Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

replace strlen() calls with strnlen() and appropriate maximums

  • Loading branch information...
commit 6255bff95f5f5d72a2582dcb9bc4e27fc5620db4 1 parent 335abdd
@mrash authored
View
8 lib/fko_decode.c
@@ -44,8 +44,12 @@ fko_decode_spa_data(fko_ctx_t ctx)
/* Check for required data.
*/
- if(ctx->encoded_msg == NULL
- || strlen(ctx->encoded_msg) < MIN_SPA_ENCODED_MSG_SIZE)
+ if(ctx->encoded_msg == NULL || strnlen(ctx->encoded_msg,
+ MAX_SPA_ENCODED_MSG_SIZE) < MIN_SPA_ENCODED_MSG_SIZE)
+ return(FKO_ERROR_INVALID_DATA);
+
+ if(strnlen(ctx->encoded_msg,
+ MAX_SPA_ENCODED_MSG_SIZE) == MAX_SPA_ENCODED_MSG_SIZE)
return(FKO_ERROR_INVALID_DATA);
/* Make sure there are enough fields in the SPA packet
View
8 lib/fko_encode.c
@@ -80,16 +80,16 @@ fko_encode_spa_data(fko_ctx_t ctx)
* (at leaset expand the error reporting for the missing
* data).
*/
- if( ctx->username == NULL || strlen(ctx->username) == 0
- || ctx->version == NULL || strlen(ctx->version) == 0
- || ctx->message == NULL || strlen(ctx->message) == 0)
+ if( ctx->username == NULL || strnlen(ctx->username, MAX_SPA_USERNAME_SIZE) == 0
+ || ctx->version == NULL || strnlen(ctx->version, MAX_SPA_VERSION_SIZE) == 0
+ || ctx->message == NULL || strnlen(ctx->message, MAX_SPA_MESSAGE_SIZE) == 0)
{
return(FKO_ERROR_INCOMPLETE_SPA_DATA);
}
if(ctx->message_type == FKO_NAT_ACCESS_MSG)
{
- if(ctx->nat_access == NULL || strlen(ctx->nat_access) == 0)
+ if(ctx->nat_access == NULL || strnlen(ctx->nat_access, MAX_SPA_MESSAGE_SIZE) == 0)
return(FKO_ERROR_INCOMPLETE_SPA_DATA);
}
View
3  lib/fko_funcs.c
@@ -335,7 +335,8 @@ fko_get_spa_data(fko_ctx_t ctx, char **spa_data)
/* We expect to have encrypted data to process. If not, we bail.
*/
- if(ctx->encrypted_msg == NULL || (strlen(ctx->encrypted_msg) < 1))
+ if(ctx->encrypted_msg == NULL
+ || (strnlen(ctx->encrypted_msg, MAX_SPA_ENCRYPTED_SIZE) < 1))
return(FKO_ERROR_MISSING_ENCODED_DATA);
*spa_data = ctx->encrypted_msg;
View
3  lib/fko_limits.h
@@ -35,6 +35,8 @@
/* Define some limits (--DSS XXX: These sizes need to be reviewed)
*/
+#define MAX_SPA_ENCRYPTED_SIZE 1500
+#define MAX_SPA_CMD_LEN 1400
#define MAX_SPA_USERNAME_SIZE 64
#define MAX_SPA_MESSAGE_SIZE 256
#define MAX_SPA_NAT_ACCESS_SIZE 128
@@ -44,6 +46,7 @@
#define MAX_SPA_MESSAGE_TYPE_SIZE 2
#define MIN_SPA_ENCODED_MSG_SIZE 36 /* Somewhat arbitrary */
+#define MAX_SPA_ENCODED_MSG_SIZE MAX_SPA_ENCRYPTED_SIZE
#define MIN_GNUPG_MSG_SIZE 400
#define MIN_SPA_FIELDS 6
#define MAX_SPA_FIELDS 10
View
15 lib/fko_message.c
@@ -152,8 +152,10 @@ validate_cmd_msg(const char *msg)
{
const char *ndx;
int res = FKO_SUCCESS;
- int startlen = strlen(msg);
+ int startlen = strnlen(msg, MAX_SPA_CMD_LEN);
+ if(startlen == MAX_SPA_CMD_LEN)
+ return(FKO_ERROR_INVALID_DATA);
/* Should have a valid allow IP.
*/
@@ -176,7 +178,10 @@ validate_access_msg(const char *msg)
{
const char *ndx;
int res = FKO_SUCCESS;
- int startlen = strlen(msg);
+ int startlen = strnlen(msg, MAX_SPA_MESSAGE_SIZE);
+
+ if(startlen == MAX_SPA_MESSAGE_SIZE)
+ return(FKO_ERROR_INVALID_DATA);
/* Should have a valid allow IP.
*/
@@ -203,10 +208,12 @@ validate_access_msg(const char *msg)
int
validate_proto_port_spec(const char *msg)
{
- int startlen = strlen(msg);
-
+ int startlen = strnlen(msg, MAX_SPA_MESSAGE_SIZE);
const char *ndx = msg;
+ if(startlen == MAX_SPA_MESSAGE_SIZE)
+ return(FKO_ERROR_INVALID_DATA);
+
/* Now check for proto/port string. Currenly we only allow protos
* 'tcp', 'udp', and 'icmp'.
*/
View
4 lib/fko_nat_access.c
@@ -43,13 +43,13 @@ fko_set_spa_nat_access(fko_ctx_t ctx, const char *msg)
/* Gotta have a valid string.
*/
- if(msg == NULL || strlen(msg) == 0)
+ if(msg == NULL || strnlen(msg, MAX_SPA_NAT_ACCESS_SIZE) == 0)
return(FKO_ERROR_INVALID_DATA);
/* --DSS XXX: Bail out for now. But consider just
* truncating in the future...
*/
- if(strlen(msg) > MAX_SPA_NAT_ACCESS_SIZE)
+ if(strnlen(msg, MAX_SPA_NAT_ACCESS_SIZE) == MAX_SPA_NAT_ACCESS_SIZE)
return(FKO_ERROR_DATA_TOO_LARGE);
/* Just in case this is a subsquent call to this function. We
View
4 lib/fko_rand_value.c
@@ -69,7 +69,7 @@ fko_set_rand_value(fko_ctx_t ctx, const char *new_val)
*/
if(new_val != NULL)
{
- if(strlen(new_val) != FKO_RAND_VAL_SIZE)
+ if(strnlen(new_val, FKO_RAND_VAL_SIZE+1) != FKO_RAND_VAL_SIZE)
return(FKO_ERROR_INVALID_DATA);
ctx->rand_val = strdup(new_val);
@@ -121,7 +121,7 @@ fko_set_rand_value(fko_ctx_t ctx, const char *new_val)
sprintf(ctx->rand_val, "%u", rand());
- while(strlen(ctx->rand_val) < FKO_RAND_VAL_SIZE)
+ while(strnlen(ctx->rand_val, FKO_RAND_VAL_SIZE+1) < FKO_RAND_VAL_SIZE)
{
sprintf(tmp_buf, "%u", rand());
strlcat(ctx->rand_val, tmp_buf, FKO_RAND_VAL_SIZE+1);
View
4 lib/fko_server_auth.c
@@ -50,13 +50,13 @@ fko_set_spa_server_auth(fko_ctx_t ctx, const char *msg)
/* Gotta have a valid string.
*/
- if(msg == NULL || strlen(msg) == 0)
+ if(msg == NULL || strnlen(msg, MAX_SPA_SERVER_AUTH_SIZE) == 0)
return(FKO_ERROR_INVALID_DATA);
/* --DSS XXX: Bail out for now. But consider just
* truncating in the future...
*/
- if(strlen(msg) > MAX_SPA_SERVER_AUTH_SIZE)
+ if(strnlen(msg, MAX_SPA_SERVER_AUTH_SIZE) == MAX_SPA_SERVER_AUTH_SIZE)
return(FKO_ERROR_DATA_TOO_LARGE);
/* --DSS TODO: ???
Please sign in to comment.
Something went wrong with that request. Please try again.