From 370c138addb7d1dd4a105d354efb13c3c56c0e65 Mon Sep 17 00:00:00 2001 From: Peter Wemm Date: Mon, 30 Dec 1996 14:19:34 +0000 Subject: [PATCH] - buffer overflow fix, from OpenBSD - optimise the error number -> string mapping code Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code. --- lib/libc/rpc/clnt_perror.c | 168 +++++++++++++------------------------ 1 file changed, 58 insertions(+), 110 deletions(-) diff --git a/lib/libc/rpc/clnt_perror.c b/lib/libc/rpc/clnt_perror.c index 0bcd8f048a10..adf3bd08f6ee 100644 --- a/lib/libc/rpc/clnt_perror.c +++ b/lib/libc/rpc/clnt_perror.c @@ -30,7 +30,7 @@ #if defined(LIBC_SCCS) && !defined(lint) /*static char *sccsid = "from: @(#)clnt_perror.c 1.15 87/10/07 Copyr 1984 Sun Micro";*/ /*static char *sccsid = "from: @(#)clnt_perror.c 2.1 88/07/29 4.0 RPCSRC";*/ -static char *rcsid = "$Id: clnt_perror.c,v 1.4 1995/12/10 17:40:18 wpaul Exp $"; +static char *rcsid = "$Id: clnt_perror.c,v 1.5 1996/06/10 20:13:02 jraynard Exp $"; #endif /* @@ -48,6 +48,7 @@ static char *rcsid = "$Id: clnt_perror.c,v 1.4 1995/12/10 17:40:18 wpaul Exp $"; #include static char *auth_errmsg(); +#define CLNT_PERROR_BUFLEN 256 static char *buf; @@ -56,7 +57,7 @@ _buf() { if (buf == 0) - buf = (char *)malloc(256); + buf = (char *)malloc(CLNT_PERROR_BUFLEN); return (buf); } @@ -69,7 +70,6 @@ clnt_sperror(rpch, s) char *s; { struct rpc_err e; - void clnt_perrno(); char *err; char *str = _buf(); char *strstart = str; @@ -78,10 +78,7 @@ clnt_sperror(rpch, s) return (0); CLNT_GETERR(rpch, &e); - (void) sprintf(str, "%s: ", s); - str += strlen(str); - - (void) strcpy(str, clnt_sperrno(e.re_status)); + (void) sprintf(str, "%s: %s", s, clnt_sperrno(e.re_status)); str += strlen(str); switch (e.re_status) { @@ -102,16 +99,14 @@ clnt_sperror(rpch, s) case RPC_CANTSEND: case RPC_CANTRECV: - (void) sprintf(str, "; errno = %s", - strerror(e.re_errno)); - str += strlen(str); + (void) snprintf(str, CLNT_PERROR_BUFLEN - (str - strstart), + "; errno = %s\n", strerror(e.re_errno)); break; case RPC_VERSMISMATCH: (void) sprintf(str, - "; low version = %lu, high version = %lu", + "; low version = %lu, high version = %lu\n", e.re_vers.low, e.re_vers.high); - str += strlen(str); break; case RPC_AUTHERROR: @@ -119,30 +114,28 @@ clnt_sperror(rpch, s) (void) sprintf(str,"; why = "); str += strlen(str); if (err != NULL) { - (void) sprintf(str, "%s",err); + (void) sprintf(str, "%s\n",err); } else { (void) sprintf(str, - "(unknown authentication error - %d)", + "(unknown authentication error - %d)\n", (int) e.re_why); } - str += strlen(str); break; case RPC_PROGVERSMISMATCH: (void) sprintf(str, - "; low version = %lu, high version = %lu", + "; low version = %lu, high version = %lu\n", e.re_vers.low, e.re_vers.high); - str += strlen(str); break; default: /* unknown */ (void) sprintf(str, - "; s1 = %lu, s2 = %lu", + "; s1 = %lu, s2 = %lu\n", e.re_lb.s1, e.re_lb.s2); - str += strlen(str); break; } - (void) sprintf(str, "\n"); + strstart[CLNT_PERROR_BUFLEN-2] = '\n'; + strstart[CLNT_PERROR_BUFLEN-1] = '\0'; return(strstart) ; } @@ -155,48 +148,25 @@ clnt_perror(rpch, s) } -struct rpc_errtab { - enum clnt_stat status; - char *message; -}; - -static struct rpc_errtab rpc_errlist[] = { - { RPC_SUCCESS, - "RPC: Success" }, - { RPC_CANTENCODEARGS, - "RPC: Can't encode arguments" }, - { RPC_CANTDECODERES, - "RPC: Can't decode result" }, - { RPC_CANTSEND, - "RPC: Unable to send" }, - { RPC_CANTRECV, - "RPC: Unable to receive" }, - { RPC_TIMEDOUT, - "RPC: Timed out" }, - { RPC_VERSMISMATCH, - "RPC: Incompatible versions of RPC" }, - { RPC_AUTHERROR, - "RPC: Authentication error" }, - { RPC_PROGUNAVAIL, - "RPC: Program unavailable" }, - { RPC_PROGVERSMISMATCH, - "RPC: Program/version mismatch" }, - { RPC_PROCUNAVAIL, - "RPC: Procedure unavailable" }, - { RPC_CANTDECODEARGS, - "RPC: Server can't decode arguments" }, - { RPC_SYSTEMERROR, - "RPC: Remote system error" }, - { RPC_UNKNOWNHOST, - "RPC: Unknown host" }, - { RPC_UNKNOWNPROTO, - "RPC: Unknown protocol" }, - { RPC_PMAPFAILURE, - "RPC: Port mapper failure" }, - { RPC_PROGNOTREGISTERED, - "RPC: Program not registered"}, - { RPC_FAILED, - "RPC: Failed (unspecified error)"} +static const char *const rpc_errlist[] = { + "RPC: Success", /* 0 - RPC_SUCCESS */ + "RPC: Can't encode arguments", /* 1 - RPC_CANTENCODEARGS */ + "RPC: Can't decode result", /* 2 - RPC_CANTDECODERES */ + "RPC: Unable to send", /* 3 - RPC_CANTSEND */ + "RPC: Unable to receive", /* 4 - RPC_CANTRECV */ + "RPC: Timed out", /* 5 - RPC_TIMEDOUT */ + "RPC: Incompatible versions of RPC", /* 6 - RPC_VERSMISMATCH */ + "RPC: Authentication error", /* 7 - RPC_AUTHERROR */ + "RPC: Program unavailable", /* 8 - RPC_PROGUNAVAIL */ + "RPC: Program/version mismatch", /* 9 - RPC_PROGVERSMISMATCH */ + "RPC: Procedure unavailable", /* 10 - RPC_PROCUNAVAIL */ + "RPC: Server can't decode arguments", /* 11 - RPC_CANTDECODEARGS */ + "RPC: Remote system error", /* 12 - RPC_SYSTEMERROR */ + "RPC: Unknown host", /* 13 - RPC_UNKNOWNHOST */ + "RPC: Port mapper failure", /* 14 - RPC_PMAPFAILURE */ + "RPC: Program not registered", /* 15 - RPC_PROGNOTREGISTERED */ + "RPC: Failed (unspecified error)", /* 16 - RPC_FAILED */ + "RPC: Unknown protocol" /* 17 - RPC_UNKNOWNPROTO */ }; @@ -207,13 +177,11 @@ char * clnt_sperrno(stat) enum clnt_stat stat; { - int i; + unsigned int errnum = stat; + + if (errnum < (sizeof(rpc_errlist)/sizeof(rpc_errlist[0]))) + return (char *)rpc_errlist[errnum]; - for (i = 0; i < sizeof(rpc_errlist)/sizeof(struct rpc_errtab); i++) { - if (rpc_errlist[i].status == stat) { - return (rpc_errlist[i].message); - } - } return ("RPC: (unknown error code)"); } @@ -229,34 +197,29 @@ char * clnt_spcreateerror(s) char *s; { - extern int sys_nerr; char *str = _buf(); if (str == 0) return(0); - (void) sprintf(str, "%s: ", s); - (void) strcat(str, clnt_sperrno(rpc_createerr.cf_stat)); switch (rpc_createerr.cf_stat) { case RPC_PMAPFAILURE: - (void) strcat(str, " - "); - (void) strcat(str, + (void) snprintf(str, CLNT_PERROR_BUFLEN, "%s: %s - %s\n", s, + clnt_sperrno(rpc_createerr.cf_stat), clnt_sperrno(rpc_createerr.cf_error.re_status)); break; case RPC_SYSTEMERROR: - (void) strcat(str, " - "); - if (rpc_createerr.cf_error.re_errno > 0 - && rpc_createerr.cf_error.re_errno < sys_nerr) - (void) strcat(str, - strerror(rpc_createerr.cf_error.re_errno)); - else - (void) sprintf(&str[strlen(str)], "Error %d", - rpc_createerr.cf_error.re_errno); + (void) snprintf(str, CLNT_PERROR_BUFLEN, "%s: %s - %s\n", s, + clnt_sperrno(rpc_createerr.cf_stat), + strerror(rpc_createerr.cf_error.re_errno)); break; default: + (void) snprintf(str, CLNT_PERROR_BUFLEN, "%s: %s\n", s, + clnt_sperrno(rpc_createerr.cf_stat)); break; } - (void) strcat(str, "\n"); + str[CLNT_PERROR_BUFLEN-2] = '\n'; + str[CLNT_PERROR_BUFLEN-1] = '\0'; return (str); } @@ -267,40 +230,25 @@ clnt_pcreateerror(s) (void) fprintf(stderr,"%s\n",clnt_spcreateerror(s)); } -struct auth_errtab { - enum auth_stat status; - char *message; -}; - -static struct auth_errtab auth_errlist[] = { - { AUTH_OK, - "Authentication OK" }, - { AUTH_BADCRED, - "Invalid client credential" }, - { AUTH_REJECTEDCRED, - "Server rejected credential" }, - { AUTH_BADVERF, - "Invalid client verifier" }, - { AUTH_REJECTEDVERF, - "Server rejected verifier" }, - { AUTH_TOOWEAK, - "Client credential too weak" }, - { AUTH_INVALIDRESP, - "Invalid server verifier" }, - { AUTH_FAILED, - "Failed (unspecified error)" }, +static const char *const auth_errlist[] = { + "Authentication OK", /* 0 - AUTH_OK */ + "Invalid client credential", /* 1 - AUTH_BADCRED */ + "Server rejected credential", /* 2 - AUTH_REJECTEDCRED */ + "Invalid client verifier", /* 3 - AUTH_BADVERF */ + "Server rejected verifier", /* 4 - AUTH_REJECTEDVERF */ + "Client credential too weak", /* 5 - AUTH_TOOWEAK */ + "Invalid server verifier", /* 6 - AUTH_INVALIDRESP */ + "Failed (unspecified error)" /* 7 - AUTH_FAILED */ }; static char * auth_errmsg(stat) enum auth_stat stat; { - int i; + unsigned int errnum = stat; + + if (errnum < (sizeof(auth_errlist)/sizeof(auth_errlist[0]))) + return (char *)auth_errlist[errnum]; - for (i = 0; i < sizeof(auth_errlist)/sizeof(struct auth_errtab); i++) { - if (auth_errlist[i].status == stat) { - return(auth_errlist[i].message); - } - } return(NULL); }