From 6558af60d2b4569aa71d2fe425161e0ac8509dec Mon Sep 17 00:00:00 2001 From: Walter de Jong Date: Fri, 29 Mar 2013 09:55:56 +0100 Subject: xstrcpy() aborts on argument too long Which may be dumb, but it's better than bluntly truncating a string --- support.c | 44 ++++++++++++++++++++------------------------ 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/support.c b/support.c index 7ee2dad..fe084cf 100644 --- a/support.c +++ b/support.c @@ -37,10 +37,22 @@ char tac_service[64]; char tac_protocol[64]; char tac_prompt[64]; +void _pam_log(int err, const char *format,...) { + char msg[256]; + va_list args; + + va_start(args, format); + vsnprintf(msg, sizeof(msg), format, args); + openlog("PAM-tacplus", LOG_PID, LOG_AUTH); + syslog(err, "%s", msg); + va_end(args); + closelog(); +} + /* - safe string copy, like strlcpy() really + safe string copy that aborts when destination buffer is too small */ -size_t xstrcpy(char *dst, const char *src, size_t dst_size) { +char *xstrcpy(char *dst, const char *src, size_t dst_size) { if (dst == NULL) _pam_log(LOG_ERR, "xstrcpy(): dst == NULL"); @@ -48,30 +60,14 @@ size_t xstrcpy(char *dst, const char *src, size_t dst_size) { _pam_log(LOG_ERR, "xstrcpy(): src == NULL"); if (!dst_size) - return 0; - - size_t s_len = strlen(src); + return NULL; - size_t n = s_len; - if (n >= dst_size) - n = dst_size - 1; + if (strlen(src) >= dst_size) { + _pam_log(LOG_ERR, "xstrcpy(): argument too long, aborting"); + abort(); + } - strncpy(dst, src, n); - dst[n] = 0; - - return n; -} - -void _pam_log(int err, const char *format,...) { - char msg[256]; - va_list args; - - va_start(args, format); - vsnprintf(msg, sizeof(msg), format, args); - openlog("PAM-tacplus", LOG_PID, LOG_AUTH); - syslog(err, "%s", msg); - va_end(args); - closelog(); + return strcpy(dst, src); } char *_pam_get_user(pam_handle_t *pamh) { -- cgit v1.2.3