From 06d1b08aef94984256cad3c5a54cedb10295681f Mon Sep 17 00:00:00 2001 From: Jakub Martisko Date: Thu, 8 Nov 2018 09:31:18 +0100 Subject: [PATCH] Possible unterminated string fix --- unix/unix.c | 4 +++- unix/unxcfg.h | 2 +- unzip.c | 12 ++++++++---- zipinfo.c | 12 ++++++++---- 4 files changed, 20 insertions(+), 10 deletions(-) diff --git a/unix/unix.c b/unix/unix.c index 59b622d..cd57f80 100644 --- a/unix/unix.c +++ b/unix/unix.c @@ -1945,7 +1945,9 @@ void init_conversion_charsets() for(i = 0; i < sizeof(dos_charset_map)/sizeof(CHARSET_MAP); i++) if(!strcasecmp(local_charset, dos_charset_map[i].local_charset)) { strncpy(OEM_CP, dos_charset_map[i].archive_charset, - sizeof(OEM_CP)); + MAX_CP_NAME - 1); + + OEM_CP[MAX_CP_NAME - 1] = '\0'; break; } } diff --git a/unix/unxcfg.h b/unix/unxcfg.h index 8729de2..9ee8cfe 100644 --- a/unix/unxcfg.h +++ b/unix/unxcfg.h @@ -228,7 +228,7 @@ typedef struct stat z_stat; /* and notfirstcall are used by do_wild(). */ -#define MAX_CP_NAME 25 +#define MAX_CP_NAME 25 + 1 #ifdef SETLOCALE # undef SETLOCALE diff --git a/unzip.c b/unzip.c index 2d94a38..a485f2b 100644 --- a/unzip.c +++ b/unzip.c @@ -1561,7 +1561,8 @@ int uz_opts(__G__ pargc, pargv) "error: a valid character encoding should follow the -I argument")); return(PK_PARAM); } - strncpy(ISO_CP, s, sizeof(ISO_CP)); + strncpy(ISO_CP, s, MAX_CP_NAME - 1); + ISO_CP[MAX_CP_NAME - 1] = '\0'; } else { /* -I charset */ ++argv; if(!(--argc > 0 && *argv != NULL && **argv != '-')) { @@ -1570,7 +1571,8 @@ int uz_opts(__G__ pargc, pargv) return(PK_PARAM); } s = *argv; - strncpy(ISO_CP, s, sizeof(ISO_CP)); + strncpy(ISO_CP, s, MAX_CP_NAME - 1); + ISO_CP[MAX_CP_NAME - 1] = '\0'; } while(*(++s)); /* No params straight after charset name */ } @@ -1665,7 +1667,8 @@ int uz_opts(__G__ pargc, pargv) "error: a valid character encoding should follow the -I argument")); return(PK_PARAM); } - strncpy(OEM_CP, s, sizeof(OEM_CP)); + strncpy(OEM_CP, s, MAX_CP_NAME - 1); + OEM_CP[MAX_CP_NAME - 1] = '\0'; } else { /* -O charset */ ++argv; if(!(--argc > 0 && *argv != NULL && **argv != '-')) { @@ -1674,7 +1677,8 @@ int uz_opts(__G__ pargc, pargv) return(PK_PARAM); } s = *argv; - strncpy(OEM_CP, s, sizeof(OEM_CP)); + strncpy(OEM_CP, s, MAX_CP_NAME - 1); + OEM_CP[MAX_CP_NAME - 1] = '\0'; } while(*(++s)); /* No params straight after charset name */ } diff --git a/zipinfo.c b/zipinfo.c index accca2a..cb7e08d 100644 --- a/zipinfo.c +++ b/zipinfo.c @@ -519,7 +519,8 @@ int zi_opts(__G__ pargc, pargv) "error: a valid character encoding should follow the -I argument")); return(PK_PARAM); } - strncpy(ISO_CP, s, sizeof(ISO_CP)); + strncpy(ISO_CP, s, MAX_CP_NAME - 1); + ISO_CP[MAX_CP_NAME - 1] = '\0'; } else { /* -I charset */ ++argv; if(!(--argc > 0 && *argv != NULL && **argv != '-')) { @@ -528,7 +529,8 @@ int zi_opts(__G__ pargc, pargv) return(PK_PARAM); } s = *argv; - strncpy(ISO_CP, s, sizeof(ISO_CP)); + strncpy(ISO_CP, s, MAX_CP_NAME - 1); + ISO_CP[MAX_CP_NAME - 1] = '\0'; } while(*(++s)); /* No params straight after charset name */ } @@ -568,7 +570,8 @@ int zi_opts(__G__ pargc, pargv) "error: a valid character encoding should follow the -I argument")); return(PK_PARAM); } - strncpy(OEM_CP, s, sizeof(OEM_CP)); + strncpy(OEM_CP, s, MAX_CP_NAME - 1); + OEM_CP[MAX_CP_NAME - 1] = '\0'; } else { /* -O charset */ ++argv; if(!(--argc > 0 && *argv != NULL && **argv != '-')) { @@ -577,7 +580,8 @@ int zi_opts(__G__ pargc, pargv) return(PK_PARAM); } s = *argv; - strncpy(OEM_CP, s, sizeof(OEM_CP)); + strncpy(OEM_CP, s, MAX_CP_NAME - 1); + OEM_CP[MAX_CP_NAME - 1] = '\0'; } while(*(++s)); /* No params straight after charset name */ } -- 2.14.5 n-docker-system-test): Likewise. * gnu/tests/file-sharing.scm (run-transmission-daemon-test): Likewise. * gnu/tests/ganeti.scm (run-ganeti-test): Likewise. * gnu/tests/guix.scm (run-guix-build-coordinator-test): Likewise. (run-guix-data-service-test): Likewise. * gnu/tests/ldap.scm (run-ldap-test): Likewise. * gnu/tests/linux-modules.scm (run-loadable-kernel-modules-test-base): Likewise. * gnu/tests/mail.scm (run-opensmtpd-test) (run-exim-test, run-dovecot-test, run-getmail-test): Likewise. * gnu/tests/messaging.scm (run-xmpp-test) (run-bitlbee-test, run-quassel-test): Likewise. * gnu/tests/monitoring.scm (run-prometheus-node-exporter-server-test) (run-zabbix-server-test): Likewise. * gnu/tests/networking.scm (run-inetd-test, run-openvswitch-test) (run-dhcpd-test, run-tor-test, run-iptables-test, run-ipfs-test): Likewise. * gnu/tests/nfs.scm (run-nfs-test) (run-nfs-server-test, run-nfs-root-fs-test): Likewise. * gnu/tests/package-management.scm (run-nix-test): Likewise. * gnu/tests/reconfigure.scm (run-switch-to-system-test) (run-upgrade-services-test, run-install-bootloader-test): Likewise. * gnu/tests/rsync.scm (run-rsync-test): Likewise. * gnu/tests/security-token.scm (run-pcscd-test): Likewise. * gnu/tests/singularity.scm (run-singularity-test): Likewise. * gnu/tests/ssh.scm (run-ssh-test): Likewise. * gnu/tests/telephony.scm (run-jami-test): Likewise. * gnu/tests/version-control.scm (run-cgit-test): Likewise. (run-git-http-test, run-gitolite-test, run-gitile-test): Likewise. * gnu/tests/virtualization.scm (run-libvirt-test, run-childhurd-test): Likewise. * gnu/tests/web.scm (run-webserver-test, run-php-fpm-test) (run-hpcguix-web-server-test, run-tailon-test, run-patchwork-test): Likewise. Ludovic Courtès 2021-04-09services: Add Laminar....* gnu/services/ci.scm: New file. * gnu/tests/ci.scm: New file. * doc/guix.texi (Laminar): Document the Laminar service. Christopher Baines