Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit7240f92

Browse files
committed
Replace a bunch more uses of strncpy() with safer coding.
strncpy() has a well-deserved reputation for being unsafe, so make aneffort to get rid of nearly all occurrences in HEAD.A large fraction of the remaining uses were passing length less than orequal to the known strlen() of the source, in which case no null-paddingcan occur and the behavior is equivalent to memcpy(), though doubtlessslower and certainly harder to reason about. So just use memcpy() inthese cases.In other cases, use either StrNCpy() or strlcpy() as appropriate (dependingon whether padding to the full length of the destination buffer seemsuseful).I left a few strncpy() calls alone in the src/timezone/ code, to keep itin sync with upstream (the IANA tzcode distribution). There are also afew such calls in ecpg that could possibly do with more analysis.AFAICT, none of these changes are more than cosmetic, except for the fouroccurrences in fe-secure-openssl.c, which are in fact buggy: an overlengthsource leads to a non-null-terminated destination buffer and ensuingmisbehavior. These don't seem like security issues, first because no stackclobber is possible and second because if your values of sslcert etc arecoming from untrusted sources then you've got problems way worse than this.Still, it's undesirable to have unpredictable behavior for overlengthinputs, so back-patch those four changes to all active branches.
1 parentb8e5f66 commit7240f92

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

‎src/interfaces/libpq/fe-secure.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1074,7 +1074,7 @@ initialize_SSL(PGconn *conn)
10741074

10751075
/* Read the client certificate file */
10761076
if (conn->sslcert&&strlen(conn->sslcert)>0)
1077-
strncpy(fnbuf,conn->sslcert,sizeof(fnbuf));
1077+
strlcpy(fnbuf,conn->sslcert,sizeof(fnbuf));
10781078
elseif (have_homedir)
10791079
snprintf(fnbuf,sizeof(fnbuf),"%s/%s",homedir,USER_CERT_FILE);
10801080
else
@@ -1265,7 +1265,7 @@ initialize_SSL(PGconn *conn)
12651265
#endif/* USE_SSL_ENGINE */
12661266
{
12671267
/* PGSSLKEY is not an engine, treat it as a filename */
1268-
strncpy(fnbuf,conn->sslkey,sizeof(fnbuf));
1268+
strlcpy(fnbuf,conn->sslkey,sizeof(fnbuf));
12691269
}
12701270
}
12711271
elseif (have_homedir)
@@ -1328,7 +1328,7 @@ initialize_SSL(PGconn *conn)
13281328
* verification after the connection has been completed.
13291329
*/
13301330
if (conn->sslrootcert&&strlen(conn->sslrootcert)>0)
1331-
strncpy(fnbuf,conn->sslrootcert,sizeof(fnbuf));
1331+
strlcpy(fnbuf,conn->sslrootcert,sizeof(fnbuf));
13321332
elseif (have_homedir)
13331333
snprintf(fnbuf,sizeof(fnbuf),"%s/%s",homedir,ROOT_CERT_FILE);
13341334
else
@@ -1366,7 +1366,7 @@ initialize_SSL(PGconn *conn)
13661366
if ((cvstore=SSL_CTX_get_cert_store(SSL_context))!=NULL)
13671367
{
13681368
if (conn->sslcrl&&strlen(conn->sslcrl)>0)
1369-
strncpy(fnbuf,conn->sslcrl,sizeof(fnbuf));
1369+
strlcpy(fnbuf,conn->sslcrl,sizeof(fnbuf));
13701370
elseif (have_homedir)
13711371
snprintf(fnbuf,sizeof(fnbuf),"%s/%s",homedir,ROOT_CRL_FILE);
13721372
else

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp