Make strlncpy() and strlncat() use strlncat() instead of strlen().

This fixes a possible crash when using RPC with unix domain sockets, reported by Valware. This also adds a configure check so we use our own strlncat if the C library does not have one, e.g. some non-Linux.
6 months ago · 401ab6f5a1
parent 3ca99ddd52
commit 401ab6f5a1
5 changed files with 30 additions and 7 deletions
--- a/13
+++ b/13
@ -6357,6 +6357,19 @@ $as_echo "#define HAVE_SYSLOG /**/" >>confdefs.h
 fi
 done

+for ac_func in strnlen
+do :
+  ac_fn_c_check_func "$LINENO" "strnlen" "ac_cv_func_strnlen"
+if test "x$ac_cv_func_strnlen" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_STRNLEN 1
+_ACEOF
+
+$as_echo "#define HAVE_STRNLEN /**/" >>confdefs.h
+
+fi
+done
+



--- a/configure.ac
+++ b/configure.ac
@ -405,6 +405,7 @@ AC_CHECK_FUNCS([setproctitle],

 AC_CHECK_FUNCS(explicit_bzero,AC_DEFINE([HAVE_EXPLICIT_BZERO], [], [Define if you have explicit_bzero]))
 AC_CHECK_FUNCS(syslog,AC_DEFINE([HAVE_SYSLOG], [], [Define if you have syslog]))
+AC_CHECK_FUNCS(strnlen,AC_DEFINE([HAVE_STRNLEN], [], [Define if you have strnlen]))
 AC_SUBST(CRYPTOLIB)
 AC_SUBST(MODULEFLAGS)
 AC_SUBST(DYNAMIC_LDFLAGS)
--- a/include/h.h
+++ b/include/h.h
@ -454,6 +454,9 @@ extern MODVAR long SNO_SNOTICE;
 extern MODVAR long SNO_SPAMF;
 extern MODVAR long SNO_OPER;

+#ifndef HAVE_STRNLEN
+extern size_t strnlen(const char *s, size_t maxlen);
+#endif
 #ifndef HAVE_STRLCPY
 extern size_t strlcpy(char *dst, const char *src, size_t size);
 #endif
--- a/include/setup.h.in
+++ b/include/setup.h.in
@ -121,6 +121,9 @@
 /* Define to 1 if you have the `strlncpy' function. */
 #undef HAVE_STRLNCPY

+/* Define to 1 if you have the `strnlen' function. */
+#undef HAVE_STRNLEN
+
 /* Define to 1 if you have the `syslog' function. */
 #undef HAVE_SYSLOG

--- a/src/support.c
+++ b/src/support.c
@ -155,6 +155,14 @@ void stripcrlf(char *c)
 	}
 }

+#ifndef HAVE_STRNLEN
+size_t strnlen(const char *s, size_t maxlen)
+{
+	const char *end = memchr (s, 0, maxlen);
+	return end ? (size_t)(end - s) : maxlen;
+}
+#endif
+
 #ifndef HAVE_STRLCPY
 /** BSD'ish strlcpy().
 * The strlcpy() function copies up to size-1 characters from the
@ -182,13 +190,11 @@ size_t strlcpy(char *dst, const char *src, size_t size)
 */
 size_t strlncpy(char *dst, const char *src, size_t size, size_t n)
 {
-	size_t len = strlen(src);
+	size_t len = strnlen(src, n);
 	size_t ret = len;

 	if (size <= 0)
 		return 0;
-	if (len > n)
-		len = n;
 	if (len >= size)
 		len = size - 1;
 	memcpy(dst, src, len);
@ -230,15 +236,12 @@ size_t strlcat(char *dst, const char *src, size_t size)
 size_t strlncat(char *dst, const char *src, size_t size, size_t n)
 {
 	size_t len1 = strlen(dst);
-	size_t len2 = strlen(src);
+	size_t len2 = strnlen(src, n);
 	size_t ret = len1 + len2;

 	if (size <= len1)
 		return size;
 		
-	if (len2 > n)
-		len2 = n;
-
 	if (len1 + len2 >= size)
 		len2 = size - (len1 + 1);