[Fedora-directory-commits] adminserver/include i18n.h,1.4,1.5

[Richard Allen Megginson (rmeggins)]

Author: rmeggins

Update of /cvs/dirsec/adminserver/include
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28761/adminserver/include

Modified Files:
	i18n.h 
Log Message:
Bug(s) fixed: 186280
Bug Description: adminserver: Close potential security vulnerabilities 
in CGI code
Reviewed by: Rob, Pete, Nathan, Noriko (Thanks!)
Fix Description: Most of this just involves making sure that we use 
PR_snprintf/PL_strncpyz/PL_strcatn where able, or just making sure we 
use snprintf/strncpy/strncat correctly and null terminate the buffers.  
I also got rid of some dead code, unused variables, and the like.  There 
are a few cases that are more complex that I have specified below.  In 
some cases I had to change the function signature to add a size 
parameter in cases where the function was copying to a given char * and 
the size was assumed (in most cases this was safe but it's still dangerous).
Platforms tested: Fedora Core 5
Flag Day: no
Doc impact: no



Index: i18n.h
===================================================================
RCS file: /cvs/dirsec/adminserver/include/i18n.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- i18n.h	18 Aug 2005 19:14:21 -0000	1.4
+++ i18n.h	31 Mar 2006 22:58:21 -0000	1.5
@@ -147,7 +147,7 @@
 
 NSAPI_PUBLIC
 int
-GetFileForLanguage(char* filepath,char* language,char* existingFilepath);
+GetFileForLanguage(char* filepath,char* language,char* existingFilepath, size_t existingSize);
 
 /* Looks for a file in the appropriate language.