Página inicial Explorar Ajuda
Entrar
piros
/
tor
3
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Ver código fonte

betcha didn't know strncpy could leave an unterminated string

svn:r949
Roger Dingledine 20 anos atrás
pai
aba237e3e2
commit
4a1e05de51
2 arquivos alterados com 8 adições e 1 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 2 0
      src/or/dirserv.c
  2. 6 1
      src/or/dns.c

+ 2 - 0
src/or/dirserv.c
Ver arquivo 

@@ -376,6 +376,7 @@ dirserv_dump_directory_to_string(char *s, int maxlen,
 
 
   for (i = 0; i < n_descriptors; ++i) {
 
     strncat(cp, descriptor_list[i]->descriptor, descriptor_list[i]->desc_len);
 
+    /* XXX Nick: do strncat and friends null-terminate? man page is ambiguous. */
 
     cp += descriptor_list[i]->desc_len;
 
     assert(!*cp);
 
   }
 
@@ -400,6 +401,7 @@ dirserv_dump_directory_to_string(char *s, int maxlen,
 
       ((int)digest[2])&0xff,((int)digest[3])&0xff);
 
 
   strncpy(cp, "-----BEGIN SIGNATURE-----\n", maxlen-i);
 
+  cp[maxlen-i-1] = 0;
 
 
   i = strlen(s);
 
   cp = s+i;

+ 6 - 1
src/or/dns.c
Ver arquivo 

@@ -100,6 +100,7 @@ uint32_t dns_lookup(const char *address) {
 
   }
 
 
   strncpy(search.address, address, MAX_ADDRESSLEN);
 
+  search.address[MAX_ADDRESSLEN-1] = 0;
 
   resolve = SPLAY_FIND(cache_tree, &cache_root, &search);
 
   if(resolve) { /* it's there */
 
     if(resolve->state == CACHE_STATE_VALID) {
 
@@ -118,7 +119,7 @@ uint32_t dns_lookup(const char *address) {
 
 }
 
 #endif
 
 
-/* See if we have an addr for 'exitconn->address'. if so,
 
+/* See if we have a cache entry for 'exitconn->address'. if so,
 
  * if resolve valid, put it into exitconn->addr and return 1.
 
  * If resolve failed, return -1.
 
  *
 
@@ -140,6 +141,7 @@ int dns_resolve(connection_t *exitconn) {
 
 
   /* now check the tree to see if 'address' is already there. */
 
   strncpy(search.address, exitconn->address, MAX_ADDRESSLEN);
 
+  search.address[MAX_ADDRESSLEN-1] = 0;
 
   resolve = SPLAY_FIND(cache_tree, &cache_root, &search);
 
   if(resolve) { /* already there */
 
     switch(resolve->state) {
 
@@ -167,6 +169,7 @@ int dns_resolve(connection_t *exitconn) {
 
   resolve->state = CACHE_STATE_PENDING;
 
   resolve->expire = now + MAX_DNS_ENTRY_AGE;
 
   strncpy(resolve->address, exitconn->address, MAX_ADDRESSLEN);
 
+  resolve->address[MAX_ADDRESSLEN-1] = 0;
 
 
   /* add us to the pending list */
 
   pending_connection = tor_malloc(sizeof(struct pending_connection_t));
 
@@ -226,6 +229,7 @@ void dns_cancel_pending_resolve(char *address, connection_t *onlyconn) {
 
   struct cached_resolve *resolve, *tmp;
 
 
   strncpy(search.address, address, MAX_ADDRESSLEN);
 
+  search.address[MAX_ADDRESSLEN-1] = 0;
 
 
   resolve = SPLAY_FIND(cache_tree, &cache_root, &search);
 
   if(!resolve) {
 
@@ -299,6 +303,7 @@ static void dns_found_answer(char *address, uint32_t addr) {
 
   struct cached_resolve *resolve;
 
 
   strncpy(search.address, address, MAX_ADDRESSLEN);
 
+  search.address[MAX_ADDRESSLEN-1] = 0;
 
 
   resolve = SPLAY_FIND(cache_tree, &cache_root, &search);
 
   if(!resolve) {