1 autofs-5.0.4 - make MAX_ERR_BUF and PARSE_MAX_BUF use easier to audit
3 From: Valerie Aurora Henson <vaurora@redhat.com>
5 Non-critical changes to make auditing buffer lengths easier.
7 * Some buffers were the wrong (too big) size, some were used twice for
9 * Use sizeof(buf) instead of repeating the *MAX* define in functions
10 that need to know the size of a statically allocated buffer.
11 * Fix a compiler warning about discarding the const on a string.
15 modules/lookup_ldap.c | 51 ++++++++++++++++++++++---------------------------
16 2 files changed, 24 insertions(+), 28 deletions(-)
19 diff --git a/CHANGELOG b/CHANGELOG
20 index afd1335..417a001 100644
24 - add "forcestart" and "forcerestart" init script options to allow
25 use of 5.0.3 strartup behavior if required.
26 - always read entire file map into cache to speed lookups.
27 +- make MAX_ERR_BUF and PARSE_MAX_BUF use easier to audit.
29 4/11/2008 autofs-5.0.4
30 -----------------------
31 diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
32 index bee97ae..d8a60d3 100644
33 --- a/modules/lookup_ldap.c
34 +++ b/modules/lookup_ldap.c
35 @@ -272,7 +272,7 @@ LDAP *init_ldap_connection(unsigned logopt, const char *uri, struct lookup_conte
37 static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt, const char *class, const char *key)
39 - char buf[PARSE_MAX_BUF];
40 + char buf[MAX_ERR_BUF];
41 char *query, *dn, *qdn;
42 LDAPMessage *result, *e;
43 struct ldap_searchdn *sdns = NULL;
44 @@ -296,7 +296,7 @@ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt
48 - char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
49 + char *estr = strerror_r(errno, buf, sizeof(buf));
50 crit(logopt, MODPREFIX "alloca: %s", estr);
51 return NSS_STATUS_UNAVAIL;
53 @@ -1082,7 +1082,7 @@ static int parse_server_string(unsigned logopt, const char *url, struct lookup_c
57 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
58 + estr = strerror_r(errno, buf, sizeof(buf));
59 logerr(MODPREFIX "malloc: %s", estr);
62 @@ -1104,7 +1104,7 @@ static int parse_server_string(unsigned logopt, const char *url, struct lookup_c
66 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
67 + estr = strerror_r(errno, buf, sizeof(buf));
68 crit(logopt, MODPREFIX "malloc: %s", estr);
71 @@ -1139,7 +1139,7 @@ static int parse_server_string(unsigned logopt, const char *url, struct lookup_c
72 /* Isolate the server's name. */
75 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
76 + estr = strerror_r(errno, buf, sizeof(buf));
77 logerr(MODPREFIX "malloc: %s", estr);
80 @@ -1180,7 +1180,7 @@ static int parse_server_string(unsigned logopt, const char *url, struct lookup_c
84 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
85 + estr = strerror_r(errno, buf, sizeof(buf));
86 logerr(MODPREFIX "malloc: %s", estr);
89 @@ -1191,7 +1191,7 @@ static int parse_server_string(unsigned logopt, const char *url, struct lookup_c
93 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
94 + estr = strerror_r(errno, buf, sizeof(buf));
95 logerr(MODPREFIX "malloc: %s", estr);
98 @@ -1205,7 +1205,7 @@ static int parse_server_string(unsigned logopt, const char *url, struct lookup_c
99 char *map = malloc(l + 1);
102 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
103 + estr = strerror_r(errno, buf, sizeof(buf));
104 logerr(MODPREFIX "malloc: %s", estr);
107 @@ -1318,7 +1318,7 @@ int lookup_init(const char *mapfmt, int argc, const char *const *argv, void **co
108 /* If we can't build a context, bail. */
109 ctxt = malloc(sizeof(struct lookup_context));
111 - char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
112 + char *estr = strerror_r(errno, buf, sizeof(buf));
113 logerr(MODPREFIX "malloc: %s", estr);
116 @@ -1419,8 +1419,9 @@ int lookup_read_master(struct master *master, time_t age, void *context)
117 unsigned int timeout = master->default_timeout;
118 unsigned int logging = master->default_logging;
119 unsigned int logopt = master->logopt;
120 - int rv, l, count, blen;
121 - char buf[PARSE_MAX_BUF];
123 + char buf[MAX_ERR_BUF];
124 + char parse_buf[PARSE_MAX_BUF];
126 LDAPMessage *result, *e;
127 char *class, *info, *entry;
128 @@ -1442,7 +1443,7 @@ int lookup_read_master(struct master *master, time_t age, void *context)
132 - char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
133 + char *estr = strerror_r(errno, buf, sizeof(buf));
134 logerr(MODPREFIX "alloca: %s", estr);
135 return NSS_STATUS_UNAVAIL;
137 @@ -1532,19 +1533,13 @@ int lookup_read_master(struct master *master, time_t age, void *context)
141 - blen = strlen(*keyValue) + 1 + strlen(*values) + 2;
142 - if (blen > PARSE_MAX_BUF) {
143 + if (snprintf(parse_buf, sizeof(parse_buf), "%s %s",
144 + *keyValue, *values) >= sizeof(parse_buf)) {
145 error(logopt, MODPREFIX "map entry too long");
146 ldap_value_free(values);
149 - memset(buf, 0, PARSE_MAX_BUF);
151 - strcpy(buf, *keyValue);
153 - strcat(buf, *values);
155 - master_parse_entry(buf, timeout, logging, age);
156 + master_parse_entry(parse_buf, timeout, logging, age);
158 ldap_value_free(keyValue);
159 e = ldap_next_entry(ldap, e);
160 @@ -1561,7 +1556,7 @@ static int get_percent_decoded_len(const char *name)
165 + const char *tmp = name;
166 int look_for_close = 0;
169 @@ -2060,7 +2055,7 @@ static int do_get_entries(struct ldap_search_params *sp, struct map_source *sour
170 mapent = malloc(v_len + 1);
173 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
174 + estr = strerror_r(errno, buf, sizeof(buf));
175 logerr(MODPREFIX "malloc: %s", estr);
176 ldap_value_free_len(bvValues);
178 @@ -2080,7 +2075,7 @@ static int do_get_entries(struct ldap_search_params *sp, struct map_source *sour
179 mapent_len = new_size;
182 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
183 + estr = strerror_r(errno, buf, sizeof(buf));
184 logerr(MODPREFIX "realloc: %s", estr);
187 @@ -2181,7 +2176,7 @@ static int read_one_map(struct autofs_point *ap,
189 sp.query = alloca(l);
190 if (sp.query == NULL) {
191 - char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
192 + char *estr = strerror_r(errno, buf, sizeof(buf));
193 logerr(MODPREFIX "malloc: %s", estr);
194 return NSS_STATUS_UNAVAIL;
196 @@ -2335,7 +2330,7 @@ static int lookup_one(struct autofs_point *ap,
200 - char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
201 + char *estr = strerror_r(errno, buf, sizeof(buf));
202 crit(ap->logopt, MODPREFIX "malloc: %s", estr);
205 @@ -2507,7 +2502,7 @@ static int lookup_one(struct autofs_point *ap,
206 mapent = malloc(v_len + 1);
209 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
210 + estr = strerror_r(errno, buf, sizeof(buf));
211 logerr(MODPREFIX "malloc: %s", estr);
212 ldap_value_free_len(bvValues);
214 @@ -2527,7 +2522,7 @@ static int lookup_one(struct autofs_point *ap,
215 mapent_len = new_size;
218 - estr = strerror_r(errno, buf, MAX_ERR_BUF);
219 + estr = strerror_r(errno, buf, sizeof(buf));
220 logerr(MODPREFIX "realloc: %s", estr);