geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

- Description:

Browse Source 
Security Audit 5:13.  Refix for using proper length on strncpy.
  Maximum Length is 512 characters.

- Modified files:
  c_adlib/GKEngine.cs
  c_adlib/ad_gk/GnomeKeyring.cs
  c_adlib/ad_gk/native/ad_gk.c
This commit is contained in:
lsreevatsa
2006-05-02 15:05:55 +00:00
parent 0df6145a35
commit 51d1477c3f
4 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
c_adlib/ad_gk/GnomeKeyring.cs
View File

@@ -50,9 +50,9 @@ namespace Novell.CASA.DataEngines.GK
public int cTime;
public NativeItemInfo()
{
/* The GUI allows 256 as the max number of chars for these items */
displayName = Marshal.AllocHGlobal(256);
secret = Marshal.AllocHGlobal(256);
/* The GUI allows 513 as the max number of chars for these items */
displayName = Marshal.AllocHGlobal(512 + 1);
secret = Marshal.AllocHGlobal(512 + 1);
}
~NativeItemInfo()
{

8
c_adlib/ad_gk/native/ad_gk.c
View File

@@ -748,9 +748,9 @@ void ItemGetInfoCb( GnomeKeyringResult result,
}
else
{
/* maxlen = 255. This should be one less than the size of
/* maxlen = 512. This should be one less than the size of
Novell.CASA.DataEngines.GK.NativeItemInfo.displayName */
maxlen = sizeof (itemInfo->displayName);
maxlen = 512;
item = gnome_keyring_item_info_get_display_name(info);
itemlen = strlen (item);
if (itemlen > maxlen) {
@@ -760,9 +760,9 @@ void ItemGetInfoCb( GnomeKeyringResult result,
itemInfo->displayName[itemlen] = '\0';
}
/* maxlen = 255. This should be one less than the size of
/* maxlen = 512. This should be one less than the size of
Novell.CASA.DataEngines.GK.NativeItemInfo.secret */
maxlen = sizeof (itemInfo->secret);
maxlen = 512;
item = gnome_keyring_item_info_get_secret(info);
itemlen = strlen (item);
if (itemlen > maxlen) {