libalpm/db.c
@ -55,7 +55,7 @@ pmdb_t *db_open(char *root, char *dbpath, char *treename)
 		return(NULL);
 	}

-	strncpy(db->treename, treename, DB_TREENAME_LEN-1);
+	STRNCPY(db->treename, treename, DB_TREENAME_LEN);

 	db->pkgcache = NULL;
 	db->grpcache = NULL;
@ -121,7 +121,7 @@ int db_getlastupdate(pmdb_t *db, char *ts)
 	} else {
 		char line[256];
 		if(fgets(line, sizeof(line), fp)) {
-			strncpy(ts, line, 15); /* YYYYMMDDHHMMSS */
+			STRNCPY(ts, line, 15); /* YYYYMMDDHHMMSS */
 			ts[14] = '\0';
 		} else {
 			fclose(fp);
@ -169,7 +169,7 @@ pmpkg_t *db_scan(pmdb_t *db, char *target, unsigned int inforeq)
 	struct dirent *ent = NULL;
 	struct stat sbuf;
 	char path[PATH_MAX];
-	char name[PKG_NAME_LEN+PKG_VERSION_LEN];
+	char name[(PKG_NAME_LEN-1)+1+(PKG_VERSION_LEN-1)+1];
 	char *ptr = NULL;
 	int ret, found = 0;
 	pmpkg_t *pkg;
@ -185,7 +185,7 @@ pmpkg_t *db_scan(pmdb_t *db, char *target, unsigned int inforeq)
 			if(!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) {
 				continue;
 			}
-			strncpy(name, ent->d_name, PKG_NAME_LEN+PKG_VERSION_LEN-1);
+			STRNCPY(name, ent->d_name, PKG_NAME_LEN+PKG_VERSION_LEN);
 			/* stat the entry, make sure it's a directory */
 			snprintf(path, PATH_MAX, "%s/%s", db->path, name);
 			if(stat(path, &sbuf) || !S_ISDIR(sbuf.st_mode)) {
--- a/lib/libalpm/deps.c
+++ b/lib/libalpm/deps.c
@ -208,9 +208,9 @@ PMList *checkdeps(pmdb_t *db, unsigned short op, PMList *packages)
 					MALLOC(miss, sizeof(pmdepmissing_t));
 					miss->type = PM_DEP_REQUIRED;
 					miss->depend.mod = depend.mod;
-					strncpy(miss->target, p->name, 256);
-					strncpy(miss->depend.name, depend.name, 256);
-					strncpy(miss->depend.version, depend.version, 64);
+					STRNCPY(miss->target, p->name, PKG_NAME_LEN);
+					STRNCPY(miss->depend.name, depend.name, PKG_NAME_LEN);
+					STRNCPY(miss->depend.version, depend.version, PKG_VERSION_LEN);
 					if(!pm_list_is_ptrin(baddeps, miss)) {
 						baddeps = pm_list_add(baddeps, miss);
 					}
@ -237,8 +237,8 @@ PMList *checkdeps(pmdb_t *db, unsigned short op, PMList *packages)
 						miss->type = PM_DEP_CONFLICT;
 						miss->depend.mod = PM_DEP_ANY;
 						miss->depend.version[0] = '\0';
-						strncpy(miss->target, tp->name, 256);
-						strncpy(miss->depend.name, dp->name, 256);
+						STRNCPY(miss->target, tp->name, PKG_NAME_LEN);
+						STRNCPY(miss->depend.name, dp->name, PKG_NAME_LEN);
 						if(!pm_list_is_ptrin(baddeps, miss)) {
 							baddeps = pm_list_add(baddeps, miss);
 						}
@ -252,8 +252,8 @@ PMList *checkdeps(pmdb_t *db, unsigned short op, PMList *packages)
 						miss->type = PM_DEP_CONFLICT;
 						miss->depend.mod = PM_DEP_ANY;
 						miss->depend.version[0] = '\0';
-						strncpy(miss->target, tp->name, 256);
-						strncpy(miss->depend.name, a->name, 256);
+						STRNCPY(miss->target, tp->name, PKG_NAME_LEN);
+						STRNCPY(miss->depend.name, a->name, PKG_NAME_LEN);
 						if(!pm_list_is_ptrin(baddeps, miss)) {
 							baddeps = pm_list_add(baddeps, miss);
 						}
@ -269,8 +269,8 @@ PMList *checkdeps(pmdb_t *db, unsigned short op, PMList *packages)
 						miss->type = PM_DEP_CONFLICT;
 						miss->depend.mod = PM_DEP_ANY;
 						miss->depend.version[0] = '\0';
-						strncpy(miss->target, tp->name, 256);
-						strncpy(miss->depend.name, info->name, 256);
+						STRNCPY(miss->target, tp->name, PKG_NAME_LEN);
+						STRNCPY(miss->depend.name, info->name, PKG_NAME_LEN);
 						if(!pm_list_is_ptrin(baddeps, miss)) {
 							baddeps = pm_list_add(baddeps, miss);
 						}
@ -295,8 +295,8 @@ PMList *checkdeps(pmdb_t *db, unsigned short op, PMList *packages)
 					miss->type = CONFLICT;
 					miss->depend.mod = PM_DEP_ANY;
 					miss->depend.version[0] = '\0';
-					strncpy(miss->target, tp->name, 256);
-					strncpy(miss->depend.name, k->data, 256);
+					STRNCPY(miss->target, tp->name, PKG_NAME_LEN);
+					STRNCPY(miss->depend.name, k->data, PKG_NAME_LEN);
 					if(!pm_list_is_in(baddeps, miss)) {
 						baddeps = pm_list_add(baddeps, miss);
 					}
@ -407,9 +407,9 @@ PMList *checkdeps(pmdb_t *db, unsigned short op, PMList *packages)
 					MALLOC(miss, sizeof(pmdepmissing_t));
 					miss->type = PM_DEP_DEPEND;
 					miss->depend.mod = depend.mod;
-					strncpy(miss->target, tp->name, 256);
-					strncpy(miss->depend.name, depend.name, 256);
-					strncpy(miss->depend.version, depend.version, 64);
+					STRNCPY(miss->target, tp->name, PKG_NAME_LEN);
+					STRNCPY(miss->depend.name, depend.name, PKG_NAME_LEN);
+					STRNCPY(miss->depend.version, depend.version, PKG_VERSION_LEN);
 					if(!pm_list_is_ptrin(baddeps, miss)) {
 						baddeps = pm_list_add(baddeps, miss);
 					}
@ -430,8 +430,8 @@ PMList *checkdeps(pmdb_t *db, unsigned short op, PMList *packages)
 					miss->type = PM_DEP_REQUIRED;
 					miss->depend.mod = PM_DEP_ANY;
 					miss->depend.version[0] = '\0';
-					strncpy(miss->target, tp->name, 256);
-					strncpy(miss->depend.name, (char *)j->data, 256);
+					STRNCPY(miss->target, tp->name, PKG_NAME_LEN);
+					STRNCPY(miss->depend.name, (char *)j->data, PKG_NAME_LEN);
 					if(!pm_list_is_ptrin(baddeps, miss)) {
 						baddeps = pm_list_add(baddeps, miss);
 					}
@ -467,8 +467,8 @@ int splitdep(char *depstr, pmdepend_t *depend)
 	} else {
 		/* no version specified - accept any */
 		depend->mod = PM_DEP_ANY;
-		strncpy(depend->name, str, sizeof(depend->name));
-		strncpy(depend->version, "", sizeof(depend->version));
+		STRNCPY(depend->name, str, PKG_NAME_LEN);
+		STRNCPY(depend->version, "", PKG_VERSION_LEN);
 	}

 	if(ptr == NULL) {
@ -476,12 +476,12 @@ int splitdep(char *depstr, pmdepend_t *depend)
 		return(0);
 	}
 	*ptr = '\0';
-	strncpy(depend->name, str, sizeof(depend->name));
+	STRNCPY(depend->name, str, PKG_NAME_LEN);
 	ptr++;
 	if(depend->mod != PM_DEP_EQ) {
 		ptr++;
 	}
-	strncpy(depend->version, ptr, sizeof(depend->version));
+	STRNCPY(depend->version, ptr, PKG_VERSION_LEN);
 	FREE(str);

 	return(0);
--- a/lib/libalpm/group.h
+++ b/lib/libalpm/group.h
@ -23,9 +23,11 @@

 #include "list.h"

+#define GRP_NAME_LEN 256
+
 /* Groups structure */
 typedef struct __pmgrp_t {
-	char name[256];
+	char name[GRP_NAME_LEN];
 	PMList *packages; /* List of strings */
 } pmgrp_t;

--- a/lib/libalpm/package.c
+++ b/lib/libalpm/package.c
@ -131,28 +131,28 @@ static int parse_descfile(char *descfile, pmpkg_t *info, int output)
 			key = _alpm_strtoupper(key);
 			_alpm_strtrim(ptr);
 			if(!strcmp(key, "PKGNAME")) {
-				strncpy(info->name, ptr, sizeof(info->name));
+				STRNCPY(info->name, ptr, sizeof(info->name));
 			} else if(!strcmp(key, "PKGVER")) {
-				strncpy(info->version, ptr, sizeof(info->version));
+				STRNCPY(info->version, ptr, sizeof(info->version));
 			} else if(!strcmp(key, "PKGDESC")) {
-				strncpy(info->desc, ptr, sizeof(info->desc));
+				STRNCPY(info->desc, ptr, sizeof(info->desc));
 			} else if(!strcmp(key, "GROUP")) {
 				info->groups = pm_list_add(info->groups, strdup(ptr));
 			} else if(!strcmp(key, "URL")) {
-				strncpy(info->url, ptr, sizeof(info->url));
+				STRNCPY(info->url, ptr, sizeof(info->url));
 			} else if(!strcmp(key, "LICENSE")) {
-				strncpy(info->license, ptr, sizeof(info->license));
+				STRNCPY(info->license, ptr, sizeof(info->license));
 			} else if(!strcmp(key, "BUILDDATE")) {
-				strncpy(info->builddate, ptr, sizeof(info->builddate));
+				STRNCPY(info->builddate, ptr, sizeof(info->builddate));
 			} else if(!strcmp(key, "INSTALLDATE")) {
-				strncpy(info->installdate, ptr, sizeof(info->installdate));
+				STRNCPY(info->installdate, ptr, sizeof(info->installdate));
 			} else if(!strcmp(key, "PACKAGER")) {
-				strncpy(info->packager, ptr, sizeof(info->packager));
+				STRNCPY(info->packager, ptr, sizeof(info->packager));
 			} else if(!strcmp(key, "ARCH")) {
-				strncpy(info->arch, ptr, sizeof(info->arch));
+				STRNCPY(info->arch, ptr, sizeof(info->arch));
 			} else if(!strcmp(key, "SIZE")) {
 				char tmp[32];
-				strncpy(tmp, ptr, sizeof(tmp));
+				STRNCPY(tmp, ptr, sizeof(tmp));
 				info->size = atol(tmp);
 			} else if(!strcmp(key, "DEPEND")) {
 				info->depends = pm_list_add(info->depends, strdup(ptr));
--- a/lib/libalpm/util.c
+++ b/lib/libalpm/util.c
@ -378,7 +378,7 @@ int _alpm_runscriptlet(char *root, char *installfn, char *script, char *ver, cha
 		scriptpath = scriptfn + strlen(root) - 1;
 		return(0);
 	} else {
-		strncpy(scriptfn, installfn, PATH_MAX-1);
+		STRNCPY(scriptfn, installfn, PATH_MAX);
 		/* chop off the root so we can find the tmpdir in the chroot */
 		scriptpath = scriptfn + strlen(root) - 1;
 	}
--- a/lib/libalpm/util.h
+++ b/lib/libalpm/util.h
@ -38,6 +38,11 @@

 #define ASSERT(cond, action) do { if(!(cond)) { action; } } while(0)

+#define STRNCPY(s1, s2, len) do { \
+	strncpy(s1, s2, (len)-1); \
+	s1[(len)-1] = 0; \
+} while(0)
+
 long _alpm_gzopen_frontend(char *pathname, int oflags, int mode);
 int _alpm_makepath(char *path);
 int _alpm_copyfile(char *src, char *dest);