fixed potential string overflow
This commit is contained in:
Frank Morgner
parent
3f64d3a805
commit
6641cbf455
|
|
@ -25,6 +25,7 @@
|
|||
#include <stdio.h>
|
||||
|
||||
#include "common/compat_strlcpy.h"
|
||||
#include "common/compat_strlcat.h"
|
||||
#include "internal.h"
|
||||
#include "pkcs15.h"
|
||||
#include "cardctl.h"
|
||||
|
|
@ -261,7 +262,8 @@ static char *dirpath(char *dir, const char *path){
|
|||
static char buf[SC_MAX_PATH_STRING_SIZE];
|
||||
|
||||
strcpy(buf,dir);
|
||||
return strcat(buf,path);
|
||||
strlcat(buf,path,sizeof buf);
|
||||
return buf;
|
||||
}
|
||||
|
||||
static int detect_netkey(
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@
|
|||
|
||||
#include "libopensc/pkcs15.h"
|
||||
#include "common/compat_strlcpy.h"
|
||||
#include "common/compat_strlcat.h"
|
||||
#include "util.h"
|
||||
|
||||
static const char *app_name = "cryptoflex-tool";
|
||||
|
|
@ -145,7 +146,7 @@ static int select_app_df(void)
|
|||
|
||||
strcpy(str, "3F00");
|
||||
if (opt_appdf != NULL)
|
||||
strcat(str, opt_appdf);
|
||||
strlcat(str, opt_appdf, sizeof str);
|
||||
sc_format_path(str, &path);
|
||||
r = sc_select_file(card, &path, &file);
|
||||
if (r) {
|
||||
|
|
@ -945,7 +946,7 @@ static int create_pin(void)
|
|||
}
|
||||
strcpy(buf, "3F00");
|
||||
if (opt_appdf != NULL)
|
||||
strcat(buf, opt_appdf);
|
||||
strlcat(buf, opt_appdf, sizeof buf);
|
||||
sc_format_path(buf, &path);
|
||||
|
||||
return create_pin_file(&path, opt_pin_num, "");
|
||||
|
|
|
|||
|
|
@ -47,6 +47,8 @@
|
|||
#include "pkcs11/pkcs11.h"
|
||||
#include "pkcs11/pkcs11-opensc.h"
|
||||
#include "libopensc/asn1.h"
|
||||
#include "common/compat_strlcat.h"
|
||||
#include "common/compat_strlcpy.h"
|
||||
#include "util.h"
|
||||
|
||||
extern void *C_LoadModule(const char *name, CK_FUNCTION_LIST_PTR_PTR);
|
||||
|
|
@ -1145,7 +1147,7 @@ static void init_token(CK_SLOT_ID slot)
|
|||
util_fatal("No PIN entered, exiting\n");
|
||||
if (!new_pin || !*new_pin || strlen(new_pin) > 20)
|
||||
util_fatal("Invalid SO PIN\n");
|
||||
strcpy(new_buf, new_pin);
|
||||
strlcpy(new_buf, new_pin, sizeof new_buf);
|
||||
free(new_pin); new_pin = NULL;
|
||||
printf("Please enter the new SO PIN (again): ");
|
||||
r = util_getpass(&new_pin, &len, stdin);
|
||||
|
|
@ -1318,7 +1320,7 @@ static int unlock_pin(CK_SLOT_ID slot, CK_SESSION_HANDLE sess, int login_type)
|
|||
r = util_getpass(&new_pin, &len, stdin);
|
||||
if (r < 0)
|
||||
return 1;
|
||||
strcpy(new_buf, new_pin);
|
||||
strlcpy(new_buf, new_pin, sizeof new_buf);
|
||||
|
||||
printf("Please enter the new PIN again: ");
|
||||
r = util_getpass(&new_pin, &len, stdin);
|
||||
|
|
@ -4434,8 +4436,8 @@ static const char *p11_flag_names(struct flag_info *list, CK_FLAGS value)
|
|||
buffer[0] = '\0';
|
||||
while (list->value) {
|
||||
if (list->value & value) {
|
||||
strcat(buffer, sepa);
|
||||
strcat(buffer, list->name);
|
||||
strlcat(buffer, sepa, sizeof buffer);
|
||||
strlcat(buffer, list->name, sizeof buffer);
|
||||
value &= ~list->value;
|
||||
sepa = ", ";
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue