convert all unchecked strlcat to xstrlcat

arekinath · Apr 11, 2024 · c498a77 · c498a77
1 parent b390334
commit c498a77
Show file tree

Hide file tree

Showing 7 changed files with 84 additions and 75 deletions.
diff --git a/ebox-cmd.c b/ebox-cmd.c
@@ -1269,15 +1269,15 @@ compose_path(const struct ebox_tpl_path_seg *segs, const char *tpl)
 	while (seg != NULL) {
 		switch (seg->tps_type) {
 		case PATH_SEG_FIXED:
-			strlcat(buf, seg->tps_fixed, PATH_MAX);
+			xstrlcat(buf, seg->tps_fixed, PATH_MAX);
 			break;
 		case PATH_SEG_ENV:
 			tmp = getenv(seg->tps_env);
 			if (tmp != NULL)
-				strlcat(buf, tmp, PATH_MAX);
+				xstrlcat(buf, tmp, PATH_MAX);
 			break;
 		case PATH_SEG_TPL:
-			strlcat(buf, tpl, PATH_MAX);
+			xstrlcat(buf, tpl, PATH_MAX);
 			break;
 		}
 		seg = seg->tps_next;

diff --git a/piv-ca.c b/piv-ca.c
@@ -1803,10 +1803,10 @@ ca_write_key_backup(struct ca *ca, struct sshkey *privkey)
 	if (err != ERRF_OK)
 		goto out;
 
-	strlcpy(fname, ca->ca_base_path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".key.ebox", sizeof (fname));
+	xstrlcpy(fname, ca->ca_base_path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".key.ebox", sizeof (fname));
 
 	baf = fopen(fname, "w");
 	if (baf == NULL) {
@@ -1887,12 +1887,12 @@ ca_write_pukpin(struct ca *ca, enum piv_pin type, boolean_t old,
 	if (err != ERRF_OK)
 		goto out;
 
-	strlcpy(fname, ca->ca_base_path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".", sizeof (fname));
-	strlcat(fname, typeslug, sizeof (fname));
-	strlcat(fname, ".ebox", sizeof (fname));
+	xstrlcpy(fname, ca->ca_base_path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".", sizeof (fname));
+	xstrlcat(fname, typeslug, sizeof (fname));
+	xstrlcat(fname, ".ebox", sizeof (fname));
 
 	baf = fopen(fname, "w");
 	if (baf == NULL) {
@@ -2170,8 +2170,8 @@ ca_generate(const char *path, struct ca_new_args *args, struct piv_token *tkn,
 		goto out;
 	}
 
-	strlcpy(fname, path, sizeof (fname));
-	strlcat(fname, "/pivy-ca.json", sizeof (fname));
+	xstrlcpy(fname, path, sizeof (fname));
+	xstrlcat(fname, "/pivy-ca.json", sizeof (fname));
 
 	caf = fopen(fname, "w");
 	if (caf == NULL) {
@@ -2394,10 +2394,10 @@ ca_generate(const char *path, struct ca_new_args *args, struct piv_token *tkn,
 	if (err != ERRF_OK)
 		goto out;
 
-	strlcpy(fname, path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".crt", sizeof (fname));
+	xstrlcpy(fname, path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".crt", sizeof (fname));
 
 	crtf = fopen(fname, "w");
 	if (crtf == NULL) {
@@ -2647,12 +2647,12 @@ load_ebox_file(struct ca *ca, const char *typeslug, struct ebox **outp)
 	struct ebox *box = NULL;
 	int rc;
 
-	strlcpy(fname, ca->ca_base_path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".", sizeof (fname));
-	strlcat(fname, typeslug, sizeof (fname));
-	strlcat(fname, ".ebox", sizeof (fname));
+	xstrlcpy(fname, ca->ca_base_path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".", sizeof (fname));
+	xstrlcat(fname, typeslug, sizeof (fname));
+	xstrlcat(fname, ".ebox", sizeof (fname));
 
 	f = fopen(fname, "r");
 	if (f == NULL) {
@@ -2798,8 +2798,8 @@ ca_open(const char *path, struct ca **outca)
 		goto out;
 	}
 
-	strlcpy(fname, path, sizeof (fname));
-	strlcat(fname, "/pivy-ca.json", sizeof (fname));
+	xstrlcpy(fname, path, sizeof (fname));
+	xstrlcat(fname, "/pivy-ca.json", sizeof (fname));
 
 	err = read_text_file(fname, &buf, &len);
 	if (err != ERRF_OK)
@@ -2844,10 +2844,10 @@ ca_open(const char *path, struct ca **outca)
 
 	ca_recalc_slug(ca);
 
-	strlcpy(fname, path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".crt", sizeof (fname));
+	xstrlcpy(fname, path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".crt", sizeof (fname));
 
 	free(buf);
 	buf = NULL;
@@ -3326,10 +3326,10 @@ ca_log_verify(struct ca *ca, char **final_hash, log_iter_cb_t cb, void *cookie)
 	uint8_t *rptr;
 	size_t rlen;
 
-	strlcpy(fname, ca->ca_base_path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".log", sizeof (fname));
+	xstrlcpy(fname, ca->ca_base_path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".log", sizeof (fname));
 
 	hbuf = sshbuf_new();
 	if (hbuf == NULL) {
@@ -3923,10 +3923,10 @@ ca_log_init(struct ca *ca, struct ca_session *sess, BIGNUM *ca_serial,
 	size_t done;
 	char *serialhex = NULL;
 
-	strlcpy(fname, ca->ca_base_path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".log", sizeof (fname));
+	xstrlcpy(fname, ca->ca_base_path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".log", sizeof (fname));
 
 	logf = fopen(fname, "w");
 	if (logf == NULL) {
@@ -4013,10 +4013,10 @@ ca_log_crl_gen(struct ca *ca, struct ca_session *sess, X509_CRL *crl, uint seq)
 		goto out;
 	}
 
-	strlcpy(fname, ca->ca_base_path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".log", sizeof (fname));
+	xstrlcpy(fname, ca->ca_base_path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".log", sizeof (fname));
 
 	logf = fopen(fname, "a");
 	if (logf == NULL) {
@@ -4145,10 +4145,10 @@ ca_log_revoke_serial(struct ca *ca, struct ca_session *sess, BIGNUM *serial)
 		goto out;
 	}
 
-	strlcpy(fname, ca->ca_base_path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".log", sizeof (fname));
+	xstrlcpy(fname, ca->ca_base_path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".log", sizeof (fname));
 
 	logf = fopen(fname, "a");
 	if (logf == NULL) {
@@ -4244,10 +4244,10 @@ ca_log_cert_action(struct ca *ca, struct ca_session *sess, const char *action,
 		goto out;
 	}
 
-	strlcpy(fname, ca->ca_base_path, sizeof (fname));
-	strlcat(fname, "/", sizeof (fname));
-	strlcat(fname, ca->ca_slug, sizeof (fname));
-	strlcat(fname, ".log", sizeof (fname));
+	xstrlcpy(fname, ca->ca_base_path, sizeof (fname));
+	xstrlcat(fname, "/", sizeof (fname));
+	xstrlcat(fname, ca->ca_slug, sizeof (fname));
+	xstrlcat(fname, ".log", sizeof (fname));
 
 	logf = fopen(fname, "a");
 	if (logf == NULL) {
@@ -4959,8 +4959,8 @@ ca_config_write(struct ca *ca, struct ca_session *sess)
 
 	jsonstr = json_object_to_json_string_ext(robj, JSON_C_TO_STRING_PRETTY);
 
-	strlcpy(fname, ca->ca_base_path, sizeof (fname));
-	strlcat(fname, "/pivy-ca.json", sizeof (fname));
+	xstrlcpy(fname, ca->ca_base_path, sizeof (fname));
+	xstrlcat(fname, "/pivy-ca.json", sizeof (fname));
 
 	caf = fopen(fname, "w");
 	if (caf == NULL) {
@@ -5321,8 +5321,8 @@ scope_populate_req(struct cert_var_scope *scope, X509_REQ *req)
 		vbuf[len] = '\0';
 
 		for (j = 0; j < nms; ++j) {
-			strlcpy(kbuf, "req_", sizeof (kbuf));
-			strlcat(kbuf, names[j], sizeof (kbuf));
+			xstrlcpy(kbuf, "req_", sizeof (kbuf));
+			xstrlcat(kbuf, names[j], sizeof (kbuf));
 
 			err = scope_set(scope, kbuf, vbuf);
 			if (err != ERRF_OK)

diff --git a/piv-certs.c b/piv-certs.c
@@ -1776,8 +1776,8 @@ populate_user_email(struct cert_var_scope *cs, X509 *cert)
 	cfglen = strlen(email) + 8;
 	cfg = calloc(cfglen, 1);
 	VERIFY(cfg != NULL);
-	strlcat(cfg, "email:", cfglen);
-	strlcat(cfg, email, cfglen);
+	xstrlcat(cfg, "email:", cfglen);
+	xstrlcat(cfg, email, cfglen);
 
 	X509V3_set_ctx_nodb(&x509ctx);
 	X509V3_set_ctx(&x509ctx, cert, cert, NULL, NULL, 0);
@@ -2060,11 +2060,11 @@ populate_ca(struct cert_var_scope *cs, X509 *cert)
 	X509V3_set_nconf(&x509ctx, config);
 	X509V3_set_ctx(&x509ctx, cert, cert, NULL, NULL, 0);
 
-	strlcpy(basic, "critical,CA:TRUE", sizeof (basic));
+	xstrlcpy(basic, "critical,CA:TRUE", sizeof (basic));
 	err = scope_eval(cs, "path_len", &pathlen);
 	if (err == ERRF_OK) {
-		strlcat(basic, ",pathlen:", sizeof (basic));
-		strlcat(basic, pathlen, sizeof (basic));
+		xstrlcat(basic, ",pathlen:", sizeof (basic));
+		xstrlcat(basic, pathlen, sizeof (basic));
 	} else {
 		errf_free(err);
 	}
@@ -2391,8 +2391,8 @@ rpopulate_user_email(struct cert_var_scope *cs, X509_REQ *req)
 	cfglen = strlen(email) + 8;
 	cfg = calloc(cfglen, 1);
 	VERIFY(cfg != NULL);
-	strlcat(cfg, "email:", cfglen);
-	strlcat(cfg, email, cfglen);
+	xstrlcat(cfg, "email:", cfglen);
+	xstrlcat(cfg, email, cfglen);
 
 	X509V3_set_ctx_nodb(&x509ctx);
 	X509V3_set_ctx(&x509ctx, NULL, NULL, req, NULL, 0);
@@ -2634,8 +2634,8 @@ rpopulate_ca(struct cert_var_scope *cs, X509_REQ *req)
 	strlcpy(basic, "critical,CA:TRUE", sizeof (basic));
 	err = scope_eval(cs, "path_len", &pathlen);
 	if (err == ERRF_OK) {
-		strlcat(basic, ",pathlen:", sizeof (basic));
-		strlcat(basic, pathlen, sizeof (basic));
+		xstrlcat(basic, ",pathlen:", sizeof (basic));
+		xstrlcat(basic, pathlen, sizeof (basic));
 	} else {
 		errf_free(err);
 	}
@@ -3489,9 +3489,9 @@ load_ossl_config(const char *section, struct cert_var_scope *cs, CONF **out)
 					goto out;
 				}
 
-				strlcpy(namebuf, "_ossl_config:",
+				xstrlcpy(namebuf, "_ossl_config:",
 				    sizeof (namebuf));
-				strlcat(namebuf, fname, sizeof (namebuf));
+				xstrlcat(namebuf, fname, sizeof (namebuf));
 				name = namebuf;
 
 				cvv = scope_lookup(cs, namebuf, 1);
@@ -3505,9 +3505,9 @@ load_ossl_config(const char *section, struct cert_var_scope *cs, CONF **out)
 
 			} else if (name[0] == '@') {
 				cvv = scope_lookup(cs, name, 1);
-				strlcpy(prefix, "[", sizeof (prefix));
-				strlcat(prefix, name + 1, sizeof (prefix));
-				strlcat(prefix, "]\n", sizeof (prefix));
+				xstrlcpy(prefix, "[", sizeof (prefix));
+				xstrlcat(prefix, name + 1, sizeof (prefix));
+				xstrlcat(prefix, "]\n", sizeof (prefix));
 
 			} else {
 				continue;

diff --git a/piv-fascn.c b/piv-fascn.c
@@ -380,7 +380,7 @@ strpaddup(const char *instr, size_t len, char prefix)
 	for (i = 0; i < pad; ++i)
 		out[i] = prefix;
 	out[pad] = '\0';
-	strlcat(out, instr, len + 1);
+	xstrlcat(out, instr, len + 1);
 	return (out);
 }
 

diff --git a/pkinit_asn1.c b/pkinit_asn1.c
@@ -211,8 +211,8 @@ i2v_PKINIT_PRINC(PKINIT_PRINC *princ)
 		bcopy(ASN1_STRING_get0_data(gs), p, len);
 		p[len] = '\0';
 		if (*out != '\0')
-			strlcat(out, "/", outlen);
-		strlcat(out, p, outlen);
+			xstrlcat(out, "/", outlen);
+		xstrlcat(out, p, outlen);
 		free(p);
 		sk_ASN1_GENERALSTRING_push(gss, gs);
 	}
@@ -223,8 +223,8 @@ i2v_PKINIT_PRINC(PKINIT_PRINC *princ)
 	p = malloc(len + 1);
 	bcopy(ASN1_STRING_get0_data(princ->realm), p, len);
 	p[len] = '\0';
-	strlcat(out, "@", outlen);
-	strlcat(out, p, outlen);
+	xstrlcat(out, "@", outlen);
+	xstrlcat(out, p, outlen);
 	free(p);
 
 	return (out);

diff --git a/utils.c b/utils.c
@@ -30,7 +30,15 @@ xstrlcat(char *buf, const char *str, size_t buflen)
 {
 	size_t rc;
 	rc = strlcat(buf, str, buflen);
-	VERIFY3U(rc, <=, buflen);
+	VERIFY3U(rc, <, buflen);
+}
+
+void
+xstrlcpy(char *buf, const char *str, size_t buflen)
+{
+	size_t rc;
+	rc = strlcpy(buf, str, buflen);
+	VERIFY3U(rc, <, buflen);
 }
 
 void

diff --git a/utils.h b/utils.h
@@ -130,6 +130,7 @@ void freezero(void *ptr, size_t size);
 #endif
 
 void xstrlcat(char *, const char *, size_t);
+void xstrlcpy(char *, const char *, size_t);
 
 char *buf_to_hex(const uint8_t *buf, size_t len, boolean_t spaces);
-Original file line number
+Diff line change
@@ Expand Up / @@ -130,6 +130,7 @@ void freezero(void *ptr, size_t size); @@
     #endif
     void xstrlcat(char *, const char *, size_t);
+    void xstrlcpy(char *, const char *, size_t);
     char *buf_to_hex(const uint8_t *buf, size_t len, boolean_t spaces);
@@ Expand Down @@