X-Git-Url: https://git.m6w6.name/?a=blobdiff_plain;f=libmemcached%2Fsasl.c;h=669207950d56342680d7078ba4503652223383e4;hb=3dee67d04099cc5e2986ed94aa612f429f54d6fb;hp=d77532de5cfcd5225241b98951647c2271b28417;hpb=4767d70bea3e4930081016a15630ac927757962b;p=m6w6%2Flibmemcached

diff --git a/libmemcached/sasl.c b/libmemcached/sasl.c
index d77532de..66920795 100644
--- a/libmemcached/sasl.c
+++ b/libmemcached/sasl.c
@@ -30,7 +30,7 @@ const sasl_callback_t *memcached_get_sasl_callbacks(memcached_st *ptr)
  * @param raddr remote address (out)
  * @return true on success false otherwise (errno contains more info)
  */
-static bool resolve_names(int fd, char *laddr, char *raddr)
+static bool resolve_names(int fd, char *laddr, size_t laddr_length, char *raddr, size_t raddr_length)
 {
   char host[NI_MAXHOST];
   char port[NI_MAXSERV];
@@ -44,7 +44,7 @@ static bool resolve_names(int fd, char *laddr, char *raddr)
     return false;
   }
 
-  (void)sprintf(laddr, "%s;%s", host, port);
+  (void)snprintf(laddr, laddr_length, "%s;%s", host, port);
   salen= sizeof(saddr);
 
   if ((getpeername(fd, (struct sockaddr *)&saddr, &salen) < 0) ||
@@ -54,7 +54,7 @@ static bool resolve_names(int fd, char *laddr, char *raddr)
     return false;
   }
 
-  (void)sprintf(raddr, "%s;%s", host, port);
+  (void)snprintf(raddr, raddr_length, "%s;%s", host, port);
 
   return true;
 }
@@ -108,7 +108,7 @@ memcached_return_t memcached_sasl_authenticate_connection(memcached_server_st *s
   char laddr[NI_MAXHOST + NI_MAXSERV];
   char raddr[NI_MAXHOST + NI_MAXSERV];
 
-  unlikely (!resolve_names(server->fd, laddr, raddr))
+  unlikely (!resolve_names(server->fd, laddr, sizeof(laddr), raddr, sizeof(raddr)))
   {
     server->cached_errno= errno;
     return MEMCACHED_ERRNO;
@@ -141,12 +141,12 @@ memcached_return_t memcached_sasl_authenticate_connection(memcached_server_st *s
   do {
     /* send the packet */
 
-    struct __write_vector_st vector[]=  
-    { 
-      { .length= sizeof(request.bytes), .buffer= request.bytes }, 
-      { .length= keylen, .buffer= chosenmech }, 
-      { .length= len, .buffer= data } 
-    };  
+    struct libmemcached_io_vector_st vector[]=
+    {
+      { .length= sizeof(request.bytes), .buffer= request.bytes },
+      { .length= keylen, .buffer= chosenmech },
+      { .length= len, .buffer= data }
+    };
 
     if (memcached_io_writev(server, vector, 3, true) == -1)
     {
@@ -225,8 +225,8 @@ memcached_return_t memcached_set_sasl_auth_data(memcached_st *ptr,
 
   sasl_callback_t *cb= libmemcached_calloc(ptr, 4, sizeof(sasl_callback_t));
   char *name= libmemcached_malloc(ptr, strlen(username) + 1);
-  sasl_secret_t *secret= libmemcached_malloc(ptr, strlen(password) + 1 + sizeof(*secret))
-;
+  size_t password_length= strlen(password);
+  sasl_secret_t *secret= libmemcached_malloc(ptr, password_length +1 + sizeof(*secret));
   if (cb == NULL || name == NULL || secret == NULL)
   {
     libmemcached_free(ptr, cb);
@@ -236,11 +236,12 @@ memcached_return_t memcached_set_sasl_auth_data(memcached_st *ptr,
   }
 
   secret->len= strlen(password);
-  strcpy((void*)secret->data, password);
+  memcpy(secret->data, password, password_length);
+  secret->data[password_length]= 0;
 
   cb[0].id= SASL_CB_USER;
   cb[0].proc= get_username;
-  cb[0].context= strcpy(name, username);
+  cb[0].context= strncpy(name, username, sizeof(cb[0].context));
   cb[1].id= SASL_CB_AUTHNAME;
   cb[1].proc= get_username;
   cb[1].context= name;
@@ -277,6 +278,12 @@ memcached_return_t memcached_destroy_sasl_auth_data(memcached_st *ptr)
 
 memcached_return_t memcached_clone_sasl(memcached_st *clone, const  memcached_st *source)
 {
+
+  if (source->sasl.callbacks == NULL)
+  {
+    return MEMCACHED_SUCCESS;
+  }
+
   /* Hopefully we are using our own callback mechanisms.. */
   if (source->sasl.callbacks[0].id == SASL_CB_USER &&
       source->sasl.callbacks[0].proc == get_username &&
@@ -299,7 +306,8 @@ memcached_return_t memcached_clone_sasl(memcached_st *clone, const  memcached_st
    */
   size_t total= 0;
 
-  while (source->sasl.callbacks[total].id != SASL_CB_LIST_END) {
+  while (source->sasl.callbacks[total].id != SASL_CB_LIST_END)
+  {
     switch (source->sasl.callbacks[total].id)
     {
     case SASL_CB_USER:
@@ -314,8 +322,7 @@ memcached_return_t memcached_clone_sasl(memcached_st *clone, const  memcached_st
     ++total;
   }
 
-  sasl_callback_t *cb= libmemcached_calloc(clone, total + 1,
-                                           sizeof(sasl_callback_t));
+  sasl_callback_t *cb= libmemcached_calloc(clone, total + 1, sizeof(sasl_callback_t));
   if (cb == NULL)
   {
     return MEMCACHED_MEMORY_ALLOCATION_FAILURE;
@@ -328,6 +335,7 @@ memcached_return_t memcached_clone_sasl(memcached_st *clone, const  memcached_st
     if (cb[x].id == SASL_CB_USER || cb[x].id == SASL_CB_AUTHNAME)
     {
       cb[x].context= libmemcached_malloc(clone, strlen(source->sasl.callbacks[x].context));
+
       if (cb[x].context == NULL)
       {
         /* Failed to allocate memory, clean up previously allocated memory */
@@ -339,7 +347,7 @@ memcached_return_t memcached_clone_sasl(memcached_st *clone, const  memcached_st
         libmemcached_free(clone, cb);
         return MEMCACHED_MEMORY_ALLOCATION_FAILURE;
       }
-      strcpy(cb[x].context, source->sasl.callbacks[x].context);
+      strncpy(cb[x].context, source->sasl.callbacks[x].context, sizeof(cb[x].context));
     }
     else
     {