The Samba-Bugzilla – Attachment 2070 Details for
Bug 3971
Some unprotected strncpy() calls
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Diffs to change strncpy(x,y,z-1) to strlcpy(x,y,z)
strncpy.diff (text/plain), 41.19 KB, created by
David S. Collier-Brown
on 2006-07-27 15:27:21 UTC
(
hide
)
Description:
Diffs to change strncpy(x,y,z-1) to strlcpy(x,y,z)
Filename:
MIME Type:
Creator:
David S. Collier-Brown
Created:
2006-07-27 15:27:21 UTC
Size:
41.19 KB
patch
obsolete
> >------- client.c ------- >--- /tmp/sccs.S8aiFC Thu Jul 27 16:25:35 2006 >+++ ./client/client.c Thu Jul 27 15:23:14 2006 >@@ -3083,14 +3083,12 @@ > int i; > > if ((p = strchr_m(cmd, ';')) == 0) { >- strncpy(line, cmd, 999); >- line[1000] = '\0'; >+ strlcpy(line, cmd, 1000); > cmd += strlen(cmd); > } else { > if (p - cmd > 999) > p = cmd + 999; >- strncpy(line, cmd, p - cmd); >- line[p - cmd] = '\0'; >+ strlcpy(line, cmd, p - cmd); > cmd = p + 1; > } > >@@ -3185,8 +3183,7 @@ > info.samelen = info.len = len-i-1; > > if (i > 0) { >- strncpy(info.dirmask, text, i+1); >- info.dirmask[i+1] = 0; >+ strlcpy(info.dirmask, text, i+1); > pstr_sprintf(dirmask, "%s%*s*", cur_dir, i-1, text); > } else { > pstr_sprintf(dirmask, "%s*", cur_dir); >@@ -3201,8 +3198,7 @@ > info.matches[0] = SMB_MALLOC(info.samelen+1); > if (!info.matches[0]) > goto cleanup; >- strncpy(info.matches[0], info.matches[1], info.samelen); >- info.matches[0][info.samelen] = 0; >+ strlcpy(info.matches[0], info.matches[1], info.samelen); > } > info.matches[info.count] = NULL; > return info.matches; >@@ -3285,8 +3281,7 @@ > matches[0] = SMB_MALLOC(samelen+1); > if (!matches[0]) > goto cleanup; >- strncpy(matches[0], matches[1], samelen); >- matches[0][samelen] = 0; >+ strlcpy(matches[0], matches[1], samelen); > } > matches[count] = NULL; > return matches; > >------- clitar.c ------- >--- /tmp/sccs.L_aOFC Thu Jul 27 16:25:35 2006 >+++ ./client/clitar.c Thu Jul 27 15:23:12 2006 >@@ -1085,7 +1085,7 @@ > /* First, add cur_dir to the long file name */ > > if (strlen(cur_dir) > 0) { >- strncpy(longname, cur_dir, namesize); >+ strlcpy(longname, cur_dir, namesize); > offset = strlen(cur_dir); > } > > >------- mount.cifs.c ------- >--- /tmp/sccs.SdaaGC Thu Jul 27 16:25:35 2006 >+++ ./client/mount.cifs.c Thu Jul 27 15:25:59 2006 >@@ -176,10 +176,10 @@ > exit(1); > } else { > got_user = 1; >- user_name = calloc(1 + length,1); >+ user_name = calloc(length,1); > /* BB adding free of user_name string before exit, > not really necessary but would be cleaner */ >- strncpy(user_name,temp_val, length); >+ strlcpy(user_name,temp_val, length); > } > } > } else if (strncasecmp("password",line_buf+i,8) == 0) { >@@ -204,7 +204,7 @@ > } else > memset(mountpassword,0,64); > if(mountpassword) { >- strncpy(mountpassword,temp_val,length); >+ strlcpy(mountpassword,temp_val,length); > got_password = 1; > } > } >@@ -232,7 +232,7 @@ > } else > memset(domain_name,0,64); > if(domain_name) { >- strncpy(domain_name,temp_val,length); >+ strlcpy(domain_name,temp_val,length); > got_domain = 1; > } > } >@@ -380,7 +380,7 @@ > printf("\nmount.cifs warning - password specified twice\n"); > got_password = 1; > percent_char++; >- strncpy(mountpassword, percent_char,64); >+ strlcpy(mountpassword, percent_char,64); > /* remove password from username */ > while(*percent_char != 0) { > *percent_char = ','; >@@ -778,7 +778,7 @@ > } > > *share = '/'; >- strncpy((*punc_name)+2,unc_name,length); >+ strlcpy((*punc_name)+2,unc_name,length); > unc_name = *punc_name; > unc_name[length+2] = 0; > goto continue_unc_parsing; >@@ -1033,7 +1033,7 @@ > mountpassword = calloc(65,1); > if(mountpassword) { > got_password = 1; >- strncpy(mountpassword,optarg,64); >+ strlcpy(mountpassword,optarg,65); > } > break; > case 'S': >@@ -1057,7 +1057,7 @@ > if(mountpassword == NULL) > mountpassword = calloc(65,1); > if(mountpassword) { >- strncpy(mountpassword,getenv("PASSWD"),64); >+ strlcpy(mountpassword,getenv("PASSWD"),65); > got_password = 1; > } > } else if (getenv("PASSWD_FD")) { > >------- smbctool.c ------- >--- /tmp/sccs.wgayGC Thu Jul 27 16:25:35 2006 >+++ ./client/smbctool.c Thu Jul 27 15:36:01 2006 >@@ -120,24 +120,24 @@ > > if (authSet) > { >- strncpy(pWorkgroup, authWorkgroup, maxLenWorkgroup - 1); >- strncpy(pUsername, authUsername, maxLenUsername - 1); >- strncpy(pPassword, authPassword, maxLenPassword - 1); >+ strlcpy(pWorkgroup, authWorkgroup, maxLenWorkgroup); >+ strlcpy(pUsername, authUsername, maxLenUsername); >+ strlcpy(pPassword, authPassword, maxLenPassword); > } > else > { > d_printf("Workgroup: %s\n", workgroup); >- strncpy(pWorkgroup, workgroup, maxLenWorkgroup - 1); >- strncpy(authWorkgroup, workgroup, maxLenWorkgroup - 1); >+ strlcpy(pWorkgroup, workgroup, maxLenWorkgroup); >+ strlcpy(authWorkgroup, workgroup, maxLenWorkgroup); > > d_printf("Username: %s\n", username); >- strncpy(pUsername, username, maxLenUsername - 1); >- strncpy(authUsername, username, maxLenUsername - 1); >+ strlcpy(pUsername, username, maxLenUsername); >+ strlcpy(authUsername, username, maxLenUsername); > > if (cmdline_auth_info.got_pass) > { >- strncpy(pPassword, cmdline_auth_info.password, maxLenPassword - 1); >- strncpy(authPassword, cmdline_auth_info.password, maxLenPassword - 1); >+ strlcpy(pPassword, cmdline_auth_info.password, maxLenPassword); >+ strlcpy(authPassword, cmdline_auth_info.password, maxLenPassword); > } > else > { >@@ -150,8 +150,8 @@ > } > if (temp[0] != '\0') > { >- strncpy(pPassword, temp, maxLenPassword - 1); >- strncpy(authPassword, pPassword, maxLenPassword - 1); >+ strlcpy(pPassword, temp, maxLenPassword); >+ strlcpy(authPassword, pPassword, maxLenPassword); > } > } > pstrcpy(cmdline_auth_info.username, authUsername); >@@ -3059,14 +3059,12 @@ > int i; > > if ((p = strchr_m(cmd, ';')) == 0) { >- strncpy(line, cmd, 999); >- line[1000] = '\0'; >+ strlcpy(line, cmd, 1000); > cmd += strlen(cmd); > } else { > if (p - cmd > 999) > p = cmd + 999; >- strncpy(line, cmd, p - cmd); >- line[p - cmd] = '\0'; >+ strlcpy(line, cmd, p - cmd); > cmd = p + 1; > } > >@@ -3155,8 +3153,7 @@ > info.samelen = info.len = len-i-1; > > if (i > 0) { >- strncpy(info.dirmask, text, i+1); >- info.dirmask[i+1] = 0; >+ strlcpy(info.dirmask, text, i); > pstr_sprintf(dirmask, "%s%*s*", cur_dir, i-1, text); > } else > pstr_sprintf(dirmask, "%s*", cur_dir); >@@ -3170,8 +3167,7 @@ > info.matches[0] = SMB_MALLOC(info.samelen+1); > if (!info.matches[0]) > goto cleanup; >- strncpy(info.matches[0], info.matches[1], info.samelen); >- info.matches[0][info.samelen] = 0; >+ strlcpy(info.matches[0], info.matches[1], info.samelen); > } > info.matches[info.count] = NULL; > return info.matches; >@@ -3254,8 +3250,7 @@ > matches[0] = SMB_MALLOC(samelen+1); > if (!matches[0]) > goto cleanup; >- strncpy(matches[0], matches[1], samelen); >- matches[0][samelen] = 0; >+ strlcpy(matches[0], matches[1], samelen); > } > matches[count] = NULL; > return matches; > >------- smbmount.c ------- >--- /tmp/sccs.ykaWGC Thu Jul 27 16:25:36 2006 >+++ ./client/smbmount.c Thu Jul 27 15:36:00 2006 >@@ -838,7 +838,7 @@ > } else if(!strcmp(opts, "lfs")) { > smbfs_has_lfs = True; > } else { >- strncpy(p, opts, sizeof(pstring) - (p - options) - 1); >+ strlcpy(p, opts, sizeof(pstring) - (p - options)); > p += strlen(opts); > *p++ = ','; > *p = 0; > >------- smbspool.c ------- >--- /tmp/sccs.flaiHC Thu Jul 27 16:25:36 2006 >+++ ./client/smbspool.c Thu Jul 27 15:36:00 2006 >@@ -135,9 +135,9 @@ > > dev_uri = getenv("DEVICE_URI"); > if (dev_uri) >- strncpy(uri, dev_uri, sizeof(uri) - 1); >+ strlcpy(uri, dev_uri, sizeof(uri)); > else if (strncmp(argv[0], "smb://", 6) == 0) >- strncpy(uri, argv[0], sizeof(uri) - 1); >+ strncpy(uri, argv[0], sizeof(uri)); > else > { > fputs("ERROR: No device URI found in DEVICE_URI environment variable or argv[0] !\n", stderr); > >------- smbumount.c ------- >--- /tmp/sccs.ynaGHC Thu Jul 27 16:25:36 2006 >+++ ./client/smbumount.c Thu Jul 27 15:35:59 2006 >@@ -96,7 +96,7 @@ > if (realpath (path, canonical)) > return canonical; > >- strncpy (canonical, path, PATH_MAX); >+ strlcpy(canonical, path, PATH_MAX); > canonical[PATH_MAX] = '\0'; > return canonical; > } > >------- tree.c ------- >--- /tmp/sccs.sqa4HC Thu Jul 27 16:25:36 2006 >+++ ./client/tree.c Thu Jul 27 15:35:58 2006 >@@ -134,7 +134,7 @@ > if (p) { > > p->type = type; >- strncpy(p->name, name, sizeof(p->name)); >+ strlcpy(p->name, name, sizeof(p->name)); > > } > >@@ -162,7 +162,7 @@ > > /* Now, get the private data for the subtree */ > >- strncpy(path, get_path(child), 1024); >+ strlcpy(path, get_path(child), 1024); > > if ((dh = smbc_opendir(path)) < 0) { /* Handle error */ > >@@ -199,7 +199,7 @@ > > /* Format each of the items ... */ > >- strncpy(col1, dirp->name, 128); >+ strlcpy(col1, dirp->name, 128); > > col2[0] = col3[0] = col4[0] = (char)0; > >@@ -211,19 +211,19 @@ > > case SMBC_SERVER: > >- strncpy(col2, (dirp->comment?dirp->comment:""), 128); >+ strlcpy(col2, (dirp->comment?dirp->comment:""), 128); > > break; > > case SMBC_FILE_SHARE: > >- strncpy(col2, (dirp->comment?dirp->comment:""), 128); >+ strlcpy(col2, (dirp->comment?dirp->comment:""), 128); > > break; > > case SMBC_PRINTER_SHARE: > >- strncpy(col2, (dirp->comment?dirp->comment:""), 128); >+ strlcpy(col2, (dirp->comment?dirp->comment:""), 128); > break; > > case SMBC_COMMS_SHARE: >@@ -242,8 +242,8 @@ > if ((strcmp(dirp->name, ".") != 0) && > (strcmp(dirp->name, "..") != 0)) { > >- strncpy(path1, path, sizeof(path1)); >- strncat(path1, "/", sizeof(path) - strlen(path)); >+ strlcpy(path1, path, sizeof(path1)); >+ strcat(path1, "/", sizeof(path) - strlen(path)); > strncat(path1, dirp->name, sizeof(path) - strlen(path)); > > if (smbc_stat(path1, &st1) < 0) { >@@ -260,7 +260,7 @@ > } > else { > >- strncpy(col2, "Device or resource busy", sizeof(col2)); >+ strlcpy(col2, "Device or resource busy", sizeof(col2)); > > } > } >@@ -597,8 +597,8 @@ > char *password, int pwmaxlen) > { > >- strncpy(username, "test", unmaxlen); >- strncpy(password, "test", pwmaxlen); >+ strlcpy(username, "test", unmaxlen); >+ strlcpy(password, "test", pwmaxlen); > > } > > >------- dictionary.c ------- >No differences encountered > >------- iniparser.c ------- >No differences encountered > >------- debug.c ------- >--- /tmp/sccs.ByaaJC Thu Jul 27 16:25:37 2006 >+++ ./lib/debug.c Thu Jul 27 15:35:57 2006 >@@ -243,7 +243,7 @@ > } > for (i = 0; i < debug_num_classes; i++) { > int l = strlen(list[i]); >- strncpy(b, list[i], l); >+ strlcpy(b, list[i], l); > b = b + l; > } > b[-1] = '\n'; /* replace last space with newline */ > >------- interfaces.c ------- >--- /tmp/sccs.CAayJC Thu Jul 27 16:25:37 2006 >+++ ./lib/interfaces.c Thu Jul 27 15:35:56 2006 >@@ -142,8 +142,7 @@ > > nmask = ((struct sockaddr_in *)&ifr[i].ifr_addr)->sin_addr; > >- strncpy(ifaces[total].name, iname, sizeof(ifaces[total].name)-1); >- ifaces[total].name[sizeof(ifaces[total].name)-1] = 0; >+ strlcpy(ifaces[total].name, iname, sizeof(ifaces[total].name)); > ifaces[total].ip = ipaddr; > ifaces[total].netmask = nmask; > total++; > >------- ldap_escape.c ------- >--- /tmp/sccs.uEaWJC Thu Jul 27 16:25:37 2006 >+++ ./lib/ldap_escape.c Thu Jul 27 15:35:55 2006 >@@ -74,7 +74,7 @@ > } > > p = &output[i]; >- strncpy (p, sub, 3); >+ strlcpy (p, sub, 3); > p += 3; > i += 3; > > >------- substitute.c ------- >--- /tmp/sccs.qHaiKC Thu Jul 27 16:25:37 2006 >+++ ./lib/substitute.c Thu Jul 27 15:53:30 2006 >@@ -212,8 +212,7 @@ > return NULL; > } > >- strncpy(envname,r,copylen); >- envname[copylen] = '\0'; >+ strlcpy(envname,r,copylen); > > if ((envval = getenv(envname)) == NULL) { > DEBUG(0,("expand_env_var: Environment variable [%s] not set\n", envname)); >@@ -227,8 +226,7 @@ > */ > > copylen = q + 1 - p; >- strncpy(envname,p,copylen); >- envname[copylen] = '\0'; >+ strlcpy(envname,p,copylen); > r = realloc_string_sub(str, envname, envval); > SAFE_FREE(envname); > >@@ -312,9 +310,9 @@ > > r = p+2; > copylen = MIN( (q-r), (sizeof(varname)-1) ); >- strncpy(varname, r, copylen); >- varname[copylen] = '\0'; >+ strlcpy(varname, r, copylen); > >+ > if ((value = get_longvar_val(varname)) == NULL) { > DEBUG(0,("realloc_expand_longvar: Variable [%s] not set. Skipping\n", varname)); > return str; >@@ -323,8 +321,7 @@ > /* Copy the full %(NAME) into envname so it can be replaced.*/ > > copylen = MIN( (q+1-p),(sizeof(varname)-1) ); >- strncpy( varname, p, copylen ); >- varname[copylen] = '\0'; >+ strlcpy( varname, p, copylen ); > r = realloc_string_sub(str, varname, value); > SAFE_FREE( value ); > >@@ -421,7 +418,7 @@ > char *s; > > if ( (s = alloc_sub_basic( smb_name, domain_name, str )) != NULL ) { >- strncpy( str, s, len ); >+ strlcpy( str, s, len ); > } > > SAFE_FREE( s ); >@@ -765,7 +762,7 @@ > gid, smb_name, domain_name, str); > > if ( s ) { >- strncpy( str, s, len ); >+ strlcpy( str, s, len ); > SAFE_FREE( s ); > } > } > >------- kerberos.c ------- >--- /tmp/sccs.qKaGKC Thu Jul 27 16:25:37 2006 >+++ ./libads/kerberos.c Thu Jul 27 15:53:29 2006 >@@ -45,7 +45,7 @@ > memset(prompts[0].reply->data, '\0', prompts[0].reply->length); > if (prompts[0].reply->length > 0) { > if (data) { >- strncpy(prompts[0].reply->data, data, prompts[0].reply->length-1); >+ strlcpy(prompts[0].reply->data, data, prompts[0].reply->length); > prompts[0].reply->length = strlen(prompts[0].reply->data); > } else { > prompts[0].reply->length = 0; > >------- krb5_setpw.c ------- >--- /tmp/sccs.7La4KC Thu Jul 27 16:25:37 2006 >+++ ./libads/krb5_setpw.c Thu Jul 27 15:53:29 2006 >@@ -667,7 +667,7 @@ > memset(prompts[0].reply->data, 0, prompts[0].reply->length); > if (prompts[0].reply->length > 0) { > if (data) { >- strncpy(prompts[0].reply->data, data, prompts[0].reply->length-1); >+ strlcpy(prompts[0].reply->data, data, prompts[0].reply->length); > prompts[0].reply->length = strlen(prompts[0].reply->data); > } else { > prompts[0].reply->length = 0; > >------- libmsrpc.c ------- >--- /tmp/sccs.tQaqLC Thu Jul 27 16:25:38 2006 >+++ ./libmsrpc/libmsrpc.c Thu Jul 27 15:53:28 2006 >@@ -111,7 +111,7 @@ > hnd->netbios_name = SMB_STRDUP(hnd->_internal.ctx->netbios_name); > } > else if(hnd->netbios_name[0] == '\0') { >- strncpy(hnd->netbios_name, hnd->_internal.ctx->netbios_name, sizeof(fstring)); >+ strlcpy(hnd->netbios_name, hnd->_internal.ctx->netbios_name, sizeof(fstring)); > } > > if(!hnd->username) { >@@ -118,7 +118,7 @@ > hnd->username = SMB_STRDUP(hnd->_internal.ctx->user); > } > else if(hnd->username[0] == '\0') { >- strncpy(hnd->username, hnd->_internal.ctx->user, sizeof(fstring)); >+ strlcpy(hnd->username, hnd->_internal.ctx->user, sizeof(fstring)); > } > > if(!hnd->domain) { >@@ -125,7 +125,7 @@ > hnd->domain = SMB_STRDUP(hnd->_internal.ctx->workgroup); > } > else if(hnd->domain[0] == '\0') { >- strncpy(hnd->domain, hnd->_internal.ctx->workgroup, sizeof(fstring)); >+ strlcpy(hnd->domain, hnd->_internal.ctx->workgroup, sizeof(fstring)); > } > > return CAC_SUCCESS; >@@ -284,9 +284,9 @@ > > if (authSet) > { >- strncpy(pWorkgroup, authWorkgroup, maxLenWorkgroup - 1); >- strncpy(pUsername, authUsername, maxLenUsername - 1); >- strncpy(pPassword, authPassword, maxLenPassword - 1); >+ strlcpy(pWorkgroup, authWorkgroup, maxLenWorkgroup); >+ strlcpy(pUsername, authUsername, maxLenUsername); >+ strlcpy(pPassword, authPassword, maxLenPassword); > } > else > { >@@ -301,8 +301,8 @@ > > if (temp[0] != '\0') > { >- strncpy(pWorkgroup, temp, maxLenWorkgroup - 1); >- strncpy(authWorkgroup, temp, maxLenWorkgroup - 1); >+ strlcpy(pWorkgroup, temp, maxLenWorkgroup); >+ strlcpy(authWorkgroup, temp, maxLenWorkgroup); > } > > d_printf("Username: [%s] ", pUsername); >@@ -315,8 +315,8 @@ > > if (temp[0] != '\0') > { >- strncpy(pUsername, temp, maxLenUsername - 1); >- strncpy(authUsername, pUsername, maxLenUsername - 1); >+ strlcpy(pUsername, temp, maxLenUsername); >+ strlcpy(authUsername, pUsername, maxLenUsername); > } > > pass = getpass("Password: "); >@@ -328,8 +328,8 @@ > } > if (temp[0] != '\0') > { >- strncpy(pPassword, temp, maxLenPassword - 1); >- strncpy(authPassword, pPassword, maxLenPassword - 1); >+ strlcpy(pPassword, temp, maxLenPassword); >+ strlcpy(authPassword, pPassword, maxLenPassword); > } > authSet = 1; > } > >------- clidgram.c ------- >--- /tmp/sccs.pTaOLC Thu Jul 27 16:25:38 2006 >+++ ./libsmb/clidgram.c Thu Jul 27 15:53:27 2006 >@@ -188,7 +188,7 @@ > > } > >- strncpy(servername, cli_backup_list, MIN(16, namesize)); >+ strlcpy(servername, cli_backup_list, MIN(16, namesize)); > > return True; > > >------- clilist.c ------- >--- /tmp/sccs.CWaaMC Thu Jul 27 16:25:38 2006 >+++ ./libsmb/clilist.c Thu Jul 27 15:53:27 2006 >@@ -392,8 +392,7 @@ > finfo->size = IVAL(p,26); > clistr_pull(cli, finfo->name, p+30, sizeof(finfo->name), 12, STR_ASCII); > if (strcmp(finfo->name, "..") && strcmp(finfo->name, ".")) { >- strncpy(finfo->short_name,finfo->name, sizeof(finfo->short_name)-1); >- finfo->short_name[sizeof(finfo->short_name)-1] = '\0'; >+ strlcpy(finfo->short_name,finfo->name, sizeof(finfo->short_name)); > } > > return(DIR_STRUCT_SIZE); > >------- libsmbclient.c ------- >--- /tmp/sccs.AZayMC Thu Jul 27 16:25:38 2006 >+++ ./libsmb/libsmbclient.c Thu Jul 27 16:10:56 2006 >@@ -181,8 +181,7 @@ > > *p = '\0'; > >- strncpy(dest, temp, max_dest_len - 1); >- dest[max_dest_len - 1] = '\0'; >+ strlcpy(dest, temp, max_dest_len); > > return err_count; > } >@@ -290,8 +289,7 @@ > * to the workgroup in the provided context. > */ > if (workgroup != NULL) { >- strncpy(workgroup, context->workgroup, workgroup_len - 1); >- workgroup[workgroup_len - 1] = '\0'; >+ strlcpy(workgroup, context->workgroup, workgroup_len); > } > > if (options != NULL && options_len > 0) { >@@ -336,11 +334,10 @@ > > if (*p == '/') { > >- strncpy(server, context->workgroup, >+ strlcpy(server, context->workgroup, > ((strlen(context->workgroup) < 16) > ? strlen(context->workgroup) > : 16)); >- server[server_len - 1] = '\0'; > return 0; > > } >@@ -383,18 +380,15 @@ > } > > if (domain[0] && workgroup) { >- strncpy(workgroup, domain, workgroup_len - 1); >- workgroup[workgroup_len - 1] = '\0'; >+ strlcpy(workgroup, domain, workgroup_len); > } > > if (username[0]) { >- strncpy(user, username, user_len - 1); >- user[user_len - 1] = '\0'; >+ strlcpy(user, username, user_len); > } > > if (passwd[0]) { >- strncpy(password, passwd, password_len - 1); >- password[password_len - 1] = '\0'; >+ strlcpy(password, passwd, password_len); > } > > } >@@ -2300,9 +2294,9 @@ > * Ditto for dirent->commentlen. > * The space for the two null bytes was allocated. > */ >- strncpy(dirent->name, (name?name:""), dirent->namelen + 1); >+ strlcpy(dirent->name, (name?name:""), dirent->namelen); > dirent->comment = (char *)(&dirent->name + dirent->namelen + 1); >- strncpy(dirent->comment, (comment?comment:""), dirent->commentlen + 1); >+ strlcpy(dirent->comment, (comment?comment:""), dirent->commentlen); > > return 0; > >@@ -2974,7 +2968,7 @@ > dest->comment = dest->name + dest->namelen + 1; > > /* Copy the comment */ >- strncpy(dest->comment, src->comment, max_namebuf_len - 1); >+ strlcpy(dest->comment, src->comment, max_namebuf_len); > dest->comment[max_namebuf_len - 1] = '\0'; > > /* Save other fields */ >@@ -3617,14 +3611,12 @@ > char atimebuf[32]; > char mtimebuf[32]; > >- strncpy(atimebuf, ctime(&a_time), sizeof(atimebuf) - 1); >- atimebuf[sizeof(atimebuf) - 1] = '\0'; >+ strlcpy(atimebuf, ctime(&a_time), sizeof(atimebuf)); > if ((p = strchr(atimebuf, '\n')) != NULL) { > *p = '\0'; > } > >- strncpy(mtimebuf, ctime(&m_time), sizeof(mtimebuf) - 1); >- mtimebuf[sizeof(mtimebuf) - 1] = '\0'; >+ strlcpy(mtimebuf, ctime(&m_time), sizeof(mtimebuf)); > if ((p = strchr(mtimebuf, '\n')) != NULL) { > *p = '\0'; > } >@@ -3631,6 +3623,7 @@ > > dbgtext("smbc_utimes(%s, atime = %s mtime = %s)\n", > fname, atimebuf, mtimebuf); >+ > } > > if (smbc_parse_path(context, fname, >@@ -4207,11 +4200,8 @@ > struct cli_state *cli = srv->cli; > > /* Copy name so we can strip off exclusions (if any are specified) */ >- strncpy(name_sandbox, attr_name, sizeof(name_sandbox) - 1); >+ strlcpy(name_sandbox, attr_name, sizeof(name_sandbox)); > >- /* Ensure name is null terminated */ >- name_sandbox[sizeof(name_sandbox) - 1] = '\0'; >- > /* Play in the sandbox */ > name = name_sandbox; > > >------- vfs_afsacl.c ------- >--- /tmp/sccs.u4aWMC Thu Jul 27 16:25:39 2006 >+++ ./modules/vfs_afsacl.c Thu Jul 27 15:53:25 2006 >@@ -236,7 +236,7 @@ > char str[MAXSIZE+1]; > char *p = str; > >- strncpy(str, acl_str, MAXSIZE); >+ strlcpy(str, acl_str, MAXSIZE); > > if (sscanf(p, "%d", &nplus) != 1) > return False; > >------- vfs_prealloc.c ------- >--- /tmp/sccs.V7aiNC Thu Jul 27 16:25:39 2006 >+++ ./modules/vfs_prealloc.c Thu Jul 27 15:53:25 2006 >@@ -123,7 +123,7 @@ > dot = strrchr(fname, '.'); > if (dot && *++dot) { > if (strlen(dot) < sizeof(fext)) { >- strncpy(fext, dot, sizeof(fext)); >+ strlcpy(fext, dot, sizeof(fext)); > strnorm(fext, CASE_LOWER); > } > } > >------- pam_winbind.c ------- >--- /tmp/sccs.D.aGNC Thu Jul 27 16:25:39 2006 >+++ ./nsswitch/pam_winbind.c Thu Jul 27 15:53:24 2006 >@@ -354,11 +354,11 @@ > *pwd_last_set = 0; > } > >- strncpy(request.data.auth.user, user, >- sizeof(request.data.auth.user)-1); >+ strlcpy(request.data.auth.user, user, >+ sizeof(request.data.auth.user)); > >- strncpy(request.data.auth.pass, pass, >- sizeof(request.data.auth.pass)-1); >+ strlcpy(request.data.auth.pass, pass, >+ sizeof(request.data.auth.pass)); > > request.data.auth.krb5_cc_type[0] = '\0'; > request.data.auth.uid = -1; >@@ -386,8 +386,8 @@ > } > > if (cctype != NULL) { >- strncpy(request.data.auth.krb5_cc_type, cctype, >- sizeof(request.data.auth.krb5_cc_type) - 1); >+ strlcpy(request.data.auth.krb5_cc_type, cctype, >+ sizeof(request.data.auth.krb5_cc_type)); > _pam_log_debug(ctrl, LOG_DEBUG, "enabling request for a %s krb5 ccache\n", cctype); > } > >@@ -394,8 +394,8 @@ > request.data.auth.require_membership_of_sid[0] = '\0'; > > if (member != NULL) { >- strncpy(request.data.auth.require_membership_of_sid, member, >- sizeof(request.data.auth.require_membership_of_sid)-1); >+ strlcpy(request.data.auth.require_membership_of_sid, member, >+ sizeof(request.data.auth.require_membership_of_sid)); > } > > /* lookup name? */ >@@ -410,8 +410,8 @@ > _pam_log_debug(ctrl, LOG_DEBUG, "no sid given, looking up: %s\n", member); > > /* fortunatly winbindd can handle non-separated names */ >- strncpy(sid_request.data.name.name, member, >- sizeof(sid_request.data.name.name) - 1); >+ strlcpy(sid_request.data.name.name, member, >+ sizeof(sid_request.data.name.name)); > > if (pam_winbind_request_log(pamh, ctrl, WINBINDD_LOOKUPNAME, &sid_request, &sid_response, user)) { > _pam_log(LOG_INFO, "could not lookup name: %s\n", member); >@@ -420,8 +420,8 @@ > > member = sid_response.data.sid.sid; > >- strncpy(request.data.auth.require_membership_of_sid, member, >- sizeof(request.data.auth.require_membership_of_sid)-1); >+ strlcpy(request.data.auth.require_membership_of_sid, member, >+ sizeof(request.data.auth.require_membership_of_sid)); > } > > ret = pam_winbind_request_log(pamh, ctrl, WINBINDD_PAM_AUTH, &request, &response, user); >@@ -529,19 +529,19 @@ > > if (request.data.chauthtok.user == NULL) return -2; > >- strncpy(request.data.chauthtok.user, user, >- sizeof(request.data.chauthtok.user) - 1); >+ strlcpy(request.data.chauthtok.user, user, >+ sizeof(request.data.chauthtok.user)); > > if (oldpass != NULL) { >- strncpy(request.data.chauthtok.oldpass, oldpass, >- sizeof(request.data.chauthtok.oldpass) - 1); >+ strlcpy(request.data.chauthtok.oldpass, oldpass, >+ sizeof(request.data.chauthtok.oldpass)); > } else { > request.data.chauthtok.oldpass[0] = '\0'; > } > > if (newpass != NULL) { >- strncpy(request.data.chauthtok.newpass, newpass, >- sizeof(request.data.chauthtok.newpass) - 1); >+ strlcpy(request.data.chauthtok.newpass, newpass, >+ sizeof(request.data.chauthtok.newpass)); > } else { > request.data.chauthtok.newpass[0] = '\0'; > } >@@ -640,8 +640,8 @@ > return 1; > } > >- strncpy(request.data.username, user, >- sizeof(request.data.username) - 1); >+ strlcpy(request.data.username, user, >+ sizeof(request.data.username)); > > ret = pam_winbind_request_log(pamh, ctrl, WINBINDD_GETPWNAM, &request, &response, user); > >@@ -1120,11 +1120,11 @@ > goto out; > } > >- strncpy(request.data.logoff.user, user, >- sizeof(request.data.logoff.user) - 1); >+ strlcpy(request.data.logoff.user, user, >+ sizeof(request.data.logoff.user)); > >- strncpy(request.data.logoff.krb5ccname, ccname, >- sizeof(request.data.logoff.krb5ccname) - 1); >+ strlcpy(request.data.logoff.krb5ccname, ccname, >+ sizeof(request.data.logoff.krb5ccname)); > > pwd = getpwnam(user); > if (pwd == NULL) { > >------- wb_common.c ------- >--- /tmp/sccs._ba4NC Thu Jul 27 16:25:39 2006 >+++ ./nsswitch/wb_common.c Thu Jul 27 15:53:23 2006 >@@ -189,8 +189,7 @@ > > /* Connect to socket */ > >- strncpy(path, dir, sizeof(path) - 1); >- path[sizeof(path) - 1] = '\0'; >+ strlcpy(path, dir, sizeof(path) - 1); > > strncat(path, "/", sizeof(path) - 1 - strlen(path)); > path[sizeof(path) - 1] = '\0'; >@@ -200,7 +199,7 @@ > > ZERO_STRUCT(sunaddr); > sunaddr.sun_family = AF_UNIX; >- strncpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path) - 1); >+ strlcpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path)); > > /* If socket file doesn't exist, don't bother trying to connect > with retry. This is an attempt to make the system usable when > >------- winbind_nss_aix.c ------- >No differences encountered > >------- winbind_nss_linux.c ------- >--- /tmp/sccs.vhaOOC Thu Jul 27 16:25:40 2006 >+++ ./nsswitch/winbind_nss_linux.c Thu Jul 27 16:10:55 2006 >@@ -482,10 +482,8 @@ > ZERO_STRUCT(response); > ZERO_STRUCT(request); > >- strncpy(request.data.username, name, >- sizeof(request.data.username) - 1); >- request.data.username >- [sizeof(request.data.username) - 1] = '\0'; >+ strlcpy(request.data.username, name, >+ sizeof(request.data.username)); > > ret = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response); > >@@ -695,10 +693,8 @@ > ZERO_STRUCT(request); > ZERO_STRUCT(response); > >- strncpy(request.data.groupname, name, >+ strlcpy(request.data.groupname, name, > sizeof(request.data.groupname)); >- request.data.groupname >- [sizeof(request.data.groupname) - 1] = '\0'; > > ret = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response); > >@@ -818,8 +814,8 @@ > ZERO_STRUCT(request); > ZERO_STRUCT(response); > >- strncpy(request.data.username, user, >- sizeof(request.data.username) - 1); >+ strlcpy(request.data.username, user, >+ sizeof(request.data.username)); > > ret = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); > >@@ -894,8 +890,7 @@ > ZERO_STRUCT(request); > ZERO_STRUCT(response); > >- strncpy(request.data.sid, user_sid,sizeof(request.data.sid) - 1); >- request.data.sid[sizeof(request.data.sid) - 1] = '\0'; >+ strlcpy(request.data.sid, user_sid,sizeof(request.data.sid)); > > ret = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response); > >@@ -936,9 +931,8 @@ > ZERO_STRUCT(response); > ZERO_STRUCT(request); > >- strncpy(request.data.name.name, name, >- sizeof(request.data.name.name) - 1); >- request.data.name.name[sizeof(request.data.name.name) - 1] = '\0'; >+ strlcpy(request.data.name.name, name, >+ sizeof(request.data.name.name)); > > ret = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response); > if (ret != NSS_STATUS_SUCCESS) { >@@ -992,9 +986,8 @@ > } > > >- strncpy(request.data.sid, sid, >- sizeof(request.data.sid) - 1); >- request.data.sid[sizeof(request.data.sid) - 1] = '\0'; >+ strlcpy(request.data.sid, sid, >+ sizeof(request.data.sid)); > > ret = winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response); > if (ret != NSS_STATUS_SUCCESS) { >@@ -1040,8 +1033,7 @@ > ZERO_STRUCT(request); > ZERO_STRUCT(response); > >- strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1); >- request.data.sid[sizeof(request.data.sid) - 1] = '\0'; >+ strlcpy(request.data.sid, sid, sizeof(request.data.sid)); > > ret = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response); > if (ret != NSS_STATUS_SUCCESS) { >@@ -1070,8 +1062,7 @@ > ZERO_STRUCT(request); > ZERO_STRUCT(response); > >- strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1); >- request.data.sid[sizeof(request.data.sid) - 1] = '\0'; >+ strlcpy(request.data.sid, sid, sizeof(request.data.sid)); > > ret = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response); > if (ret != NSS_STATUS_SUCCESS) { > >------- winbind_nss_solaris.c ------- >--- /tmp/sccs.4jaaPC Thu Jul 27 16:25:40 2006 >+++ ./nsswitch/winbind_nss_solaris.c Thu Jul 27 16:01:17 2006 >@@ -493,7 +493,7 @@ > af = AF_INET6; > #endif > >- strncpy(request.data.winsreq, argp->key.name, strlen(argp->key.name)) ; >+ strlcpy(request.data.winsreq, argp->key.name, strlen(argp->key.name)) ; > > if( (ret = winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response)) > == NSS_STATUS_SUCCESS ) { >@@ -515,7 +515,7 @@ > ZERO_STRUCT(response); > ZERO_STRUCT(request); > >- strncpy(request.data.winsreq, argp->key.name, strlen(argp->key.name)); >+ strlcpy(request.data.winsreq, argp->key.name, strlen(argp->key.name)); > > if( (ret = winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response)) > == NSS_STATUS_SUCCESS ) { > >------- pam_smb_passwd.c ------- >--- /tmp/sccs.4mayPC Thu Jul 27 16:25:40 2006 >+++ ./pam_smbpass/pam_smb_passwd.c Thu Jul 27 16:01:17 2006 >@@ -178,8 +178,8 @@ > CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); > return PAM_BUF_ERR; > } >- strncpy( Announce, greeting, sizeof(greeting) ); >- strncpy( Announce+sizeof(greeting)-1, user, strlen(user)+1 ); >+ strlcpy( Announce, greeting, sizeof(greeting) ); >+ strlcpy( Announce+sizeof(greeting)-1, user, strlen(user)+1 ); > #undef greeting > > set( SMB__OLD_PASSWD, ctrl ); > >------- support.c ------- >--- /tmp/sccs..paWPC Thu Jul 27 16:25:40 2006 >+++ ./pam_smbpass/support.c Thu Jul 27 16:01:16 2006 >@@ -348,8 +348,8 @@ > if (data_name == NULL) { > _log_err( LOG_CRIT, "no memory for data-name" ); > } >- strncpy( data_name, FAIL_PREFIX, sizeof(FAIL_PREFIX) ); >- strncpy( data_name + sizeof(FAIL_PREFIX) - 1, name, strlen( name ) + 1 ); >+ strlcpy( data_name, FAIL_PREFIX, sizeof(FAIL_PREFIX) ); >+ strlcpy( data_name + sizeof(FAIL_PREFIX) - 1, name, strlen( name ) + 1 ); > > /* > * The password we were given wasn't an encrypted password, or it > >------- pdb_smbpasswd.c ------- >--- /tmp/sccs.ctaiQC Thu Jul 27 16:25:40 2006 >+++ ./passdb/pdb_smbpasswd.c Thu Jul 27 16:01:15 2006 >@@ -398,7 +398,7 @@ > */ > SMB_ASSERT(sizeof(pstring) > sizeof(linebuf)); > >- strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); >+ strlcpy(user_name, linebuf, PTR_DIFF(p, linebuf)); > user_name[PTR_DIFF(p, linebuf)] = '\0'; > > /* Get smb uid. */ >@@ -809,8 +809,7 @@ > > SMB_ASSERT(sizeof(user_name) > sizeof(linebuf)); > >- strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); >- user_name[PTR_DIFF(p, linebuf)] = '\0'; >+ strlcpy(user_name, linebuf, PTR_DIFF(p, linebuf)); > if (strequal(user_name, pwd->smb_name)) { > found_entry = True; > break; > >------- secrets.c ------- >--- /tmp/sccs.7uaGQC Thu Jul 27 16:25:40 2006 >+++ ./passdb/secrets.c Thu Jul 27 16:01:14 2006 >@@ -773,8 +773,7 @@ > } > > size = MIN(size, sizeof(fstring)-1); >- strncpy(old_style_pw, data, size); >- old_style_pw[size] = 0; >+ strlcpy(old_style_pw, data, size); > > SAFE_FREE(data); > > >------- findme.c ------- >No differences encountered > >------- popt.c ------- >--- /tmp/sccs.PBaqRC Thu Jul 27 16:25:41 2006 >+++ ./popt/popt.c Thu Jul 27 16:01:13 2006 >@@ -595,7 +595,7 @@ > *te = '\0'; > t = realloc(t, tn); > te = t + strlen(t); >- strncpy(te, a, alen); te += alen; >+ strlcpy(te, a, alen); te += alen; > continue; > /*@notreached@*/ /*@switchbreak@*/ break; > default: > >------- popthelp.c ------- >--- /tmp/sccs.ODaORC Thu Jul 27 16:25:41 2006 >+++ ./popt/popthelp.c Thu Jul 27 16:01:13 2006 >@@ -167,7 +167,7 @@ > } else { > size_t slen = 4*lineLength - (le - l) - sizeof("\"...\")"); > *le++ = '"'; >- strncpy(le, s, slen); le[slen] = '\0'; le += strlen(le); >+ strlcpy(le, s, slen); le[slen] = '\0'; le += strlen(le); > if (slen < strlen(s)) { > strcpy(le, "..."); le += strlen(le); > } > >------- lpq_parse.c ------- >--- /tmp/sccs.5GaaSC Thu Jul 27 16:25:41 2006 >+++ ./printing/lpq_parse.c Thu Jul 27 16:01:11 2006 >@@ -801,7 +801,7 @@ > #define LPRNT_PAUSED "Paused" > > memset(&parse_line, '\0', sizeof(parse_line)); >- strncpy((char *) &parse_line, line, sizeof(parse_line) -1); >+ strlcpy((char *) &parse_line, line, sizeof(parse_line)); > > if (strlen((char *) &parse_line) != sizeof(parse_line) - 1) { > return False; >@@ -884,7 +884,7 @@ > #define LPROS2_PAUSED "Paused" > > memset(&parse_line, '\0', sizeof(parse_line)); >- strncpy((char *) &parse_line, line, sizeof(parse_line) -1); >+ strlcpy((char *) &parse_line, line, sizeof(parse_line)); > > if (strlen((char *) &parse_line) != sizeof(parse_line) - 1) { > return False; > >------- print_cups.c ------- >--- /tmp/sccs.XKaySC Thu Jul 27 16:25:41 2006 >+++ ./printing/print_cups.c Thu Jul 27 16:01:11 2006 >@@ -896,8 +896,8 @@ > LPQ_PRINTING; > temp->priority = job_priority; > temp->time = job_time; >- strncpy(temp->fs_user, user_name, sizeof(temp->fs_user) - 1); >- strncpy(temp->fs_file, job_name, sizeof(temp->fs_file) - 1); >+ strlcpy(temp->fs_user, user_name, sizeof(temp->fs_user)); >+ strlcpy(temp->fs_file, job_name, sizeof(temp->fs_file)); > > qcount ++; > > >------- print_iprint.c ------- >--- /tmp/sccs.5NaWSC Thu Jul 27 16:25:42 2006 >+++ ./printing/print_iprint.c Thu Jul 27 16:01:10 2006 >@@ -1168,8 +1168,8 @@ > LPQ_PRINTING; > temp->priority = job_priority; > temp->time = job_time; >- strncpy(temp->fs_user, user_name, sizeof(temp->fs_user) - 1); >- strncpy(temp->fs_file, job_name, sizeof(temp->fs_file) - 1); >+ strlcpy(temp->fs_user, user_name, sizeof(temp->fs_user)); >+ strlcpy(temp->fs_file, job_name, sizeof(temp->fs_file)); > > qcount ++; > > >------- reg_cachehook.c ------- >--- /tmp/sccs.2PaiTC Thu Jul 27 16:25:42 2006 >+++ ./registry/reg_cachehook.c Thu Jul 27 16:01:10 2006 >@@ -86,7 +86,7 @@ > } > > *key = '\\'; >- strncpy( key+1, keyname, len+1); >+ strlcpy( key+1, keyname, len+1); > > /* swap to a form understood by the SORTED_TREE */ > > >------- parse_prs.c ------- >--- /tmp/sccs.QSaGTC Thu Jul 27 16:25:42 2006 >+++ ./rpc_parse/parse_prs.c Thu Jul 27 16:01:09 2006 >@@ -1354,7 +1354,7 @@ > } > > if (MARSHALLING(ps)) { >- strncpy(tmp_str, *str, len); >+ strlcpy(tmp_str, *str, len); > } > > if (!prs_string(name, ps, depth, tmp_str, len+1)) { > >------- srv_eventlog_lib.c ------- >--- /tmp/sccs.3Va4TC Thu Jul 27 16:25:42 2006 >+++ ./rpc_server/srv_eventlog_lib.c Thu Jul 27 16:01:08 2006 >@@ -668,7 +668,7 @@ > stop++; > } > temp_len = strlen( stop ); >- strncpy( temp, stop, temp_len ); >+ strlcpy( temp, stop, temp_len ); > rpcstr_push( ( void * ) ( entry->data_record.source_name ), > temp, sizeof( entry->data_record.source_name ), > STR_TERMINATE ); >@@ -682,7 +682,7 @@ > stop++; > } > temp_len = strlen( stop ); >- strncpy( temp, stop, temp_len ); >+ strlcpy( temp, stop, temp_len ); > rpcstr_push( ( void * ) ( entry->data_record.computer_name ), > temp, sizeof( entry->data_record.computer_name ), > STR_TERMINATE ); >@@ -696,7 +696,7 @@ > stop++; > } > temp_len = strlen( stop ); >- strncpy( temp, stop, temp_len ); >+ strlcpy( temp, stop, temp_len ); > rpcstr_push( ( void * ) ( entry->data_record.sid ), temp, > sizeof( entry->data_record.sid ), > STR_TERMINATE ); >@@ -711,7 +711,7 @@ > } > temp_len = strlen( stop ); > memset( temp, 0, sizeof( temp ) ); >- strncpy( temp, stop, temp_len ); >+ strlcpy( temp, stop, temp_len ); > rpcstr_push( ( void * ) ( entry->data_record.strings + > ( entry->data_record.strings_len / 2 ) ), > temp, > >------- srv_spoolss_nt.c ------- >--- /tmp/sccs.8YaqUC Thu Jul 27 16:25:42 2006 >+++ ./rpc_server/srv_spoolss_nt.c Thu Jul 27 16:01:07 2006 >@@ -1220,7 +1220,7 @@ > int n_services = lp_numservices(); > > len = MIN(len,sizeof(drivername)-1); >- strncpy(drivername, buf, len); >+ strlcpy(drivername, buf, len); > > DEBUG(10,("do_drv_upgrade_printer: Got message for new driver [%s]\n", drivername )); > >@@ -1318,7 +1318,7 @@ > int n_services = lp_numservices(); > > len = MIN( len, sizeof(drivername)-1 ); >- strncpy( drivername, buf, len ); >+ strlcpy( drivername, buf, len ); > > DEBUG(10,("reset_all_printerdata: Got message for new driver [%s]\n", drivername )); > >@@ -6060,7 +6060,7 @@ > > if (numlines) { > /* Set the portname to what the script says the portname should be. */ >- strncpy(printer->info_2->portname, qlines[0], sizeof(printer->info_2->portname)); >+ strlcpy(printer->info_2->portname, qlines[0], sizeof(printer->info_2->portname)); > DEBUGADD(6,("Line[0] = [%s]\n", qlines[0])); > } > > >------- lanman.c ------- >--- /tmp/sccs.U4aOUC Thu Jul 27 16:25:43 2006 >+++ ./smbd/lanman.c Thu Jul 27 16:01:06 2006 >@@ -3496,8 +3496,7 @@ > { > char buf[100]; > >- strncpy(buf,SERVICE(snum),sizeof(buf)-1); >- buf[sizeof(buf)-1] = 0; >+ strlcpy(buf,SERVICE(snum),sizeof(buf)); > strupper_m(buf); > > if (uLevel <= 1) { > >------- mangle_hash2.c ------- >--- /tmp/sccs.D8aaVC Thu Jul 27 16:25:43 2006 >+++ ./smbd/mangle_hash2.c Thu Jul 27 16:01:05 2006 >@@ -130,8 +130,7 @@ > is the only place where we need to use a multi-byte string > function */ > length = MIN(length,sizeof(fstring)-1); >- strncpy(str, key, length); >- str[length] = 0; >+ strlcpy(str, key, length); > strupper_m(str); > > /* the length of a multi-byte string can change after a strupper_m */ >@@ -400,8 +399,7 @@ > > /* we found it - construct the full name */ > if (name[8] == '.') { >- strncpy(extension, name+9, 3); >- extension[3] = 0; >+ strlcpy(extension, name+9, 4); > } else { > extension[0] = 0; > } > >------- tdbtest.c ------- >No differences encountered > >------- crypttest.c ------- >--- /tmp/sccs.icaWVC Thu Jul 27 16:25:43 2006 >+++ ./tests/crypttest.c Thu Jul 27 16:01:04 2006 >@@ -689,7 +689,7 @@ > * Setup key schedule > */ > clearmem(ktab, sizeof ktab); >- strncpy(ktab, key, 8); >+ strlcpy(ktab, key, 8); > ufc_mk_keytab(ktab); > > /* > >------- os2_delete.c ------- >No differences encountered > >------- unixsock.c ------- >--- /tmp/sccs.3faGWC Thu Jul 27 16:25:44 2006 >+++ ./tests/unixsock.c Thu Jul 27 16:01:04 2006 >@@ -53,7 +53,7 @@ > > /* Bind a name to the socket. */ > name.sun_family = AF_LOCAL; >- strncpy(name.sun_path, filename, sizeof (name.sun_path)); >+ strlcpy(name.sun_path, filename, sizeof (name.sun_path)); > > /* The size of the address is > the offset of the start of the filename, > >------- sharesec.c ------- >--- /tmp/sccs.Aja4WC Thu Jul 27 16:25:44 2006 >+++ ./utils/sharesec.c Thu Jul 27 16:01:03 2006 >@@ -234,7 +234,7 @@ > char *end_acl = strchr_m( pacl, ',' ); > fstring acl_string; > >- strncpy( acl_string, pacl, MIN( PTR_DIFF( end_acl, pacl ), sizeof(fstring)-1) ); >+ strlcpy( acl_string, pacl, MIN( PTR_DIFF( end_acl, pacl ), sizeof(fstring)) ); > acl_string[MIN( PTR_DIFF( end_acl, pacl ), sizeof(fstring)-1)] = '\0'; > > if ( !parse_ace( ctx, &ace[i], acl_string ) ) > >------- smbget.c ------- >--- /tmp/sccs.pmaqXC Thu Jul 27 16:25:44 2006 >+++ ./utils/smbget.c Thu Jul 27 16:01:02 2006 >@@ -94,8 +94,8 @@ > printf("Username for %s at %s [guest] ", shr, srv); > fgets(tmp, sizeof(tmp), stdin); > if(tmp[strlen(tmp)-1] == '\n')tmp[strlen(tmp)-1] = '\0'; >- strncpy(un, tmp, unlen-1); >- } else if(username) strncpy(un, username, unlen-1); >+ strlcpy(un, tmp, unlen); >+ } else if(username) strlcpy(un, username, unlen); > > if(!nonprompt && !password) { > char *prompt, *pass; >@@ -102,10 +102,10 @@ > asprintf(&prompt, "Password for %s at %s: ", shr, srv); > pass = getpass(prompt); > free(prompt); >- strncpy(pw, pass, pwlen-1); >- } else if(password) strncpy(pw, password, pwlen-1); >+ strlcpy(pw, pass, pwlen); >+ } else if(password) strncpy(pw, password, pwlen); > >- if(workgroup)strncpy(wg, workgroup, wglen-1); >+ if(workgroup)strlcpy(wg, workgroup, wglen); > > wgtmp = SMB_STRNDUP(wg, wglen); > usertmp = SMB_STRNDUP(un, unlen); >@@ -204,7 +204,7 @@ > static char buffer[100]; > int secs, mins, hours; > if(t < -1) { >- strncpy(buffer, "Unknown", sizeof(buffer)); >+ strlcpy(buffer, "Unknown", sizeof(buffer)); > return buffer; > } > > >------- swat.c ------- >--- /tmp/sccs.DpaOXC Thu Jul 27 16:25:44 2006 >+++ ./web/swat.c Thu Jul 27 16:00:59 2006 >@@ -86,7 +86,7 @@ > > while (*str) { > if ( *str == '\"' && (newstring_len - PTR_DIFF(p, newstring) - 1) > quote_len ) { >- strncpy( p, """, quote_len); >+ strlcpy( p, """, quote_len); > p += quote_len; > } else { > *p++ = *str;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2070">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 3971
: 2070 |
2071
|
2072