Merge commit '50d3e596bbe89c95615f96eb71f6bc5be737a1db' into Basilisk-releasev2018.07.18

# Conflicts: # browser/app/profile/firefox.js # browser/components/preferences/jar.mn
author: wolfbeast <mcwerewolf@gmail.com> 2018-07-18 08:24:24 +0200
committer: wolfbeast <mcwerewolf@gmail.com> 2018-07-18 08:24:24 +0200
commit: fc61780b35af913801d72086456f493f63197da6 (patch)
tree: f85891288a7bd988da9f0f15ae64e5c63f00d493 /security/nss/cmd/signtool/sign.c
parent: 69f7f9e5f1475891ce11cc4f431692f965b0cd30 (diff)
parent: 50d3e596bbe89c95615f96eb71f6bc5be737a1db (diff)
download: UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.tar
UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.tar.gz
UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.tar.lz
UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.tar.xz
UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.zip
1 files changed, 48 insertions, 10 deletions
diff --git a/security/nss/cmd/signtool/sign.c b/security/nss/cmd/signtool/sign.c
index 6e776069a..6f8e43946 100644
--- a/security/nss/cmd/signtool/sign.c
+++ b/security/nss/cmd/signtool/sign.c
@@ -43,6 +43,7 @@ SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
     int status;
     char tempfn[FNSIZE], fullfn[FNSIZE];
     int keyType = rsaKey;
+    int count;
 
     metafile = meta_file;
     optimize = _optimize;
@@ -81,9 +82,18 @@ SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
         }
 
         /* rsa/dsa to zip */
-        sprintf(tempfn, "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa"
-                                                                   : "rsa"));
-        sprintf(fullfn, "%s/%s", tree, tempfn);
+        count = snprintf(tempfn, sizeof(tempfn), "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa" : "rsa"));
+        if (count >= sizeof(tempfn)) {
+            PR_fprintf(errorFD, "unable to write key metadata\n");
+            errorCount++;
+            exit(ERRX);
+        }
+        count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
+        if (count >= sizeof(fullfn)) {
+            PR_fprintf(errorFD, "unable to write key metadata\n");
+            errorCount++;
+            exit(ERRX);
+        }
         JzipAdd(fullfn, tempfn, zipfile, compression_level);
 
         /* Loop through all files & subdirectories, add to archive */
@@ -93,20 +103,44 @@ SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
     }
     /* mf to zip */
     strcpy(tempfn, "META-INF/manifest.mf");
-    sprintf(fullfn, "%s/%s", tree, tempfn);
+    count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
+    if (count >= sizeof(fullfn)) {
+        PR_fprintf(errorFD, "unable to write manifest\n");
+        errorCount++;
+        exit(ERRX);
+    }
     JzipAdd(fullfn, tempfn, zipfile, compression_level);
 
     /* sf to zip */
-    sprintf(tempfn, "META-INF/%s.sf", base);
-    sprintf(fullfn, "%s/%s", tree, tempfn);
+    count = snprintf(tempfn, sizeof(tempfn), "META-INF/%s.sf", base);
+    if (count >= sizeof(tempfn)) {
+        PR_fprintf(errorFD, "unable to write sf metadata\n");
+        errorCount++;
+        exit(ERRX);
+    }
+    count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
+    if (count >= sizeof(fullfn)) {
+        PR_fprintf(errorFD, "unable to write sf metadata\n");
+        errorCount++;
+        exit(ERRX);
+    }
     JzipAdd(fullfn, tempfn, zipfile, compression_level);
 
     /* Add the rsa/dsa file to the zip archive normally */
     if (!xpi_arc) {
         /* rsa/dsa to zip */
-        sprintf(tempfn, "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa"
-                                                                   : "rsa"));
-        sprintf(fullfn, "%s/%s", tree, tempfn);
+        count = snprintf(tempfn, sizeof(tempfn), "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa" : "rsa"));
+        if (count >= sizeof(tempfn)) {
+            PR_fprintf(errorFD, "unable to write key metadata\n");
+            errorCount++;
+            exit(ERRX);
+        }
+        count = snprintf(fullfn, sizeof(fullfn), "%s/%s", tree, tempfn);
+        if (count >= sizeof(fullfn)) {
+            PR_fprintf(errorFD, "unable to write key metadata\n");
+            errorCount++;
+            exit(ERRX);
+        }
         JzipAdd(fullfn, tempfn, zipfile, compression_level);
     }
 
@@ -408,6 +442,7 @@ static int
 manifesto_xpi_fn(char *relpath, char *basedir, char *reldir, char *filename, void *arg)
 {
     char fullname[FNSIZE];
+    int count;
 
     if (verbosity >= 0) {
         PR_fprintf(outputFD, "--> %s\n", relpath);
@@ -421,7 +456,10 @@ manifesto_xpi_fn(char *relpath, char *basedir, char *reldir, char *filename, voi
         if (!PL_HashTableLookup(extensions, ext))
             return 0;
     }
-    sprintf(fullname, "%s/%s", basedir, relpath);
+    count = snprintf(fullname, sizeof(fullname), "%s/%s", basedir, relpath);
+    if (count >= sizeof(fullname)) {
+        return 1;
+    }
     JzipAdd(fullname, relpath, zipfile, compression_level);
 
     return 0;
author	wolfbeast <mcwerewolf@gmail.com>	2018-07-18 08:24:24 +0200
committer	wolfbeast <mcwerewolf@gmail.com>	2018-07-18 08:24:24 +0200
commit	fc61780b35af913801d72086456f493f63197da6 (patch)
tree	f85891288a7bd988da9f0f15ae64e5c63f00d493 /security/nss/cmd/signtool/sign.c
parent	69f7f9e5f1475891ce11cc4f431692f965b0cd30 (diff)
parent	50d3e596bbe89c95615f96eb71f6bc5be737a1db (diff)
download	UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.tar UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.tar.gz UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.tar.lz UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.tar.xz UXP-9ccb235f04529c1ec345d87dad6521cb567d20bb.zip