aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRonan Le Martret <ronan.lemartret@iot.bzh>2017-08-29 16:07:56 +0200
committerRomain Forlot <romain.forlot@iot.bzh>2018-12-13 15:02:25 +0100
commite572871c06b7d04722d56becf7ef8ad86b14124c (patch)
tree167729220b3ca98148183382fd64668287f902d9
parentd60bc482a611e31da6e0b78b6e482ee270635891 (diff)
Fix strncat funct
I: Statement might be overflowing a buffer in strncat. Common mistake: BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1) Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
-rw-r--r--ctl-binding/ctl-dispatch.c12
-rw-r--r--ctl-binding/ctl-lua.c18
2 files changed, 15 insertions, 15 deletions
diff --git a/ctl-binding/ctl-dispatch.c b/ctl-binding/ctl-dispatch.c
index fe31a55..da900ec 100644
--- a/ctl-binding/ctl-dispatch.c
+++ b/ctl-binding/ctl-dispatch.c
@@ -421,8 +421,8 @@ STATIC DispatchHandleT *DispatchLoadOnload(DispatchConfigT *controlConfig, json_
char pluginpath[CONTROL_MAXPATH_LEN];
strncpy(pluginpath, fullpath, sizeof (pluginpath));
- strncat(pluginpath, "/", sizeof (pluginpath));
- strncat(pluginpath, filename, sizeof (pluginpath));
+ strncat(pluginpath, "/", sizeof (pluginpath)-strlen(pluginpath)-1);
+ strncat(pluginpath, filename, sizeof (pluginpath)-strlen(pluginpath)-1);
dPlugin->dlHandle = dlopen(pluginpath, RTLD_NOW);
if (!dPlugin->dlHandle) {
AFB_ERROR("DISPATCH-LOAD-CONFIG:PLUGIN Fail to load pluginpath=%s err= %s", pluginpath, dlerror());
@@ -453,7 +453,7 @@ STATIC DispatchHandleT *DispatchLoadOnload(DispatchConfigT *controlConfig, json_
int Lua2cAddOne(luaL_Reg *l2cFunc, const char* l2cName, int index) {
char funcName[CONTROL_MAXPATH_LEN];
strncpy(funcName, "lua2c_", sizeof(funcName));
- strncat(funcName, l2cName, sizeof(funcName));
+ strncat(funcName, l2cName, sizeof(funcName)-strlen(funcName)-1);
Lua2cFunctionT l2cFunction= (Lua2cFunctionT)dlsym(dPlugin->dlHandle, funcName);
if (!l2cFunction) {
@@ -625,7 +625,7 @@ PUBLIC int DispatchInit() {
if (!dirList) dirList=CONTROL_CONFIG_PATH;
strncpy(controlFile, CONTROL_CONFIG_PRE "-", CONTROL_MAXPATH_LEN);
- strncat(controlFile, GetBinderName(), CONTROL_MAXPATH_LEN);
+ strncat(controlFile, GetBinderName(), CONTROL_MAXPATH_LEN-strlen(controlFile)-1);
// search for default dispatch config file
json_object* responseJ = ScanForConfig(dirList, CTL_SCAN_RECURSIVE, controlFile, "json");
@@ -646,8 +646,8 @@ PUBLIC int DispatchInit() {
if (strcasestr(filename, controlFile)) {
char filepath[CONTROL_MAXPATH_LEN];
strncpy(filepath, fullpath, sizeof (filepath));
- strncat(filepath, "/", sizeof (filepath));
- strncat(filepath, filename, sizeof (filepath));
+ strncat(filepath, "/", sizeof (filepath)-strlen(filepath)-1);
+ strncat(filepath, filename, sizeof (filepath)-strlen(filepath)-1);
configHandle = DispatchLoadConfig(filepath);
if (!configHandle) {
AFB_ERROR("DISPATCH-INIT:ERROR Fail loading [%s]", filepath);
diff --git a/ctl-binding/ctl-lua.c b/ctl-binding/ctl-lua.c
index d737026..2c80205 100644
--- a/ctl-binding/ctl-lua.c
+++ b/ctl-binding/ctl-lua.c
@@ -741,8 +741,8 @@ STATIC void LuaDoAction (LuaDoActionT action, afb_req request) {
// search for filename=script in CONTROL_LUA_PATH
if (!luaScriptPathJ) {
strncpy(luaScriptPath,CONTROL_DOSCRIPT_PRE, sizeof(luaScriptPath));
- strncat(luaScriptPath,"-", sizeof(luaScriptPath));
- strncat(luaScriptPath,target, sizeof(luaScriptPath));
+ strncat(luaScriptPath,"-", sizeof(luaScriptPath)-strlen(luaScriptPath)-1);
+ strncat(luaScriptPath,target, sizeof(luaScriptPath)-strlen(luaScriptPath)-1);
luaScriptPathJ= ScanForConfig(CONTROL_LUA_PATH , CTL_SCAN_RECURSIVE,luaScriptPath,".lua");
}
for (index=0; index < json_object_array_length(luaScriptPathJ); index++) {
@@ -757,8 +757,8 @@ STATIC void LuaDoAction (LuaDoActionT action, afb_req request) {
if (index > 0) AFB_WARNING("LUA-DOSCRIPT-SCAN:Ignore second script=%s path=%s", filename, fullpath);
else {
strncpy (luaScriptPath, fullpath, sizeof(luaScriptPath));
- strncat (luaScriptPath, "/", sizeof(luaScriptPath));
- strncat (luaScriptPath, filename, sizeof(luaScriptPath));
+ strncat (luaScriptPath, "/", sizeof(luaScriptPath)-strlen(luaScriptPath)-1);
+ strncat (luaScriptPath, filename, sizeof(luaScriptPath)-strlen(luaScriptPath)-1);
}
}
@@ -778,7 +778,7 @@ STATIC void LuaDoAction (LuaDoActionT action, afb_req request) {
// if no func name given try to deduct from filename
if (!func && (func=(char*)GetMidleName(filename))!=NULL) {
strncpy(luaScriptPath,"_", sizeof(luaScriptPath));
- strncat(luaScriptPath,func, sizeof(luaScriptPath));
+ strncat(luaScriptPath,func, sizeof(luaScriptPath)-strlen(luaScriptPath)-1);
func=luaScriptPath;
}
if (!func) {
@@ -995,8 +995,8 @@ PUBLIC int LuaLibInit () {
// search for default policy config file
char fullprefix[CONTROL_MAXPATH_LEN];
strncpy (fullprefix, CONTROL_CONFIG_PRE "-", sizeof(fullprefix));
- strncat (fullprefix, GetBinderName(), sizeof(fullprefix));
- strncat (fullprefix, "-", sizeof(fullprefix));
+ strncat (fullprefix, GetBinderName(), sizeof(fullprefix)-strlen(fullprefix)-1);
+ strncat (fullprefix, "-", sizeof(fullprefix)-strlen(fullprefix)-1);
const char *dirList= getenv("CONTROL_LUA_PATH");
if (!dirList) dirList=CONTROL_LUA_PATH;
@@ -1039,8 +1039,8 @@ PUBLIC int LuaLibInit () {
char filepath[CONTROL_MAXPATH_LEN];
strncpy(filepath, fullpath, sizeof(filepath));
- strncat(filepath, "/", sizeof(filepath));
- strncat(filepath, filename, sizeof(filepath));
+ strncat(filepath, "/", sizeof(filepath)-strlen(filepath)-1);
+ strncat(filepath, filename, sizeof(filepath)-strlen(filepath)-1);
err= luaL_loadfile(luaState, filepath);
if (err) {
AFB_ERROR ("LUA-LOAD HOOPs Error in LUA loading scripts=%s err=%s", filepath, lua_tostring(luaState,-1));