[Fedora-directory-commits] console build.properties, 1.7, 1.8 build.xml, 1.10, 1.11
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/console
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7628
Modified Files:
build.properties build.xml
Log Message:
[186105] Admin Server Makefile updates for Internal build
Comment #12
. Preference version number was changed to CONSOLE-MAJOR-VERSION.0
. To do that, introduced Console.MAJOR_VERSION
. changed to include the patch number in the jar file name
. changed to create a symlink: redhat-mcc-7.2.jar pointing to
redhat-mcc-7.2.0.jar
Index: build.properties
===================================================================
RCS file: /cvs/dirsec/console/build.properties,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- build.properties 29 Nov 2005 18:36:50 -0000 1.7
+++ build.properties 24 Mar 2006 01:04:00 -0000 1.8
@@ -21,15 +21,21 @@
lang=en
+console.brand=fedora
+
console.root=.
console.version=10
-console.dotversion=1.0
+console.dotversion=1.0.2
+console.dotgenversion=1.0
-mcc.core=fedora-mcc
+mcc.core=${console.brand}-mcc
mcc.name=${mcc.core}-${console.dotversion}
+mcc.gen.name=${mcc.core}-${console.dotgenversion}
-nmclf.core=fedora-nmclf
+nmclf.core=${console.brand}-nmclf
nmclf.name=${nmclf.core}-${console.dotversion}
+nmclf.gen.name=${nmclf.core}-${console.dotgenversion}
-base.core=fedora-base
+base.core=${console.brand}-base
base.name=${base.core}-${console.dotversion}
+base.gen.name=${base.core}-${console.dotgenversion}
Index: build.xml
===================================================================
RCS file: /cvs/dirsec/console/build.xml,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- build.xml 20 Mar 2006 21:54:02 -0000 1.10
+++ build.xml 24 Mar 2006 01:04:00 -0000 1.11
@@ -172,10 +172,10 @@
destdir="${built.classdir}"
debug="${compile.debug}"
debuglevel="lines,vars,source"
- deprecation="${compile.deprecation}"
+ deprecation="${compile.deprecation}"
optimize="${compile.optimize}"
verbose="no"
- fork="true"
+ fork="true"
excludes="**/CVS/**">
<classpath refid="console.classpath" />
</javac>
@@ -257,6 +257,22 @@
<copy file="${built.jardir}/${nmclf.name}.jar" todir="${java.dir}"/>
<copy file="${built.jardir}/${nmclf.name}_${lang}.jar" todir="${java.dir}"/>
<copy file="${built.jardir}/${base.name}.jar" todir="${java.dir}"/>
+ <!-- make a symlinks: e.g., prefix-mcc-1.0.0.jar to prefix-mcc-1.0.jar -->
+ <exec executable="ln" dir="${java.dir}" vmlauncher="true">
+ <arg line="-s ${mcc.name}.jar ${mcc.gen.name}.jar"/>
+ </exec>
+ <exec executable="ln" dir="${java.dir}" vmlauncher="true">
+ <arg line="-s ${mcc.name}_${lang}.jar ${mcc.gen.name}_${lang}.jar"/>
+ </exec>
+ <exec executable="ln" dir="${java.dir}" vmlauncher="true">
+ <arg line="-s ${nmclf.name}.jar ${nmclf.gen.name}.jar"/>
+ </exec>
+ <exec executable="ln" dir="${java.dir}" vmlauncher="true">
+ <arg line="-s ${nmclf.name}_${lang}.jar ${nmclf.gen.name}_${lang}.jar"/>
+ </exec>
+ <exec executable="ln" dir="${java.dir}" vmlauncher="true">
+ <arg line="-s ${base.name}.jar ${base.gen.name}.jar"/>
+ </exec>
<!-- Copy components into packaging area -->
<copy file="${ldapjdk.local.location}/ldapjdk.jar" todir="${java.dir}"/>
@@ -270,6 +286,7 @@
<include name="libssl*"/>
<include name="libsmime*"/>
<include name="libsoftokn*"/>
+ <include name="libfreebl*"/>
<exclude name="libnssckbi*"/>
<exclude name="lib*.a"/>
</fileset>
@@ -285,15 +302,15 @@
<chmod file="${package.dir}/startconsole" perm="755"/>
<!-- Create a bundle of the Console -->
- <tar destfile="${dist.dir}/fedora-console-${console.dotversion}.tar.gz"
+ <tar destfile="${dist.dir}/${console.brand}-console-${console.dotversion}.tar.gz"
compression="gzip">
<tarfileset dir="${package.dir}"
- prefix="fedora-console-${console.dotversion}"
+ prefix="${console.brand}-console-${console.dotversion}"
mode="755">
<include name="startconsole"/>
</tarfileset>
<tarfileset dir="${package.dir}"
- prefix="fedora-console-${console.dotversion}">
+ prefix="${console.brand}-console-${console.dotversion}">
<include name="**"/>
<exclude name="startconsole"/>
</tarfileset>
18 years, 1 month
[Fedora-directory-commits] directoryconsole/src/com/netscape/admin/dirserv about.properties, 1.2, 1.3 dirserv.properties, 1.3, 1.4
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5599/src/com/netscape/admin/dirserv
Modified Files:
about.properties dirserv.properties
Log Message:
[186105] Admin Server Makefile updates for Internal build
Comment #13
. changed to include the patch number in the jar file name
. changed to create a symlink: redhat-ds-7.2.jar pointing redhat-ds-7.2.0.jar
Index: about.properties
===================================================================
RCS file: /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/about.properties,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- about.properties 28 Oct 2005 18:01:34 -0000 1.2
+++ about.properties 24 Mar 2006 00:52:57 -0000 1.3
@@ -19,7 +19,7 @@
#
# Strings and logos used by the DSAboutDialog
-aboutDialog-dialogTitle=Fedora Directory Server 1.0
+aboutDialog-dialogTitle=Fedora Directory Server 1.0.2
aboutDialog-productLogo=com/netscape/management/client/images/logo32.gif
aboutDialog-productCopyright=Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.\nCopyright (C) 2005 Red Hat, Inc.\nAll rights reserved.
aboutDialog-productLicense=Fedora is a trademark of Red Hat, Inc. in the United States and other countries and is used by permission.
Index: dirserv.properties
===================================================================
RCS file: /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/dirserv.properties,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- dirserv.properties 15 Feb 2006 23:00:50 -0000 1.3
+++ dirserv.properties 24 Mar 2006 00:52:57 -0000 1.4
@@ -164,9 +164,9 @@
#
dialog-configtitle=Fedora Directory Server
dsAdmin-title=Fedora Directory Server
-dsAdmin-version=Version 1.0
+dsAdmin-version=Version 1.0.2
dsAdmin-nsServerPort=Port
-dsAdmin-framework-description=Fedora Directory Server Console 1.0
+dsAdmin-framework-description=Fedora Directory Server Console 1.0.2
dsAdmin-remove-server-cgi-failed=ds_remove failure
#
18 years, 1 month
[Fedora-directory-commits] directoryconsole build.properties, 1.4, 1.5 build.xml, 1.6, 1.7
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/directoryconsole
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5599
Modified Files:
build.properties build.xml
Log Message:
[186105] Admin Server Makefile updates for Internal build
Comment #13
. changed to include the patch number in the jar file name
. changed to create a symlink: redhat-ds-7.2.jar pointing redhat-ds-7.2.0.jar
Index: build.properties
===================================================================
RCS file: /cvs/dirsec/directoryconsole/build.properties,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- build.properties 22 Mar 2006 17:46:10 -0000 1.4
+++ build.properties 24 Mar 2006 00:52:50 -0000 1.5
@@ -21,6 +21,8 @@
lang=en
ldapconsole.root=..
-ldapconsole.version=1.0
+ldapconsole.version=1.0.2
+ldapconsole.gen.version=1.0
brand=fedora
ldapconsole.name=${brand}-ds-${ldapconsole.version}
+ldapconsole.gen.name=${brand}-ds-${ldapconsole.gen.version}
Index: build.xml
===================================================================
RCS file: /cvs/dirsec/directoryconsole/build.xml,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- build.xml 22 Mar 2006 19:09:02 -0000 1.6
+++ build.xml 24 Mar 2006 00:52:51 -0000 1.7
@@ -149,6 +149,12 @@
<include name="com/**/*.properties" />
</fileset>
</jar>
+ <exec executable="ln" dir="${package.dir}" vmlauncher="true">
+ <arg line="-s ${ldapconsole.name}.jar ${ldapconsole.gen.name}.jar"/>
+ </exec>
+ <exec executable="ln" dir="${package.dir}" vmlauncher="true">
+ <arg line="-s ${ldapconsole.name}_${lang}.jar ${ldapconsole.gen.name}_${lang}.jar"/>
+ </exec>
</target>
<!-- Javadoc -->
18 years, 1 month
[Fedora-directory-commits] setuputil/installer/include nsdefs.h, 1.1.1.1, 1.2
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/setuputil/installer/include
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28529/setuputil/installer/include
Modified Files:
nsdefs.h
Log Message:
Use <iostream> instead of <iostream.h> on those platforms that support it.
With this fix, we don't get the deprecation warnings when building setuputil.
This has been tested on various linux, Solaris 9 with old and new forte, and on HPUX IPF.
Thanks to Nathan and Noriko for the reviews.
Index: nsdefs.h
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/include/nsdefs.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- nsdefs.h 29 Jul 2005 22:16:28 -0000 1.1.1.1
+++ nsdefs.h 23 Mar 2006 20:45:37 -0000 1.2
@@ -30,6 +30,12 @@
** HISTORY
**
** $Log$
+** Revision 1.2 2006/03/23 20:45:37 rmeggins
+** Use <iostream> instead of <iostream.h> on those platforms that support it.
+** With this fix, we don't get the deprecation warnings when building setuputil.
+** This has been tested on various linux, Solaris 9 with old and new forte, and on HPUX IPF.
+** Thanks to Nathan and Noriko for the reviews.
+**
** Revision 1.1.1.1 2005/07/29 22:16:28 foxworth
** Importing new setup sdk for open source project
**
@@ -153,7 +159,11 @@
** Includes
**
**********************************************************************/
-#include <iostream.h>
+#if !defined(HPUX) || defined(_HP_NAMESPACE_STD)
+#include <iostream>
+#else
+#include <iostream.h> /* use old name on older systems */
+#endif
#ifdef XP_WIN32
#include <stdlib.h>
18 years, 1 month
[Fedora-directory-commits] setuputil nsconfig.mk,1.8,1.9
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/setuputil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28529/setuputil
Modified Files:
nsconfig.mk
Log Message:
Use <iostream> instead of <iostream.h> on those platforms that support it.
With this fix, we don't get the deprecation warnings when building setuputil.
This has been tested on various linux, Solaris 9 with old and new forte, and on HPUX IPF.
Thanks to Nathan and Noriko for the reviews.
Index: nsconfig.mk
===================================================================
RCS file: /cvs/dirsec/setuputil/nsconfig.mk,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- nsconfig.mk 23 Feb 2006 21:47:45 -0000 1.8
+++ nsconfig.mk 23 Mar 2006 20:45:31 -0000 1.9
@@ -220,15 +220,14 @@
ifdef MODERNHP
CC=cc -Ae +ESlit
CXX=aCC
+ARCH_CFLAGS=-AA # the default on ipf, but also use it elsewhere
ifeq ($(NSOS_RELEASE), B.11.23)
- ARCH_CFLAGS=-AA
ifeq ($(USE_64), 1)
BIT_SWITCH=+DD64
else
BIT_SWITCH=+DD32
endif
else # 11.11 or earlier
- ARCH_CFLAGS=
ifeq ($(USE_64), 1)
BIT_SWITCH=+DA2.0W +DS2.0
else
18 years, 1 month
[Fedora-directory-commits] setuputil/installer/unix/lib dialog.cc, 1.1.1.1, 1.2 ux-curse.c, 1.1.1.1, 1.2 ux-util.cc, 1.1.1.1, 1.2 ux-wrapper.cc, 1.1.1.1, 1.2
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/setuputil/installer/unix/lib
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15054/setuputil/installer/unix/lib
Modified Files:
dialog.cc ux-curse.c ux-util.cc ux-wrapper.cc
Log Message:
Bug(s) fixed: 186280
Bug Description: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan & Noriko (Thanks!)
Fix Description: Mostly cleaned up usage of sprintf.
Platforms tested: Fedora Core 5
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: dialog.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/lib/dialog.cc,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- dialog.cc 29 Jul 2005 22:16:32 -0000 1.1.1.1
+++ dialog.cc 23 Mar 2006 15:59:22 -0000 1.2
@@ -28,6 +28,17 @@
** HISTORY
**
** $Log$
+** Revision 1.2 2006/03/23 15:59:22 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:32 foxworth
** Importing new setup sdk for open source project
**
@@ -347,7 +358,11 @@
if (_enable8BitInput)
{
utf8Buf = localToUTF8(_buf);
- strcpy(_buf, utf8Buf);
+ strncpy(_buf, utf8Buf, _bufLen);
+ if (!memchr(_buf, 0, _bufLen)) { /* string is not null terminated */
+ _buf[0] = 0; /* erase to avoid using improperly formed utf8 */
+ rc = 0;
+ }
free(utf8Buf);
}
}
@@ -411,12 +426,14 @@
ans = UTF8ToLocal(_defaultAns.data());
else
ans = strdup((const char *) _defaultAns);
- sprintf(tstr, " [%s]: ", ans);
+ snprintf(tstr, sizeof(tstr), " [%s]: ", ans);
+ tstr[sizeof(tstr)-1] = 0;
free(ans);
}
else
{
- sprintf(tstr, "%c ", ':');
+ snprintf(tstr, sizeof(tstr), "%c ", ':');
+ tstr[sizeof(tstr)-1] = 0;
_buf[0] = 0;
}
printw(tstr);
Index: ux-curse.c
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/lib/ux-curse.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- ux-curse.c 29 Jul 2005 22:16:32 -0000 1.1.1.1
+++ ux-curse.c 23 Mar 2006 15:59:22 -0000 1.2
@@ -56,8 +56,9 @@
va_list arg;
va_start(arg, msg);
- vsprintf(errbuf, msg, arg);
+ vsnprintf(errbuf, sizeof(errbuf), msg, arg);
va_end(arg);
+ errbuf[sizeof(errbuf)-1] = 0;
printw(errbuf);
printw("Press any key to continue.\n");
refresh();
@@ -72,8 +73,9 @@
va_list arg;
va_start(arg, msg);
- vsprintf(errbuf, msg, arg);
+ vsnprintf(errbuf, sizeof(errbuf), msg, arg);
va_end(arg);
+ errbuf[sizeof(errbuf)-1] = 0;
getyx(stdscr, y, x);
Index: ux-util.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/lib/ux-util.cc,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- ux-util.cc 29 Jul 2005 22:16:33 -0000 1.1.1.1
+++ ux-util.cc 23 Mar 2006 15:59:22 -0000 1.2
@@ -27,6 +27,17 @@
** UNIX Only
** HISTORY:
** $Log$
+** Revision 1.2 2006/03/23 15:59:22 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:33 foxworth
** Importing new setup sdk for open source project
**
@@ -291,7 +302,8 @@
NSString hn;
NVPair *admconf;
- sprintf(tstr, "%s/%s", sroot, DEFAULT_ADMINCONF);
+ snprintf(tstr, sizeof(tstr), "%s/%s", sroot, DEFAULT_ADMINCONF);
+ tstr[sizeof(tstr)-1] = 0;
admconf = new NVPair(tstr);
@@ -371,7 +383,8 @@
NVPair *ssconf;
NSString ssUser;
- sprintf(tstr, "%s/%s", sroot, DEFAULT_SSUSERCONF);
+ snprintf(tstr, sizeof(tstr), "%s/%s", sroot, DEFAULT_SSUSERCONF);
+ tstr[sizeof(tstr)-1] = 0;
ssconf = new NVPair(tstr);
@@ -411,7 +424,8 @@
NVPair *ssconf;
NSString ssGroup;
- sprintf(tstr, "%s/%s", sroot, DEFAULT_SSUSERCONF);
+ snprintf(tstr, sizeof(tstr), "%s/%s", sroot, DEFAULT_SSUSERCONF);
+ tstr[sizeof(tstr)-1] = 0;
ssconf = new NVPair(tstr);
@@ -450,7 +464,8 @@
NVPair admpw;
const char *pwd = NULL;
- sprintf(temp, "%s/admin-serv/config/adm.conf", serverRoot);
+ snprintf(temp, sizeof(temp), "%s/admin-serv/config/adm.conf", serverRoot);
+ temp[sizeof(temp)-1] = 0;
admpw.setFormat(2);
admpw.read(temp);
@@ -489,12 +504,13 @@
if (uname(&sysname) >= 0)
{
#if defined(IRIX) /* I want IRIX, not IRIX64 */
- sprintf(tstr, "%s%s", "IRIX", sysname.release);
+ snprintf(tstr, sizeof(tstr), "%s%s", "IRIX", sysname.release);
#elif defined(SOLARIS) || defined(OSF1) || defined(HPUX)
- sprintf(tstr, "%s%s", sysname.sysname, sysname.release);
+ snprintf(tstr, sizeof(tstr), "%s%s", sysname.sysname, sysname.release);
#elif defined(AIX)
- sprintf(tstr, "%s%s.%s", sysname.sysname, sysname.version, sysname.release);
+ snprintf(tstr, sizeof(tstr), "%s%s.%s", sysname.sysname, sysname.version, sysname.release);
#endif
+ tstr[sizeof(tstr)-1] = 0;
return tstr;
}
else
@@ -537,6 +553,7 @@
if (!strncasecmp(line, "domain ", 7))
{
sscanf(&line[7], "%s", domain);
+ domain[sizeof(domain)-1] = 0;
dm = (domain[0] == '.' ? &domain[1] : domain);
return dm;
}
@@ -589,7 +606,8 @@
/* Bug 624241 - sprintf() will wipe out target var first on Linux */
char hncopy[SML_BUF];
strcpy(hncopy, hn);
- sprintf(hn, "%s.%s", hncopy, dn.data());
+ snprintf(hn, sizeof(hn), "%s.%s", hncopy, dn.data());
+ hn[sizeof(hn)-1] = 0;
}
/* Return whatever we ended up with. */
@@ -710,7 +728,8 @@
return 0;
}
- sprintf(fn, "/tmp/trychown.%ld", (long) getpid());
+ snprintf(fn, sizeof(fn), "/tmp/trychown.%ld", (long) getpid());
+ fn[sizeof(fn)-1] = 0;
if ((fd = creat(fn, 0777)) == -1)
return 0; /* Hmm. */
ret = chown(fn, pw->pw_uid, pw->pw_gid);
@@ -826,7 +845,8 @@
}
}
- sprintf(fn, "/tmp/trychown_grp.%ld", (long) getpid());
+ snprintf(fn, sizeof(fn), "/tmp/trychown_grp.%ld", (long) getpid());
+ fn[sizeof(fn)-1] = 0;
if ((fd = creat(fn, 0777)) == -1)
{
return 0; /* Hmm. */
@@ -885,11 +905,7 @@
NSString
InstUtil::getSelfUserID()
{
-#if 0
- return cuserid(NULL);
-#else
return getpwuid(geteuid())->pw_name;
-#endif
}
/*********************************************************************
@@ -1066,7 +1082,8 @@
return ("/");
}
- strcpy(s, path);
+ strncpy(s, path, sizeof(s));
+ s[sizeof(s)-1] = 0;
/* Strip off trailing / */
Index: ux-wrapper.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/lib/ux-wrapper.cc,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- ux-wrapper.cc 29 Jul 2005 22:16:33 -0000 1.1.1.1
+++ ux-wrapper.cc 23 Mar 2006 15:59:22 -0000 1.2
@@ -29,6 +29,17 @@
** HISTORY:
**
** $Log$
+** Revision 1.2 2006/03/23 15:59:22 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:33 foxworth
** Importing new setup sdk for open source project
**
@@ -179,12 +190,13 @@
{
return;
}
- sprintf(buf,"[%s] %s", who, level);
+ snprintf(buf, sizeof(buf), "[%s] %s", who, level);
va_start (arg, msg);
- vsprintf(buf+strlen(buf), msg, arg);
+ vsnprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), msg, arg);
va_end(arg);
+ buf[sizeof(buf)-1] = 0;
fputs(buf,fp);
fputs("\n",fp);
18 years, 1 month
[Fedora-directory-commits] setuputil/installer/unix dl-common.cc, 1.1.1.1, 1.2 dl-dnld.cc, 1.1.1.1, 1.2 dl-inst.cc, 1.1.1.1, 1.2 dl-uninst.cc, 1.1.1.1, 1.2 installer.cc, 1.3, 1.4 product.cc, 1.4, 1.5 uninstaller.cc, 1.1.1.1, 1.2 ux-setup.cc, 1.1.1.1, 1.2
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/setuputil/installer/unix
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15054/setuputil/installer/unix
Modified Files:
dl-common.cc dl-dnld.cc dl-inst.cc dl-uninst.cc installer.cc
product.cc uninstaller.cc ux-setup.cc
Log Message:
Bug(s) fixed: 186280
Bug Description: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan & Noriko (Thanks!)
Fix Description: Mostly cleaned up usage of sprintf.
Platforms tested: Fedora Core 5
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: dl-common.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/dl-common.cc,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- dl-common.cc 29 Jul 2005 22:16:30 -0000 1.1.1.1
+++ dl-common.cc 23 Mar 2006 15:59:17 -0000 1.2
@@ -28,6 +28,17 @@
** HISTORY
**
** $Log$
+** Revision 1.2 2006/03/23 15:59:17 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:30 foxworth
** Importing new setup sdk for open source project
**
@@ -315,9 +326,10 @@
DialogInput *dl = new DialogInput;
if (whatProduct != NULL)
- sprintf(tstr, selectionText, whatProduct);
+ snprintf(tstr, sizeof(tstr), selectionText, whatProduct);
else
- sprintf(tstr, selectionText);
+ snprintf(tstr, sizeof(tstr), selectionText);
+ tstr[sizeof(tstr)-1] = 0;
dl->setText(tstr);
dl->setSetupAction(NULL);
@@ -431,9 +443,10 @@
if (p->isVisible())
{
if (p->numVisibleComponents() >= 1)
- sprintf(tstr, " %d. %s (%d)\n", ++j, p->get(PKG_NAME), p->numVisibleComponents());
+ snprintf(tstr, sizeof(tstr), " %d. %s (%d)\n", ++j, p->get(PKG_NAME), p->numVisibleComponents());
else
- sprintf(tstr, " %d. %s\n", ++j, p->get(PKG_NAME));
+ snprintf(tstr, sizeof(tstr), " %d. %s\n", ++j, p->get(PKG_NAME));
+ tstr[sizeof(tstr)-1] = 0;
text2 = text2 + tstr;
@@ -525,7 +538,6 @@
char *ldapURL;
const char *buf = me->input();
NSString errMsg;
- char tmp[XSM_BUF];
LDAPURLDesc *ludpp;
char *domain;
DialogAction rc = DIALOG_NEXT;
@@ -678,7 +690,8 @@
localLdapURL = UTF8ToLocal(me->manager()->getDefaultScript()->get(CONFIG_LDAP_URL));
hostPortURL = stripConfigLdapURL(localLdapURL);
- sprintf(text2, " %s", (const char *)hostPortURL);
+ snprintf(text2, sizeof(text2), " %s", (const char *)hostPortURL);
+ text2[sizeof(text2)-1] = 0;
free (localLdapURL);
@@ -842,7 +855,6 @@
const char *ldapURL;
const char *buf = me->input();
NSString errMsg;
- char tmp[XSM_BUF];
LDAPURLDesc *ludpp;
DialogAction rc = DIALOG_NEXT;
@@ -893,7 +905,8 @@
localLdapURL = UTF8ToLocal(me->manager()->getDefaultScript()->get(UG_LDAP_URL));
- sprintf(text2, " %s", localLdapURL);
+ snprintf(text2, sizeof(text2), " %s", localLdapURL);
+ text2[sizeof(text2)-1] = 0;
free (localLdapURL);
Index: dl-dnld.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/dl-dnld.cc,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- dl-dnld.cc 29 Jul 2005 22:16:30 -0000 1.1.1.1
+++ dl-dnld.cc 23 Mar 2006 15:59:17 -0000 1.2
@@ -28,6 +28,17 @@
** HISTORY
**
** $Log$
+** Revision 1.2 2006/03/23 15:59:17 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:30 foxworth
** Importing new setup sdk for open source project
**
@@ -180,7 +191,8 @@
for (int i = 0; i < p->numName(); i++)
{
s = p->name(i);
- sprintf(tstr, " %d. %s\n", i+1, s);
+ snprintf(tstr, sizeof(tstr), " %d. %s\n", i+1, s);
+ tstr[sizeof(tstr)-1] = 0;
text2 = text2 + tstr;
}
me->setText2(text2.data());
@@ -648,7 +660,7 @@
const char *sysVersion = me->manager()->getDefaultScript()->get(SYS_VERSION);
int i, j;
Bool found = False;
- char tmp[5];
+ char tmp[20];
setupSelectionDialog(me, platformInfo);
@@ -801,17 +813,18 @@
if (err == -1)
{
- sprintf(errMsg, "ERROR: Can't create directory %s\n", ans);
+ snprintf(errMsg, sizeof(errMsg), "ERROR: Can't create directory %s\n", ans);
}
else if (err == -2)
{
- sprintf(errMsg, "ERROR: %s exists and is not a directory.\n", ans);
+ snprintf(errMsg, sizeof(errMsg), "ERROR: %s exists and is not a directory.\n", ans);
}
else if (err == -3)
{
- sprintf(errMsg, "ERROR: Can't write to %s\n", ans);
+ snprintf(errMsg, sizeof(errMsg), "ERROR: Can't write to %s\n", ans);
}
+ errMsg[sizeof(errMsg)-1] = 0;
DialogAlert alert(errMsg);
alert.execute();
Index: dl-inst.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/dl-inst.cc,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- dl-inst.cc 29 Jul 2005 22:16:31 -0000 1.1.1.1
+++ dl-inst.cc 23 Mar 2006 15:59:17 -0000 1.2
@@ -28,6 +28,17 @@
** HISTORY
**
** $Log$
+** Revision 1.2 2006/03/23 15:59:17 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:31 foxworth
** Importing new setup sdk for open source project
**
@@ -406,9 +417,10 @@
else if (installer->checkDiskSpace() == False)
{
char szMsg[2048];
- sprintf(szMsg, "Warning: not enough disk space in the path %s, you can either remove unnecessary \n" \
+ snprintf(szMsg, sizeof(szMsg), "Warning: not enough disk space in the path %s, you can either remove unnecessary \n" \
"files on the destination drive and type Yes to continue, or click \n" \
"CTRL-B to go back and select less products to install\n\n", installer->getServerRoot().data());
+ szMsg[sizeof(szMsg)-1] = 0;
msg = szMsg;
me->setText (msg);
}
@@ -936,7 +948,8 @@
// Ask SS Group
ssGroup = me->manager()->getDefaultScript()->get(SS_GROUP);
- sprintf(tmp, "%s [%s]: ", "System Group", ssGroup.data());
+ snprintf(tmp, sizeof(tmp), "%s [%s]: ", "System Group", ssGroup.data());
+ tmp[sizeof(tmp)-1] = 0;
me->showString(tmp);
if (me->getInput() == 0)
Index: dl-uninst.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/dl-uninst.cc,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- dl-uninst.cc 29 Jul 2005 22:16:31 -0000 1.1.1.1
+++ dl-uninst.cc 23 Mar 2006 15:59:17 -0000 1.2
@@ -28,6 +28,17 @@
** HISTORY
**
** $Log$
+** Revision 1.2 2006/03/23 15:59:17 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:31 foxworth
** Importing new setup sdk for open source project
**
@@ -334,7 +345,8 @@
LDAPURLDesc *ludpp = NULL;
ldap_url_parse ((char *) ldapURL , &ludpp);
- sprintf(tmp, "ldap://%s:389/%s", ludpp->lud_host, ludpp->lud_dn);
+ snprintf(tmp, sizeof(tmp), "ldap://%s:389/%s", ludpp->lud_host, ludpp->lud_dn);
+ tmp[sizeof(tmp)-1] = 0;
ldap_free_urldesc(ludpp);
installInfo->set(CONFIG_LDAP_URL, tmp);
@@ -402,12 +414,13 @@
if (dp && dp->get(s) && q->isSelected() == False)
{
// q is dependent on p and q is not selected
- sprintf(tstr,
+ snprintf(tstr, sizeof(tstr),
getResource(RES_MESSAGE_UNINST_VERIFYSELECTION1),
q->get(PKG_NAME),
p->get(PKG_NAME),
q->get(PKG_NAME),
q->get(PKG_NAME));
+ tstr[sizeof(tstr)-1] = 0;
DialogAlert alert(tstr);
alert.execute();
Index: installer.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/installer.cc,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- installer.cc 13 Dec 2005 20:58:22 -0000 1.3
+++ installer.cc 23 Mar 2006 15:59:17 -0000 1.4
@@ -27,6 +27,17 @@
**
** HISTORY:
** $Log$
+** Revision 1.4 2006/03/23 15:59:17 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.3 2005/12/13 20:58:22 nhosoi
** [175418] Admin Server ns-update crashes if necessary attribute-value is not given
** 1) Although Admin Server's PostInstall program ns-update expects it, PostInstall
@@ -2292,28 +2303,29 @@
if (err == -1)
{
- sprintf(errMsg, "Can't create directory %s\n", sroot);
+ snprintf(errMsg, sizeof(errMsg), "Can't create directory %s\n", sroot);
}
else if (err == -2)
{
- sprintf(errMsg, "%s exists and is not a directory.\n", sroot);
+ snprintf(errMsg, sizeof(errMsg), "%s exists and is not a directory.\n", sroot);
}
else if (err == -3)
{
- sprintf(errMsg, "Can't write to %s\n", sroot);
+ snprintf(errMsg, sizeof(errMsg), "Can't write to %s\n", sroot);
}
else if (err == -4)
{
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_CHECKSERVERROOT1),
sroot);
}
else
{
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_CHECKSERVERROOT2),
sroot);
}
+ errMsg[sizeof(errMsg)-1] = 0;
}
return errMsg;
}
@@ -2338,7 +2350,7 @@
}
else if (!p->securityChecked())
{
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
"You are installing %s over an\n"
"existing installation that is of a higher security level.\n"
"Installation over an incompatible security level is not\n"
@@ -2347,7 +2359,7 @@
}
else
{
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
"You are installing %s over an\n"
"existing installation that is incompatible.\n"
"Installation over an incompatible version is not\n"
@@ -2355,6 +2367,7 @@
}
}
}
+ errMsg[sizeof(errMsg)-1] = 0;
return errMsg;
}
@@ -2387,7 +2400,7 @@
{
if ((ok = checkUpdate(p)) == False)
{
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_CHECKCOMPONENTDEPENDENCY1),
p->get(PKG_NAME));
}
@@ -2411,7 +2424,7 @@
msg = getResource(RES_MESSAGE_CHECKCOMPONENTDEPENDENCY6);
break;
};
- sprintf(errMsg, msg, p->get(PKG_NAME));
+ snprintf(errMsg, sizeof(errMsg), msg, p->get(PKG_NAME));
}
}
@@ -2432,7 +2445,7 @@
*/
{
// Not compatible
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_CHECKCOMPONENTDEPENDENCY2),
p->get(PKG_NAME),
q ? q->get(PKG_NAME) : s.data(),
@@ -2447,6 +2460,7 @@
}
}
+ errMsg[sizeof(errMsg)-1] = 0;
return errMsg;
}
@@ -2474,7 +2488,7 @@
{
if (err == -1)
{
- sprintf(errMsg, "Error: Can't find component %s in the package\n", (const char *) nickname);
+ snprintf(errMsg, sizeof(errMsg), "Error: Can't find component %s in the package\n", (const char *) nickname);
}
else
{
@@ -2483,7 +2497,7 @@
loc2 = getUILocation(nickname);
if (loc2 < loc1)
{
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_CHECKCOMPONENTDEPENDENCY2),
p->get(PKG_NAME),
nickname,
@@ -2491,7 +2505,7 @@
}
else
{
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_CHECKCOMPONENTDEPENDENCY2),
p->get(PKG_NAME),
nickname,
@@ -2502,6 +2516,7 @@
}
}
+ errMsg[sizeof(errMsg)-1] = 0;
return errMsg;
}
@@ -2527,7 +2542,7 @@
{
if (err == -1)
{
- sprintf(errMsg, "Can't find component: %s\n", (const char *) nickname);
+ snprintf(errMsg, sizeof(errMsg), "Can't find component: %s\n", (const char *) nickname);
}
else
{
@@ -2535,14 +2550,17 @@
loc1 = getUILocation(p->get(PKG_NICKNAME));
loc2 = getUILocation(nickname);
if (loc2 < loc1)
- sprintf(errMsg, "%s's prior component %s is not selected\n", p->get(PKG_NICKNAME), nickname);
+ snprintf(errMsg, sizeof(errMsg),
+ "%s's prior component %s is not selected\n", p->get(PKG_NICKNAME), nickname);
else if (checkAll)
- sprintf(errMsg, "%s's later component %s is not selected\n", p->get(PKG_NICKNAME), nickname);
+ snprintf(errMsg, sizeof(errMsg),
+ "%s's later component %s is not selected\n", p->get(PKG_NICKNAME), nickname);
}
}
}
}
+ errMsg[sizeof(errMsg)-1] = 0;
return errMsg;
}
@@ -2604,7 +2622,7 @@
{
case -1:
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_VERIFYSSUSER1),
ssUser);
break;
@@ -2612,7 +2630,7 @@
{
NSString err_text(getResource(RES_MESSAGE_VERIFYSSUSER2, RES_GLOBAL_BRAND));
err_text = err_text + getResource(RES_MESSAGE_VERIFYSSUSER3);
- sprintf(errMsg, err_text, ssUser);
+ snprintf(errMsg, sizeof(errMsg), err_text, ssUser);
break;
}
default:
@@ -2620,6 +2638,7 @@
break;
}
+ errMsg[sizeof(errMsg)-1] = 0;
return errMsg;
}
@@ -2634,19 +2653,19 @@
switch (err)
{
case -1:
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_VERIFYSSGROUP1),
ssUser);
break;
case -2:
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_VERIFYSSGROUP2),
ssGroup);
break;
case -3:
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_VERIFYSSGROUP3),
ssUser,ssGroup);
break;
@@ -2655,7 +2674,7 @@
NSString err_text(getResource(RES_MESSAGE_VERIFYSSGROUP4, RES_GLOBAL_BRAND));
err_text = err_text + getResource(RES_MESSAGE_VERIFYSSGROUP5);
- sprintf(errMsg, err_text, ssUser,ssGroup);
+ snprintf(errMsg, sizeof(errMsg), err_text, ssUser,ssGroup);
break;
}
default:
@@ -2663,6 +2682,7 @@
break;
}
+ errMsg[sizeof(errMsg)-1] = 0;
return errMsg;
}
@@ -2865,7 +2885,7 @@
if (err == INVALID_ROOT)
{
- sprintf(errMsg, getResource(RES_MESSAGE_VERIFYINSTALLPRIVILEGE1, RES_GLOBAL_BRAND));
+ snprintf(errMsg, sizeof(errMsg), getResource(RES_MESSAGE_VERIFYINSTALLPRIVILEGE1, RES_GLOBAL_BRAND));
}
else if (err == INSTALL_DN_ERR)
{
@@ -2874,7 +2894,7 @@
NSString err_text(getResource(RES_MESSAGE_VERIFYINSTALLPRIVILEGE2, RES_GLOBAL_BRAND));
err_text =
err_text + getResource(RES_MESSAGE_VERIFYINSTALLPRIVILEGE22);
- sprintf(errMsg, err_text,
+ snprintf(errMsg, sizeof(errMsg), err_text,
DEFAULT_SS_CONTAINER_RDN, DEFAULT_ROOT_DN);
}
else
@@ -2882,14 +2902,15 @@
NSString err_text(getResource(RES_MESSAGE_VERIFYINSTALLPRIVILEGE3, RES_GLOBAL_BRAND));
err_text =
err_text + getResource(RES_MESSAGE_VERIFYINSTALLPRIVILEGE32);
- sprintf(errMsg, err_text, installDN);
+ snprintf(errMsg, sizeof(errMsg), err_text, installDN);
}
}
else if (err != OKAY)
{
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
getResource(RES_MESSAGE_VERIFYINSTALLPRIVILEGE4), ldapUser);
}
+ errMsg[sizeof(errMsg)-1] = 0;
return errMsg;
}
@@ -2926,8 +2947,8 @@
if (err != OKAY)
{
- sprintf(errMsg, "Setup is unable to detect User Directory Informations from the Server\n");
-
+ snprintf(errMsg, sizeof(errMsg), "Setup is unable to detect User Directory Informations from the Server\n");
+ errMsg[sizeof(errMsg)-1] = 0;
}
return errMsg;
@@ -2950,11 +2971,12 @@
if (err != OKAY)
{
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
"The Server Configuration directory subtree appears not to be set up\n"
"correctly for the installation of Netscape Server products. Please contact\n"
"your directory administrator to verify that the you have write\n"
"access to %s\n", installDN);
+ errMsg[sizeof(errMsg)-1] = 0;
}
return errMsg;
Index: product.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/product.cc,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- product.cc 23 Feb 2006 17:57:02 -0000 1.4
+++ product.cc 23 Mar 2006 15:59:17 -0000 1.5
@@ -27,6 +27,17 @@
**
** HISTORY:
** $Log$
+** Revision 1.5 2006/03/23 15:59:17 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.4 2006/02/23 17:57:02 nkinder
** https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182611
** Bug(s) fixed: 182611
@@ -411,7 +422,8 @@
{
char szdir[2048];
//Create an absolute path
- sprintf(szdir,"%s/%s",input, dir->d_name);
+ snprintf(szdir,sizeof(szdir), "%s/%s",input, dir->d_name);
+ szdir[sizeof(szdir)-1] = 0;
//Try removing the directory
int i = rmdir(szdir);
if (i != 0)
@@ -616,7 +628,8 @@
// This is top level master configuration file
init();
- sprintf(tstr, "%s/%s", sourceDir.data(), fileName);
+ snprintf(tstr, sizeof(tstr), "%s/%s", sourceDir.data(), fileName);
+ tstr[sizeof(tstr)-1] = 0;
_packageInfo = new PackageInfo(tstr);
if (_packageInfo->isEmpty() || (componentList = _packageInfo->getListItems(PKG_COMPONENTS)) == NULL || _packageInfo->numSections() == 0)
@@ -680,7 +693,9 @@
init();
- sprintf(tstr, "%s/%s", sourceDir.data(), fileName);
+ snprintf(tstr, sizeof(tstr), "%s/%s", sourceDir.data(), fileName);
+ tstr[sizeof(tstr)-1] = 0;
+
_packageInfo = new PackageInfo(tstr);
if (_packageInfo->isEmpty())
@@ -1277,12 +1292,14 @@
const char *sroot = info->get(SERVER_ROOT);
PackageInfo *p = _packageInfo;
- sprintf(prodinfo, "%s/nyr", sroot);
+ snprintf(prodinfo, sizeof(prodinfo), "%s/nyr", sroot);
+ prodinfo[sizeof(prodinfo)-1] = 0;
if (nyr = fopen(prodinfo,"w"))
fclose(nyr);
// Create new prodinfo
- sprintf(prodinfo, "%s/bin/%s/prodinfo", sroot, get(PKG_NICKNAME));
+ snprintf(prodinfo, sizeof(prodinfo), "%s/bin/%s/prodinfo", sroot, get(PKG_NICKNAME));
+ prodinfo[sizeof(prodinfo)-1] = 0;
p->stampTime();
p->write(prodinfo);
@@ -1551,6 +1568,9 @@
return errMsg;
}
+#define STRINGIZE(x) #x
+#define MYFMT(size) "%" STRINGIZE(size) "s"
+
int
Product::unInstall(const NSString & serverRoot) const
{
@@ -1583,11 +1603,12 @@
if (fp = fopen(logFile.data(), "r"))
{
- while (fscanf(fp, "%s", buf) != EOF)
+ while (fscanf(fp, MYFMT(MED_BUF), buf) != EOF)
{
char suffix[MED_BUF] = "\0";
char *p;
+ buf[sizeof(buf)-1] = 0;
s = buf + serverRoot.length() + 1;
p = strrchr((char *)s, '/');
@@ -1793,7 +1814,6 @@
{
NSString restoreSource;
NSString restoreTarget;
- char buf[SML_BUF];
char **restoreList, **files;
files = restoreList = package()->getListItems(PKG_RESTOREFILES);
@@ -2181,11 +2201,8 @@
NSString name;
const char *version = NULL;
int err = 0;
- char errMsg[BIG_BUF];
int position;
- errMsg[0] = '\0';
-
/*
* Go through the product list and determine whether all dependency
* are satisfied, i.e. if a product depends on one or more products
Index: uninstaller.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/uninstaller.cc,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- uninstaller.cc 29 Jul 2005 22:16:32 -0000 1.1.1.1
+++ uninstaller.cc 23 Mar 2006 15:59:17 -0000 1.2
@@ -27,6 +27,17 @@
**
** HISTORY:
** $Log$
+** Revision 1.2 2006/03/23 15:59:17 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:32 foxworth
** Importing new setup sdk for open source project
**
@@ -399,7 +410,7 @@
if (_serverRoot == (char *) NULL)
{
- sprintf(buf, "ERROR: please specify a server root\n");
+ snprintf(buf, sizeof(buf), "ERROR: please specify a server root\n");
rc = -1;
}
else
@@ -408,17 +419,17 @@
if (InstUtil::isServerRoot(_serverRoot) == False)
{
- sprintf(buf, "ERROR: %s is not a server root\n", _serverRoot.data());
+ snprintf(buf, sizeof(buf), "ERROR: %s is not a server root\n", _serverRoot.data());
rc = -1;
}
else if (_newSuiteSpot.retrieveSuiteSpot(sourceDir, infName) != 0)
{
- sprintf(buf,"ERROR: uninstallation database not found\n");
+ snprintf(buf, sizeof(buf), "ERROR: uninstallation database not found\n");
rc = -1;
}
else if (_newSuiteSpot.numComponents() == 0)
{
- sprintf(buf, "ERROR: nothing to remove\n");
+ snprintf(buf, sizeof(buf), "ERROR: nothing to remove\n");
rc = -1;
}
else
@@ -433,6 +444,7 @@
if (rc)
{
+ buf[sizeof(buf)-1] = 0;
printf(buf);
return rc;
}
Index: ux-setup.cc
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/unix/ux-setup.cc,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- ux-setup.cc 29 Jul 2005 22:16:32 -0000 1.1.1.1
+++ ux-setup.cc 23 Mar 2006 15:59:17 -0000 1.2
@@ -28,6 +28,17 @@
** HISTORY
**
** $Log$
+** Revision 1.2 2006/03/23 15:59:17 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:32 foxworth
** Importing new setup sdk for open source project
**
@@ -278,8 +289,6 @@
if (ldapURL && ldap_url_parse(ldapURL, &ludpp) == 0)
{
- char tmp[10];
-
_installInfo->set(CONFIG_LDAP_URL, ldapURL);
_installInfo->set(DS_ADMIN_DOMAIN, installDN);
@@ -319,17 +328,17 @@
errMsg[0] = 0;
break;
case INVALID_URL:
- sprintf(errMsg, "The URL \"%s\" is not of valid format.\n", localLdapURL);
+ snprintf(errMsg, sizeof(errMsg), "The URL \"%s\" is not of valid format.\n", localLdapURL);
break;
case CONN_FAILED:
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
"Cannot connect to URL \"%s\".\n"
" The server may have been down. Please fix the problem\n"
" before proceeding with installation.\n",
localLdapURL);
break;
case INVALID_DN:
- sprintf(errMsg,
+ snprintf(errMsg, sizeof(errMsg),
"setup cannot verify the base suffix as specified in\n"
" \"%s\".\n"
" Please check the base suffix and re-enter the URL.\n",
@@ -340,6 +349,7 @@
break;
}
free(localLdapURL);
+ errMsg[sizeof(errMsg)-1] = 0;
return errMsg;
}
@@ -359,28 +369,29 @@
switch(err)
{
case INVALID_INPUT:
- sprintf(errMsg, getResource(RES_MESSAGE_VERIFYLDAPUSER1));
+ snprintf(errMsg, sizeof(errMsg), getResource(RES_MESSAGE_VERIFYLDAPUSER1));
break;
case INVALID_URL:
- sprintf(errMsg, getResource(RES_MESSAGE_VERIFYLDAPUSER2), localLdapURL);
+ snprintf(errMsg, sizeof(errMsg), getResource(RES_MESSAGE_VERIFYLDAPUSER2), localLdapURL);
break;
case INVALID_AUTH:
- sprintf(errMsg, getResource(RES_MESSAGE_VERIFYLDAPUSER3));
+ snprintf(errMsg, sizeof(errMsg), getResource(RES_MESSAGE_VERIFYLDAPUSER3));
break;
case CONN_FAILED:
- sprintf(errMsg, getResource(RES_MESSAGE_VERIFYLDAPUSER4));
+ snprintf(errMsg, sizeof(errMsg), getResource(RES_MESSAGE_VERIFYLDAPUSER4));
break;
case INVALID_USER:
- sprintf(errMsg, getResource(RES_MESSAGE_VERIFYLDAPUSER5));
+ snprintf(errMsg, sizeof(errMsg), getResource(RES_MESSAGE_VERIFYLDAPUSER5));
break;
default:
- sprintf(errMsg, getResource(RES_MESSAGE_VERIFYLDAPUSER6));
+ snprintf(errMsg, sizeof(errMsg), getResource(RES_MESSAGE_VERIFYLDAPUSER6));
break;
}
}
free (localLdapURL);
+ errMsg[sizeof(errMsg)-1] = 0;
return errMsg;
}
@@ -391,7 +402,8 @@
{
char filename[200];
- sprintf(filename,"%s/%s", getenv("HOME"), ".nssetup-default");
+ snprintf(filename, sizeof(filename), "%s/%s", getenv("HOME"), ".nssetup-default");
+ filename[sizeof(filename)-1] = 0;
_userDefault.setFormat(1);
_userDefault.read(filename);
}
18 years, 1 month
[Fedora-directory-commits] setuputil/installer/lib prodinfo.cpp, 1.1.1.1, 1.2 setupapi.cpp, 1.1.1.1, 1.2 uninstall.cpp, 1.1.1.1, 1.2
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/setuputil/installer/lib
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15054/setuputil/installer/lib
Modified Files:
prodinfo.cpp setupapi.cpp uninstall.cpp
Log Message:
Bug(s) fixed: 186280
Bug Description: Close potential security vulnerabilities in CGI code
Reviewed by: Nathan & Noriko (Thanks!)
Fix Description: Mostly cleaned up usage of sprintf.
Platforms tested: Fedora Core 5
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: prodinfo.cpp
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/lib/prodinfo.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- prodinfo.cpp 29 Jul 2005 22:16:29 -0000 1.1.1.1
+++ prodinfo.cpp 23 Mar 2006 15:59:10 -0000 1.2
@@ -24,6 +24,17 @@
** Name: prodinfo.c
**
** $Log$
+** Revision 1.2 2006/03/23 15:59:10 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:29 foxworth
** Importing new setup sdk for open source project
**
@@ -239,17 +250,19 @@
continue;
}
if ( buf[0] == '[' ) { /* install date */
- int n;
- char tmp[BUFSIZ];
+ int end = 0;
for ( i = strlen( buf ) - 1 ; i-- ; ) {
if ( buf[i] == ']' ) {
buf[i] = '\0'; /* clean up date */
break;
}
}
- n = sscanf (buf + 1, "%s %s %s %s %s", tmp, tmp, tmp, tmp, tmp);
+ /* need to know if there are at least 5 tokens in buf - end will only be set
+ if there are at least 5 whitespace delimited tokens in (buf+1)
+ */
+ sscanf (buf + 1, "%*s %*s %*s %*s %*s%n", &end);
- if (n == 5)
+ if (end)
{
if ( tree->when ) {
break; /* this is a previous date, stop reading */
Index: setupapi.cpp
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/lib/setupapi.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- setupapi.cpp 29 Jul 2005 22:16:30 -0000 1.1.1.1
+++ setupapi.cpp 23 Mar 2006 15:59:10 -0000 1.2
@@ -1887,10 +1887,9 @@
#else
FILE *f = fopen("/etc/resolv.conf", "r");
char line[SML_BUF];
- char *domain;
+ char domain[SML_BUF];
char *dm;
- domain = (char *) malloc(SML_BUF);
/* See if there's a domain entry in their resolver configuration */
if (f)
{
@@ -1898,9 +1897,20 @@
{
if (!strncasecmp(line, "domain ", 7))
{
- sscanf(&line[7], "%s", domain);
- dm = (domain[0] == '.' ? &domain[1] : domain);
- return dm;
+ int end = 0;
+ int len = strlen(line);
+ char *begin = &line[7];
+ if ((len > 8) && (line[7] == '.')) {
+ begin = &line[8];
+ }
+ sscanf(begin, "%*s%n", &end);
+ if (end) {
+ fclose(f);
+ strncpy(domain, begin, end);
+ domain[end] = 0;
+ dm = strdup(domain);
+ return dm;
+ }
}
}
fclose(f);
@@ -1913,7 +1923,12 @@
#else
getdomainname(domain, SML_BUF);
#endif
- dm = (domain[0] == '.' ? &domain[1] : domain);
+ domain[SML_BUF] = 0;
+ if (domain[0] == '.') {
+ dm = strdup(&domain[1]);
+ } else {
+ dm = strdup(domain);
+ }
#endif
return dm;
Index: uninstall.cpp
===================================================================
RCS file: /cvs/dirsec/setuputil/installer/lib/uninstall.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- uninstall.cpp 29 Jul 2005 22:16:30 -0000 1.1.1.1
+++ uninstall.cpp 23 Mar 2006 15:59:10 -0000 1.2
@@ -28,6 +28,17 @@
**
** HISTORY:
** $Log$
+** Revision 1.2 2006/03/23 15:59:10 rmeggins
+** Bug(s) fixed: 186280
+** Bug Description: Close potential security vulnerabilities in CGI code
+** Reviewed by: Nathan & Noriko (Thanks!)
+** Fix Description: Mostly cleaned up usage of sprintf.
+** Platforms tested: Fedora Core 5
+** Flag Day: no
+** Doc impact: no
+** QA impact: should be covered by regular nightly and manual testing
+** New Tests integrated into TET: none
+**
** Revision 1.1.1.1 2005/07/29 22:16:30 foxworth
** Importing new setup sdk for open source project
**
@@ -79,7 +90,7 @@
if (moduleNickName)
{
- sprintf(tstr, "%s%c%s%c%s%c%s.log",
+ snprintf(tstr, sizeof(tstr), "%s%c%s%c%s%c%s.log",
serverRoot,
PATH_DELIM,
"setup",
@@ -90,7 +101,7 @@
}
else
{
- sprintf(tstr, "%s%c%s%c%s%c%s.log",
+ snprintf(tstr, sizeof(tstr), "%s%c%s%c%s%c%s.log",
serverRoot,
PATH_DELIM,
"setup",
@@ -99,6 +110,7 @@
PATH_DELIM,
packageNickName);
}
+ tstr[sizeof(tstr)-1] = 0;
fp = fopen(tstr, "a");
18 years, 1 month
[Fedora-directory-commits] adminutil/tests retrieveSIE.c,1.1,1.2
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminutil/tests
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11998/adminutil/tests
Modified Files:
retrieveSIE.c
Log Message:
Bug(s) fixed: 186280
Bug Description: Close potential security vulnerabilities in CGI code
Reviewed by: Noriko (Thanks!)
Fix Description: The code was already pretty clean in terms of buffer
access. I added some malloc return checking, used some nspr functions
where applicable, removed some dead code, and fixed a couple of small
memory leaks.
Platforms tested: Fedora Core 5
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: retrieveSIE.c
===================================================================
RCS file: /cvs/dirsec/adminutil/tests/retrieveSIE.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- retrieveSIE.c 16 Nov 2005 18:50:21 -0000 1.1
+++ retrieveSIE.c 22 Mar 2006 23:47:25 -0000 1.2
@@ -58,7 +58,8 @@
exit(1);
}
- sprintf(admroot, "%s/admin-serv/config", svrroot);
+ snprintf(admroot, len, "%s/admin-serv/config", svrroot);
+ admroot[len] = '\0';
/*
* get the LDAP information from admin server config info
18 years, 1 month
[Fedora-directory-commits] adminutil/lib/libadmsslutil admsslutil.c, 1.2, 1.3
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminutil/lib/libadmsslutil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11998/adminutil/lib/libadmsslutil
Modified Files:
admsslutil.c
Log Message:
Bug(s) fixed: 186280
Bug Description: Close potential security vulnerabilities in CGI code
Reviewed by: Noriko (Thanks!)
Fix Description: The code was already pretty clean in terms of buffer
access. I added some malloc return checking, used some nspr functions
where applicable, removed some dead code, and fixed a couple of small
memory leaks.
Platforms tested: Fedora Core 5
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: admsslutil.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/admsslutil.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- admsslutil.c 6 Dec 2005 18:38:42 -0000 1.2
+++ admsslutil.c 22 Mar 2006 23:47:20 -0000 1.3
@@ -144,20 +144,12 @@
filename++; /* Skip '/' */
}
- /* basename is either "-cert" or "-key" */
- base = strstr(filename, basename);
+ /* basename is either "-cert" or "-key" - look for last occurance */
+ base = PL_strrstr(filename, basename);
if (base == NULL) {
return;
}
- /*
- * Find the last occurrence of basename in filename in an unlikely
- * scenario that basename (-key or -cert) appears in the prefix
- */
- while (strstr(base+1, basename) != NULL) {
- base = strstr(base+1, basename);
- }
-
/* Include '-' into prefix */
prefixLen = base-filename+1;
if (prefixLen > maxprefixlen) {
@@ -188,6 +180,10 @@
/* PKSC11 module must be configured before NSS is initialized */
db_name = PL_strdup("internal (software) ");
+ if (!db_name) {
+ return -1;
+ }
+
PK11_ConfigurePKCS11(NULL,NULL,NULL,db_name,NULL, NULL,NULL,NULL,
/*minPwdLen=*/8, /*pwdRequired=*/1);
@@ -272,7 +268,11 @@
if((!certdbFile) || (!keydbFile) || (!admroot)) return -1;
- return initNSS(certdbFile, keydbFile);
+ errCode = initNSS(certdbFile, keydbFile);
+ PL_Free(certdbFile);
+ PL_Free(keydbFile);
+
+ return errCode;
}
void servssl_error(char *fmt, ...)
@@ -763,66 +763,6 @@
}
fclose(f);
-
-#ifdef NES
- /* add/edit field in magnus.conf */
- modified_security = 0;
- linecnt = 0;
- PR_snprintf(filename, sizeof(filename),
- "%s/admin-serv/config/magnus.conf", sroot);
-
- f = fopen(filename, "r");
- if (f==NULL) {
- servssl_error("Can not open magnus.conf for reading");
- }
-
- while(fgets(inbuf, sizeof(inbuf), f) != NULL) {
- if(lines[linecnt] != NULL)
- PR_Free(lines[linecnt]);
- if ((strstr(inbuf,"Security ") == inbuf) &&
- (security && *security != '\0')) {
- /* Line starts with "Security" */
- col = strrchr(inbuf,' ');
- if (col == NULL) {
- servssl_error("Bad format for security field in magnus.conf");
- }
- *col=0;
- PR_snprintf(buf, sizeof(buf), "%s %s\n", inbuf, security);
- lines[linecnt++] = PL_strdup(buf);
- modified_security=1;
- }
- else {
- lines[linecnt++] = PL_strdup(inbuf);
- }
- }
- fclose(f);
-
- if ((!modified_security) &&
- (security && *security != '\0')) {
- /* security not found - put it in */
- if(lines[linecnt] != NULL)
- PR_Free(lines[linecnt]);
- PR_snprintf(buf, sizeof(buf), "Security %s\n", security);
- lines[linecnt++] = PL_strdup(buf);
- }
-
- f = fopen(filename, "w");
- if (f==NULL) {
- fclose(f);
- servssl_error("Can not open magnus.conf for writing");
- }
-
- for (i=0; i < linecnt; i++) {
- fprintf(f, "%s", lines[i]);
- }
-
- fclose(f);
-
- for(i=0; i<50; i++) {
- if(lines[i] != NULL)
- PR_Free(lines[i]);
- }
-#endif /* NES */
}
18 years, 1 month