continue;
}
- strlcpy(ifaces[total].name, ifptr->ifa_name,
- sizeof(ifaces[total].name));
+ if (strlcpy(ifaces[total].name, ifptr->ifa_name,
+ sizeof(ifaces[total].name)) >=
+ sizeof(ifaces[total].name)) {
+ /* Truncation ! Ignore. */
+ continue;
+ }
total++;
}
*/
static void smb_panic_default(const char *why)
{
- int result;
-
#if defined(HAVE_PRCTL) && defined(PR_SET_PTRACER)
/*
* Make sure all children can attach a debugger.
#endif
if (panic_action && *panic_action) {
- char pidstr[20];
char cmdstring[200];
- strlcpy(cmdstring, panic_action, sizeof(cmdstring));
- snprintf(pidstr, sizeof(pidstr), "%d", (int) getpid());
- all_string_sub(cmdstring, "%d", pidstr, sizeof(cmdstring));
- DEBUG(0, ("smb_panic(): calling panic action [%s]\n", cmdstring));
- result = system(cmdstring);
-
- if (result == -1)
- DEBUG(0, ("smb_panic(): fork failed in panic action: %s\n",
- strerror(errno)));
- else
- DEBUG(0, ("smb_panic(): action returned status %d\n",
- WEXITSTATUS(result)));
+ if (strlcpy(cmdstring, panic_action, sizeof(cmdstring)) < sizeof(cmdstring)) {
+ int result;
+ char pidstr[20];
+ snprintf(pidstr, sizeof(pidstr), "%d", (int) getpid());
+ all_string_sub(cmdstring, "%d", pidstr, sizeof(cmdstring));
+ DEBUG(0, ("smb_panic(): calling panic action [%s]\n", cmdstring));
+ result = system(cmdstring);
+
+ if (result == -1)
+ DEBUG(0, ("smb_panic(): fork failed in panic action: %s\n",
+ strerror(errno)));
+ else
+ DEBUG(0, ("smb_panic(): action returned status %d\n",
+ WEXITSTATUS(result)));
+ }
}
DEBUG(0,("PANIC: %s\n", why));
*/
if (p && (p > str) && ((scope_id = if_nametoindex(p+1)) != 0)) {
- strlcpy(addr, str,
- MIN(PTR_DIFF(p,str)+1,
- sizeof(addr)));
+ size_t len = MIN(PTR_DIFF(p,str)+1, sizeof(addr));
+ if (strlcpy(addr, str, len) >= len) {
+ /* Truncate. */
+ return false;
+ }
str = addr;
}
}
*/
if (p && (p > str) && (if_nametoindex(p+1) != 0)) {
- strlcpy(addr, str,
- MIN(PTR_DIFF(p,str)+1,
- sizeof(addr)));
+ size_t len = MIN(PTR_DIFF(p,str)+1, sizeof(addr));
+ if (strlcpy(addr, str, len) >= len) {
+ /* Truncate. */
+ return false;
+ }
sp = addr;
}
ret = inet_pton(AF_INET6, sp, &dest6);
* zero IPv6 address. No good choice here.
*/
- strlcpy(addr_buf, "0.0.0.0", addr_len);
+ if (strlcpy(addr_buf, "0.0.0.0", addr_len) >= addr_len) {
+ /* Truncate ! */
+ return NULL;
+ }
if (fd == -1) {
return addr_buf;
return NT_STATUS_NO_MEMORY;
}
- client_socket_addr(sconn->sock, tmp_addr, sizeof(tmp_addr));
+ if (client_socket_addr(sconn->sock, tmp_addr, sizeof(tmp_addr)) == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
addr = talloc_strdup(cconn, tmp_addr);
if (addr == NULL) {
return NT_STATUS_NO_MEMORY;