Merge branch 'pr-163'

Yubico · May 18, 2018 · b240534 · b240534
2 parents 13ce1b6 + a68d3be
commit b240534
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 5 deletions.
diff --git a/pam_yubico.c b/pam_yubico.c
@@ -245,6 +245,7 @@ authorize_user_token_ldap (struct cfg *cfg,
   struct berval **vals;
   int rc;
   size_t i;
+  int j;
 
   char *filter = NULL;
   char *find = NULL;
@@ -308,7 +309,11 @@ authorize_user_token_ldap (struct cfg *cfg,
       DBG ("Failed allocating %zu bytes", i);
       goto done;
     }
-    sprintf (find, "%s=%s,%s", cfg->user_attr, user, cfg->ldapdn);
+    j = snprintf (find, i, "%s=%s,%s", cfg->user_attr, user, cfg->ldapdn);
+    if (j < 0 || j >= i) {
+      DBG ("Failed to format string");
+      goto done;
+    }
     filter = NULL;
   } else if (cfg->ldapdn) {
     find = strdup(cfg->ldapdn); /* allow free later */

diff --git a/util.c b/util.c
@@ -62,13 +62,17 @@ get_user_cfgfile_path(const char *common_path, const char *filename, const struc
    */
   char *userfile;
   size_t len;
+  int i;
 
   if (common_path != NULL) {
     len = strlen(common_path) + 1 + strlen(filename) + 1;
     if ((userfile = malloc(len)) == NULL) {
       return 0;
     }
-    snprintf(userfile, len, "%s/%s", common_path, filename);
+    i = snprintf(userfile, len, "%s/%s", common_path, filename);
+    if (i < 0 || i >= len) {
+      return 0;
+    }
     *fn = userfile;
     return 1;
   }
@@ -79,7 +83,10 @@ get_user_cfgfile_path(const char *common_path, const char *filename, const struc
   if ((userfile = malloc(len)) == NULL) {
     return 0;
   }
-  snprintf(userfile, len, "%s/.yubico/%s", user->pw_dir, filename);
+  i = snprintf(userfile, len, "%s/.yubico/%s", user->pw_dir, filename);
+  if (i < 0 || i >= len) {
+    return 0;
+  }
   *fn = userfile;
   return 1;
 }
@@ -300,6 +307,7 @@ check_user_challenge_file(const char *chalresp_path, const struct passwd *user,
    */
   size_t len;
   int r;
+  int i;
   int ret = AUTH_NOT_FOUND;
   char *userfile = NULL;
   char *userfile_pattern = NULL;
@@ -332,7 +340,14 @@ check_user_challenge_file(const char *chalresp_path, const struct passwd *user,
     ret = AUTH_ERROR;
     goto out;
   }
-  snprintf(userfile_pattern, len, "%s-*", userfile);
+
+  i = snprintf(userfile_pattern, len, "%s-*", userfile);
+
+  if (i < 0 || i >= len) {
+    D (debug_file, "Failed to format string correctly");
+    ret = AUTH_ERROR;
+    goto out;
+  }
 
   r = glob(userfile_pattern, 0, NULL, &userfile_glob);
   globfree(&userfile_glob);

diff --git a/ykpamcfg.c b/ykpamcfg.c
@@ -95,6 +95,7 @@ parse_args(int argc, char **argv,
      unsigned int *iterations)
 {
   int c;
+  int i;
 
   while((c = getopt(argc, argv, optstring)) != -1) {
     switch (c) {
@@ -105,7 +106,8 @@ parse_args(int argc, char **argv,
       *slot = 2;
       break;
     case 'A':
-      if (snprintf(*action, ACTION_MAX_LEN, "%s", optarg) >= ACTION_MAX_LEN) {
+      i = snprintf(*action, ACTION_MAX_LEN, "%s", optarg);
+      if (i < 0 || i >= ACTION_MAX_LEN) {
         fprintf(stderr, "action too long: %s\n", optarg);
         exit(1);
       }