[opensc-devel] Re: opensc fixes for review

Tue, 02 May 2006 00:59:01 -0700 

On 29/04/06, Andreas Jellinghaus <[EMAIL PROTECTED]> wrote:

hi,

please have a look at this patch and let me know what
you think of it. lots of small issues. It reverts some the
changes hat were wrong too.


Index: src/pkcs15init/pkcs15-lib.c
===================================================================
--- src/pkcs15init/pkcs15-lib.c (revision 2919)
+++ src/pkcs15init/pkcs15-lib.c (working copy)

@@ -2679,7 +2683,7 @@
   }

   if (label)
-       strncpy(object->label, label, sizeof(object->label));
+       strncpy(object->label, label, sizeof(object->label)-1);
   if (auth_id)
       object->auth_id = *auth_id;

This will not correct the bug since nothing guarantee that the last
byte will be NUL.
I propose the attached patch.

Another solution is to use strlcpy instead of strncpy. strlcpy has
been defined by OpenBSD as a safe replacement of strncpy. You can get
it from [1]. I use it in pcsc-lite
Some systems already provide it (OpenBSD, Darwin) so you need to add a
check in configure.in

[1] ftp://ftp.openbsd.org/pub/OpenBSD/src/lib/libc/string/

--
 Dr. Ludovic Rousseau

Index: src/pkcs15init/pkcs15-lib.c
===================================================================
--- src/pkcs15init/pkcs15-lib.c (révision 2936)
+++ src/pkcs15init/pkcs15-lib.c (copie de travail)
@@ -1224,6 +1224,7 @@ sc_pkcs15init_init_prkdf(sc_pkcs15_card_
                        free(object); object = *res_obj;
 
                        strncpy(object->label, label, sizeof(object->label));
+                       object->label[sizeof(object->label)-1] = '\0';
                        return 0;
                }
        }
@@ -1620,6 +1621,7 @@ sc_pkcs15init_store_public_key(struct sc
                object = *res_obj;
 
                strncpy(object->label, label, sizeof(object->label));
+               object->label[sizeof(object->label)-1] = '\0';
        } else {
                key_info->id = keyargs->id;
                *res_obj = object;
@@ -1811,6 +1813,7 @@ sc_pkcs15init_store_data_object(struct s
        if (label != NULL) {
                strncpy(data_object_info->app_label, label,
                        sizeof(data_object_info->app_label) - 1);
+               data_object_info->app_label[sizeof(data_object_info->app_label) 
- 1] = '\0';
        }
        data_object_info->app_oid = args->app_oid;
 
@@ -2682,8 +2685,10 @@ sc_pkcs15init_new_object(int type, const
                        memcpy(object->data, data, data_size);
        }
 
-       if (label)
+       if (label) {
                strncpy(object->label, label, sizeof(object->label)-1);
+               object->label[sizeof(object->label)-1] = '\0';
+       }
        if (auth_id)
                object->auth_id = *auth_id;
 



_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Reply via email to