Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitb00a088

Browse files
committed
Replace a bunch more uses of strncpy() with safer coding.
strncpy() has a well-deserved reputation for being unsafe, so make aneffort to get rid of nearly all occurrences in HEAD.A large fraction of the remaining uses were passing length less than orequal to the known strlen() of the source, in which case no null-paddingcan occur and the behavior is equivalent to memcpy(), though doubtlessslower and certainly harder to reason about. So just use memcpy() inthese cases.In other cases, use either StrNCpy() or strlcpy() as appropriate (dependingon whether padding to the full length of the destination buffer seemsuseful).I left a few strncpy() calls alone in the src/timezone/ code, to keep itin sync with upstream (the IANA tzcode distribution). There are also afew such calls in ecpg that could possibly do with more analysis.AFAICT, none of these changes are more than cosmetic, except for the fouroccurrences in fe-secure-openssl.c, which are in fact buggy: an overlengthsource leads to a non-null-terminated destination buffer and ensuingmisbehavior. These don't seem like security issues, first because no stackclobber is possible and second because if your values of sslcert etc arecoming from untrusted sources then you've got problems way worse than this.Still, it's undesirable to have unpredictable behavior for overlengthinputs, so back-patch those four changes to all active branches.
1 parent5d784c7 commitb00a088

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

‎src/interfaces/libpq/fe-secure.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1073,7 +1073,7 @@ initialize_SSL(PGconn *conn)
10731073

10741074
/* Read the client certificate file */
10751075
if (conn->sslcert&&strlen(conn->sslcert)>0)
1076-
strncpy(fnbuf,conn->sslcert,sizeof(fnbuf));
1076+
strlcpy(fnbuf,conn->sslcert,sizeof(fnbuf));
10771077
elseif (have_homedir)
10781078
snprintf(fnbuf,sizeof(fnbuf),"%s/%s",homedir,USER_CERT_FILE);
10791079
else
@@ -1264,7 +1264,7 @@ initialize_SSL(PGconn *conn)
12641264
#endif/* USE_SSL_ENGINE */
12651265
{
12661266
/* PGSSLKEY is not an engine, treat it as a filename */
1267-
strncpy(fnbuf,conn->sslkey,sizeof(fnbuf));
1267+
strlcpy(fnbuf,conn->sslkey,sizeof(fnbuf));
12681268
}
12691269
}
12701270
elseif (have_homedir)
@@ -1327,7 +1327,7 @@ initialize_SSL(PGconn *conn)
13271327
* verification after the connection has been completed.
13281328
*/
13291329
if (conn->sslrootcert&&strlen(conn->sslrootcert)>0)
1330-
strncpy(fnbuf,conn->sslrootcert,sizeof(fnbuf));
1330+
strlcpy(fnbuf,conn->sslrootcert,sizeof(fnbuf));
13311331
elseif (have_homedir)
13321332
snprintf(fnbuf,sizeof(fnbuf),"%s/%s",homedir,ROOT_CERT_FILE);
13331333
else
@@ -1365,7 +1365,7 @@ initialize_SSL(PGconn *conn)
13651365
if ((cvstore=SSL_CTX_get_cert_store(SSL_context))!=NULL)
13661366
{
13671367
if (conn->sslcrl&&strlen(conn->sslcrl)>0)
1368-
strncpy(fnbuf,conn->sslcrl,sizeof(fnbuf));
1368+
strlcpy(fnbuf,conn->sslcrl,sizeof(fnbuf));
13691369
elseif (have_homedir)
13701370
snprintf(fnbuf,sizeof(fnbuf),"%s/%s",homedir,ROOT_CRL_FILE);
13711371
else

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp