2007-10-25 14:57:32 -04:00
|
|
|
$OpenBSD: patch-etc_afpd_auth_c,v 1.2 2007/10/25 18:57:32 steven Exp $
|
|
|
|
--- etc/afpd/auth.c.orig Fri Mar 11 16:36:58 2005
|
|
|
|
+++ etc/afpd/auth.c Thu Oct 25 20:30:05 2007
|
|
|
|
@@ -244,7 +244,7 @@ static int login(AFPObj *obj, struct passwd *pwd, void
|
2006-09-22 01:54:33 -04:00
|
|
|
int mypid = getpid();
|
|
|
|
struct stat stat_buf;
|
|
|
|
|
|
|
|
- sprintf(nodename, "%s/net%d.%dnode%d", obj->options.authprintdir,
|
|
|
|
+ snprintf(nodename, sizeof(nodename), "%s/net%d.%dnode%d", obj->options.authprintdir,
|
|
|
|
addr_net / 256, addr_net % 256, addr_node);
|
|
|
|
LOG(log_info, logtype_afpd, "registering %s (uid %d) on %u.%u as %s",
|
|
|
|
pwd->pw_name, pwd->pw_uid, addr_net, addr_node, nodename);
|
2007-10-25 14:57:32 -04:00
|
|
|
@@ -333,7 +333,7 @@ static int login(AFPObj *obj, struct passwd *pwd, void
|
2006-09-22 01:54:33 -04:00
|
|
|
else
|
|
|
|
clientname = inet_ntoa( dsi->client.sin_addr );
|
|
|
|
|
|
|
|
- sprintf( hostname, "%s@%s", pwd->pw_name, clientname );
|
|
|
|
+ snprintf( hostname, sizeof(hostname), "%s@%s", pwd->pw_name, clientname );
|
|
|
|
|
|
|
|
if( sia_become_user( NULL, argc, argv, hostname, pwd->pw_name,
|
|
|
|
NULL, FALSE, NULL, NULL,
|
2007-10-25 14:57:32 -04:00
|
|
|
@@ -999,7 +999,7 @@ int auth_register(const int type, struct uam_obj *uam)
|
2006-09-22 01:54:33 -04:00
|
|
|
/* load all of the modules */
|
|
|
|
int auth_load(const char *path, const char *list)
|
|
|
|
{
|
|
|
|
- char name[MAXPATHLEN + 1], buf[MAXPATHLEN + 1], *p;
|
|
|
|
+ char name[MAXPATHLEN], buf[MAXPATHLEN], *p;
|
|
|
|
struct uam_mod *mod;
|
|
|
|
struct stat st;
|
|
|
|
size_t len;
|
2007-10-25 14:57:32 -04:00
|
|
|
@@ -1011,9 +1011,9 @@ int auth_load(const char *path, const char *list)
|
2006-09-22 01:54:33 -04:00
|
|
|
if ((p = strtok(buf, ",")) == NULL)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
- strcpy(name, path);
|
|
|
|
+ strlcpy(name, path, sizeof(name));
|
|
|
|
if (name[len - 1] != '/') {
|
|
|
|
- strcat(name, "/");
|
|
|
|
+ strlcat(name, "/", sizeof(name));
|
|
|
|
len++;
|
|
|
|
}
|
|
|
|
|