nls buffers are NL_TEXTMAX long -- not a security hole; netbsd pr#2780, mike.long@analog.com

author: deraadt <> 1996-09-25 08:17:31 +0000
committer: deraadt <> 1996-09-25 08:17:31 +0000
commit: e1d97f672bb21109e95b3a91fd67865f61ec96ca (patch)
tree: ceb605cc4fe68d3cc7d91284f9a4342e44615920
parent: 78ff40b0a2d20864f3aba0938b17ac74741977d8 (diff)
download: openbsd-e1d97f672bb21109e95b3a91fd67865f61ec96ca.tar.gz
openbsd-e1d97f672bb21109e95b3a91fd67865f61ec96ca.tar.bz2
openbsd-e1d97f672bb21109e95b3a91fd67865f61ec96ca.zip
2 files changed, 15 insertions, 10 deletions
diff --git a/src/lib/libc/string/__strerror.c b/src/lib/libc/string/__strerror.c
index 16d8205868..9c023f8a53 100644
--- a/src/lib/libc/string/__strerror.c
+++ b/src/lib/libc/string/__strerror.c
@@ -32,7 +32,7 @@
 */
 #if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: __strerror.c,v 1.5 1996/09/16 05:43:38 tholo Exp $";
+static char *rcsid = "$OpenBSD: __strerror.c,v 1.6 1996/09/25 08:17:30 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 #ifdef NLS
@@ -46,6 +46,7 @@ static char *rcsid = "$OpenBSD: __strerror.c,v 1.5 1996/09/16 05:43:38 tholo Exp
 #define sys_nerr        _sys_nerr
 #include <errno.h>
+#include <limits.h>
 #include <stdio.h>
 #include <string.h>
@@ -86,18 +87,20 @@ __strerror(num, buf)
        errnum = num;                           /* convert to unsigned */
        if (errnum < sys_nerr) {
 #ifdef NLS
-                strcpy(buf, catgets(catd, 1, errnum,
+                strncpy(buf, catgets(catd, 1, errnum,
-                    (char *)sys_errlist[errnum])); 
+                    (char *)sys_errlist[errnum]), NL_TEXTMAX-1);
+                buf[NL_TEXTMAX - 1] = '\0';
 #else
                return(sys_errlist[errnum]);
 #endif
        } else {
 #ifdef NLS
-                strcpy(buf, catgets(catd, 1, 0xffff, UPREFIX));
+                strncpy(buf, catgets(catd, 1, 0xffff, UPREFIX), NL_TEXTMAX-1);
+                buf[NL_TEXTMAX - 1] = '\0';
 #else
                strcpy(buf, UPREFIX);
 #endif
-                strcat(buf, itoa(errnum));
+                strncat(buf, itoa(errnum), NL_TEXTMAX-strlen(buf)-1);
        }
 #ifdef NLS
diff --git a/src/lib/libc/string/__strsignal.c b/src/lib/libc/string/__strsignal.c
index 5a424bfde2..53c9e59e59 100644
--- a/src/lib/libc/string/__strsignal.c
+++ b/src/lib/libc/string/__strsignal.c
@@ -32,7 +32,7 @@
 */
 #if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: __strsignal.c,v 1.3 1996/09/16 05:43:39 tholo Exp $";
+static char *rcsid = "$OpenBSD: __strsignal.c,v 1.4 1996/09/25 08:17:31 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 #ifdef NLS
@@ -79,18 +79,20 @@ __strsignal(num, buf)
        signum = num;                           /* convert to unsigned */
        if (signum < NSIG) {
 #ifdef NLS
-                strcpy(buf, catgets(catd, 2, signum,
+                strncpy(buf, catgets(catd, 2, signum,
-                    (char *)sys_siglist[signum])); 
+                    (char *)sys_siglist[signum]), NL_TEXTMAX-1);
+                buf[NL_TEXTMAX-1] = '\0';
 #else
                return((char *)sys_siglist[signum]);
 #endif
        } else {
 #ifdef NLS
-                strcpy(buf, catgets(catd, 1, 0xffff, UPREFIX));
+                strncpy(buf, catgets(catd, 1, 0xffff, UPREFIX), NL_TEXTMAX-1);
+                buf[NL_TEXTMAX-1] = '\0';
 #else
                strcpy(buf, UPREFIX);
 #endif
-                strcat(buf, itoa(signum));
+                strncat(buf, itoa(signum), NL_TEXTMAX-strlen(buf)-1);
        }
 #ifdef NLS
author	deraadt <>	1996-09-25 08:17:31 +0000
committer	deraadt <>	1996-09-25 08:17:31 +0000
commit	e1d97f672bb21109e95b3a91fd67865f61ec96ca (patch)
tree	ceb605cc4fe68d3cc7d91284f9a4342e44615920
parent	78ff40b0a2d20864f3aba0938b17ac74741977d8 (diff)
download	openbsd-e1d97f672bb21109e95b3a91fd67865f61ec96ca.tar.gz openbsd-e1d97f672bb21109e95b3a91fd67865f61ec96ca.tar.bz2 openbsd-e1d97f672bb21109e95b3a91fd67865f61ec96ca.zip