Pass sizeof buffer to cf_expand_variables

author Alan T. DeKok <aland@freeradius.org>

Fri, 25 Nov 2011 14:22:36 +0000 (15:22 +0100)

committer Alan T. DeKok <aland@freeradius.org>

Fri, 25 Nov 2011 14:22:36 +0000 (15:22 +0100)
author Alan T. DeKok <aland@freeradius.org>
Fri, 25 Nov 2011 14:22:36 +0000 (15:22 +0100)
committer Alan T. DeKok <aland@freeradius.org>
Fri, 25 Nov 2011 14:22:36 +0000 (15:22 +0100)
diff --git a/src/main/conffile.c b/src/main/conffile.c

index ab65a5e..e206da1 100644 (file)
--- a/src/main/conffile.c
+++ b/src/main/conffile.c
@@ -101,7 +101,8 @@ static void *cf_data_find_internal(CONF_SECTION *cs, const char *name,
                                    int flag);
  static const char *cf_expand_variables(const char *cf, int *lineno,
                                        CONF_SECTION *outercs,
-                                      char *output, const char *input);
+                                      char *output, size_t outsize,
+                                      const char *input);
  
  int cf_log_config = 1;
  int cf_log_modules = 1;
@@ -420,7 +421,7 @@ static CONF_SECTION *cf_section_alloc(const char *name1, const char *name2,
         size_t name1_len, name2_len = 0;
         char *p;
         CONF_SECTION    *cs;
-       char buffer[256];
+       char buffer[1024];
  
         if (!name1) return NULL;
  
@@ -430,7 +431,7 @@ static CONF_SECTION *cf_section_alloc(const char *name1, const char *name2,
                         p = cf_expand_variables(parent->item.filename,
                                                 &parent->item.lineno,
                                                 parent,
-                                               buffer, name2);
+                                               buffer, sizeof(buffer), name2);
                         if (!p) {
                                 radlog(L_ERR, "Failed expanding section name");
                                 return NULL;
@@ -730,7 +731,8 @@ CONF_SECTION *cf_top_section(CONF_SECTION *cs)
   */
  static const char *cf_expand_variables(const char *cf, int *lineno,
                                        CONF_SECTION *outercs,
-                                      char *output, const char *input)
+                                      char *output, size_t outsize,
+                                      const char *input)
  {
         char *p;
         const char *end, *ptr;
@@ -858,6 +860,8 @@ static const char *cf_expand_variables(const char *cf, int *lineno,
                          */
                         *(p++) = *(ptr++);
                 }
+
+               if ((p - output) > outsize) return NULL;                
         } /* loop over all of the input string. */
  
         *p = '\0';
@@ -957,7 +961,8 @@ int cf_item_parse(CONF_SECTION *cs, const char *name,
                          */
                         value = cf_expand_variables("<internal>",
                                                     &lineno,
-                                                   cs, buffer, value);
+                                                   cs, buffer, sizeof(buffer),
+                                                   value);
                         if (!value) {
                                 cf_log_err(cf_sectiontoitem(cs),"Failed expanding variable %s", name);
                                 return -1;
@@ -996,7 +1001,8 @@ int cf_item_parse(CONF_SECTION *cs, const char *name,
                          */
                         value = cf_expand_variables("?",
                                                     &lineno,
-                                                   cs, buffer, value);
+                                                   cs, buffer, sizeof(buffer),
+                                                   value);
                         if (!value) return -1;
                 }
  
@@ -1445,7 +1451,7 @@ static int cf_section_read(const char *filename, int *lineno, FILE *fp,
  
                         if (buf2[0] == '$') relative = 0;
  
-                       value = cf_expand_variables(filename, lineno, this, buf, buf2);
+                       value = cf_expand_variables(filename, lineno, this, buf, sizeof(buf), buf2);
                         if (!value) return -1;
  
                         if (!FR_DIR_IS_RELATIVE(value)) relative = 0;
@@ -1630,7 +1636,7 @@ static int cf_section_read(const char *filename, int *lineno, FILE *fp,
                         if ((t3 == T_BARE_WORD) ||
                             (t3 == T_DOUBLE_QUOTED_STRING)) {
                                 value = cf_expand_variables(filename, lineno, this,
-                                                           buf, buf3);
+                                                           buf, sizeof(buf), buf3);
                                 if (!value) return -1;
                         } else if ((t3 == T_EOL) ||
                                    (t3 == T_HASH)) {
author	Alan T. DeKok <aland@freeradius.org>
	Fri, 25 Nov 2011 14:22:36 +0000 (15:22 +0100)
committer	Alan T. DeKok <aland@freeradius.org>
	Fri, 25 Nov 2011 14:22:36 +0000 (15:22 +0100)