s3:winbind: Fix integer type of len

"Error: INTEGER_OVERFLOW (CWE-190):
samba-4.20.0rc2/source3/winbindd/winbindd_cache.c:849: cast_overflow: Truncation due to cast operation on ""len"" from 32 to 8 bits.
samba-4.20.0rc2/source3/winbindd/winbindd_cache.c:851: overflow_sink: ""len"", which might have overflowed, is passed to ""memcpy(centry->data + centry->ofs, s, len)"". [Note: The source code implementation of the function has been overridden by a builtin model.]
  849|   	centry_put_uint8(centry, len);
  850|   	centry_expand(centry, len);
  851|-> 	memcpy(centry->data + centry->ofs, s, len);
  852|   	centry->ofs += len;
  853|   }"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>

diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 833862ab99eff06d4fd185383423776d2d25879b..0e42687658290ebb9491ed6f61b1599ed30159f7 100644 (file)
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -834,7 +834,7 @@ static void centry_put_uint8(struct cache_entry *centry, uint8_t v)
  */
 static void centry_put_string(struct cache_entry *centry, const char *s)
 {
-       int len;
+       size_t len;
 
        if (!s) {
                /* null strings are marked as len 0xFFFF */
@@ -845,7 +845,8 @@ static void centry_put_string(struct cache_entry *centry, const char *s)
        len = strlen(s);
        /* can't handle more than 254 char strings. Truncating is probably best */
        if (len > 254) {
-               DBG_DEBUG("centry_put_string: truncating len (%d) to: 254\n", len);
+               DBG_DEBUG("centry_put_string: truncating len (%zu) to: 254\n",
+                         len);
                len = 254;
        }
        centry_put_uint8(centry, len);