From a57156d3aeed8d4d8c9879d18bfc34619e907679 Mon Sep 17 00:00:00 2001 From: Bob Friesenhahn Date: Mon, 13 Dec 2004 15:16:32 +0000 Subject: [PATCH] * libltdl/lt__strl.c, libltdl/libltdl/lt__strl.h: New files to emulate strlcat and strlcpy, which support size-bounded string copying and concatenation for improved security. * libltdl/Makefile.am (libdlloader_la_SOURCES): Build source files libltdl/lt__strl.c and libltdl/libltdl/lt__strl.h. * m4/ltdl.m4 (LTDL_INIT): Add checks for strlcat and strlcpy. --- ChangeLog | 9 +++ libltdl/Makefile.am | 4 +- libltdl/libltdl/lt__strl.h | 50 +++++++++++++++ libltdl/lt__strl.c | 126 +++++++++++++++++++++++++++++++++++++ m4/ltdl.m4 | 1 + 5 files changed, 189 insertions(+), 1 deletion(-) create mode 100644 libltdl/libltdl/lt__strl.h create mode 100644 libltdl/lt__strl.c diff --git a/ChangeLog b/ChangeLog index 4915d669c..5bfaa5295 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +2004-12-13 Bob Friesenhahn + + * libltdl/lt__strl.c, libltdl/libltdl/lt__strl.h: New files to + emulate strlcat and strlcpy, which support size-bounded string + copying and concatenation for improved security. + * libltdl/Makefile.am (libdlloader_la_SOURCES): Build source files + libltdl/lt__strl.c and libltdl/libltdl/lt__strl.h. + * m4/ltdl.m4 (LTDL_INIT): Add checks for strlcat and strlcpy. + 2004-12-09 Albert Chin-A-Young * config/ltmain.m4sh: Preserve -model [arg] option, used diff --git a/libltdl/Makefile.am b/libltdl/Makefile.am index 20d6b5b2a..9ec0624c4 100644 --- a/libltdl/Makefile.am +++ b/libltdl/Makefile.am @@ -35,7 +35,9 @@ pkgincludedir = $(includedir)/libltdl lib_LTLIBRARIES = libdlloader.la libdlloader_la_SOURCES = libltdl/lt_error.h lt_error.c \ - libltdl/lt__private.h libltdl/lt_system.h \ + libltdl/lt__private.h \ + lt__strl.c libltdl/lt__strl.h \ + libltdl/lt_system.h \ libltdl/lt__alloc.h lt__alloc.c \ libltdl/lt__glibc.h \ libltdl/lt__dirent.h \ diff --git a/libltdl/libltdl/lt__strl.h b/libltdl/libltdl/lt__strl.h new file mode 100644 index 000000000..5ad518f31 --- /dev/null +++ b/libltdl/libltdl/lt__strl.h @@ -0,0 +1,50 @@ +/* lt__strl.h -- size-bounded string copying and concatenation + Copyright (C) 2004 Free Software Foundation, Inc. + Written by Bob Friesenhahn + + NOTE: The canonical source of this file is maintained with the + GNU Libtool package. Report bugs to bug-libtool@gnu.org. + +This library is free software; you can redistribute it and/or +modify it under the terms of the GNU Lesser General Public +License as published by the Free Software Foundation; either +version 2 of the License, or (at your option) any later version. + +As a special exception to the GNU Lesser General Public License, +if you distribute this file as part of a program or library that +is built using GNU libtool, you may include it under the same +distribution terms that you use for the rest of that program. + +This library is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +Lesser General Public License for more details. + +You should have received a copy of the GNU Lesser General Public +License along with this library; if not, write to the Free Software +Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +02111-1307 USA + +*/ + +#if !defined(LT__STRL_H) +#define LT__STRL_H 1 + +#if defined(HAVE_CONFIG_H) +# include HAVE_CONFIG_H +#endif + +#include +#include "lt_system.h" + +#if !defined(HAVE_STRLCAT) +# define strlcat(dst,src,dstsize) lt_strlcat(dst,src,dstsize) +LT_SCOPE size_t lt_strlcat(char *dst, const char *src, const size_t dstsize); +#endif /* !defined(HAVE_STRLCAT) */ + +#if !defined(HAVE_STRLCPY) +# define strlcpy(dst,src,dstsize) lt_strlcpy(dst,src,dstsize) +LT_SCOPE size_t lt_strlcpy(char *dst, const char *src, const size_t dstsize); +#endif /* !defined(HAVE_STRLCPY) */ + +#endif /*!defined(LT__STRL_H)*/ diff --git a/libltdl/lt__strl.c b/libltdl/lt__strl.c new file mode 100644 index 000000000..6dcb71529 --- /dev/null +++ b/libltdl/lt__strl.c @@ -0,0 +1,126 @@ +/* lt__strl.c -- size-bounded string copying and concatenation + Copyright (C) 2004 Free Software Foundation, Inc. + Written by Bob Friesenhahn + + NOTE: The canonical source of this file is maintained with the + GNU Libtool package. Report bugs to bug-libtool@gnu.org. + +This library is free software; you can redistribute it and/or +modify it under the terms of the GNU Lesser General Public +License as published by the Free Software Foundation; either +version 2 of the License, or (at your option) any later version. + +As a special exception to the GNU Lesser General Public License, +if you distribute this file as part of a program or library that +is built using GNU libtool, you may include it under the same +distribution terms that you use for the rest of that program. + +This library is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +Lesser General Public License for more details. + +You should have received a copy of the GNU Lesser General Public +License along with this library; if not, write to the Free Software +Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +02111-1307 USA + +*/ + +#include +#include + +#include "lt__strl.h" + +/* + lt_strlcat appends the NULL-terminated string src to the end of dst. + It will append at most dstsize - strlen(dst) - 1 bytes, + NULL-terminating the result. The total length of the string which + would have been created given sufficient buffer size (may be longer + than dstsize) is returned. This function substitutes for strlcat() + which is available under NetBSD, FreeBSD and Solaris 9. + + Buffer overflow can be checked as follows: + + if (lt_strlcat(dst, src, dstsize) >= dstsize) + return -1; +*/ +#if !defined(HAVE_STRLCAT) +size_t +lt_strlcat(char *dst, const char *src, const size_t dstsize) +{ + size_t length; + char *p; + const char *q; + + assert(dst != NULL); + assert(src != (const char *) NULL); + assert(dstsize >= 1); + + length=strlen(dst); + + /* + Copy remaining characters from src while constraining length to + size - 1. + */ + for ( p = dst + length, q = src; + (*q != 0) && (length < dstsize - 1) ; + length++, p++, q++ ) + *p = *q; + + dst[length]='\0'; + + /* + Add remaining length of src to length. + */ + while (*q++) + length++; + + return length; +} +#endif /* !defined(HAVE_STRLCAT) */ + +/* + lt_strlcpy copies up to dstsize - 1 characters from the NULL-terminated + string src to dst, NULL-terminating the result. The total length of + the string which would have been created given sufficient buffer + size (may be longer than dstsize) is returned. This function + substitutes for strlcpy() which is available under OpenBSD, FreeBSD + and Solaris 9. + + Buffer overflow can be checked as follows: + + if (lt_strlcpy(dst, src, dstsize) >= dstsize) + return -1; +*/ +#if !defined(HAVE_STRLCPY) +size_t +lt_strlcpy(char *dst, const char *src, const size_t dstsize) +{ + size_t length=0; + char *p; + const char *q; + + assert(dst != NULL); + assert(src != (const char *) NULL); + assert(dstsize >= 1); + + /* + Copy src to dst within bounds of size-1. + */ + for ( p=dst, q=src, length=0 ; + (*q != 0) && (length < dstsize-1) ; + length++, p++, q++ ) + *p = *q; + + dst[length]='\0'; + + /* + Add remaining length of src to length. + */ + while (*q++) + length++; + + return length; +} +#endif /* !defined(HAVE_STRLCPY) */ diff --git a/m4/ltdl.m4 b/m4/ltdl.m4 index ade1e1fc3..90c9d2bca 100644 --- a/m4/ltdl.m4 +++ b/m4/ltdl.m4 @@ -188,6 +188,7 @@ AC_CHECK_HEADERS([memory.h unistd.h dl.h sys/dl.h dld.h mach-o/dyld.h], AC_CHECK_HEADERS([string.h strings.h], [break], [], [AC_INCLUDES_DEFAULT]) AC_CHECK_FUNCS([closedir opendir readdir], [], [AC_LIBOBJ([lt__dirent])]) +AC_CHECK_FUNCS([strlcat strlcpy]) ])# LTDL_INIT # Old name: -- 2.47.2