bbs/deb-mbse
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Secured sprintf with snprintf

Browse Source
This commit is contained in:
Michiel Broek 2005-08-29 12:39:37 +00:00
parent 21d3e5acca
commit 07d2480f7e
3 changed files with 83 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
mbsebbs/door.c
View File

@ -57,9 +57,9 @@ char *Gdate(time_t tt, int Y2K)
tm = localtime(&tt); tm = localtime(&tt);
if (Y2K) if (Y2K)
sprintf(GLC, "%02d-%02d-%04d", tm->tm_mon +1, tm->tm_mday, tm->tm_year + 1900); snprintf(GLC, 15, "%02d-%02d-%04d", tm->tm_mon +1, tm->tm_mday, tm->tm_year + 1900);
else else
sprintf(GLC, "%02d-%02d-%02d", tm->tm_mon +1, tm->tm_mday, tm->tm_year % 100); snprintf(GLC, 15, "%02d-%02d-%02d", tm->tm_mon +1, tm->tm_mday, tm->tm_year % 100);
return (GLC); return (GLC);
} }
@ -113,9 +113,9 @@ void ExtDoor(char *Program, int NoDoorsys, int Y2Kdoorsys, int Comport, int NoSu
*/ */
while (TRUE) { while (TRUE) {
if (Start) if (Start)
sprintf(buf, "GMON:1,1;"); snprintf(buf, 128, "GMON:1,1;");
else else
sprintf(buf, "GMON:1,0;"); snprintf(buf, 128, "GMON:1,0;");
Start = FALSE; Start = FALSE;
if (socket_send(buf) == 0) { if (socket_send(buf) == 0) {
strcpy(buf, socket_receive()); strcpy(buf, socket_receive());
@ -147,7 +147,7 @@ void ExtDoor(char *Program, int NoDoorsys, int Y2Kdoorsys, int Comport, int NoSu
WhosDoingWhat(DOOR, What); WhosDoingWhat(DOOR, What);
if ((strstr(Program, "/N")) != NULL) { if ((strstr(Program, "/N")) != NULL) {
sprintf(temp1, "%d", iNode); snprintf(temp1, 81, "%d", iNode);
strreplace(Program, (char *)"/N", temp1); strreplace(Program, (char *)"/N", temp1);
} }
@ -182,7 +182,7 @@ void ExtDoor(char *Program, int NoDoorsys, int Y2Kdoorsys, int Comport, int NoSu
/* /*
* Always remove the old door.sys first. * Always remove the old door.sys first.
*/ */
sprintf(temp1, "%s/%s/door.sys", CFG.bbs_usersdir, exitinfo.Name); snprintf(temp1, PATH_MAX, "%s/%s/door.sys", CFG.bbs_usersdir, exitinfo.Name);
unlink(temp1); unlink(temp1);
/* /*
@ -259,7 +259,7 @@ void ExtDoor(char *Program, int NoDoorsys, int Y2Kdoorsys, int Comport, int NoSu
/* /*
* Always remove the old door32.sys first. * Always remove the old door32.sys first.
*/ */
sprintf(temp1, "%s/%s/door32.sys", CFG.bbs_usersdir, exitinfo.Name); snprintf(temp1, PATH_MAX, "%s/%s/door32.sys", CFG.bbs_usersdir, exitinfo.Name);
unlink(temp1); unlink(temp1);
/* /*

120
mbsebbs/email.c
View File

@ -93,17 +93,17 @@ void ShowEmailHdr(void)
Buf3[0] = '\0'; Buf3[0] = '\0';
clear(); clear();
sprintf(temp, " %-70s", sMailbox); snprintf(temp, 81, " %-70s", sMailbox);
pout(BLUE, LIGHTGRAY, temp); pout(BLUE, LIGHTGRAY, temp);
sprintf(temp, "#%-5lu", Msg.Id); snprintf(temp, 81, "#%-5lu", Msg.Id);
pout(RED, LIGHTGRAY, temp); pout(RED, LIGHTGRAY, temp);
Enter(1); Enter(1);
/* Date : */ /* Date : */
pout(YELLOW, BLACK, (char *) Language(206)); pout(YELLOW, BLACK, (char *) Language(206));
tm = gmtime(&Msg.Written); tm = gmtime(&Msg.Written);
sprintf(temp, "%02d-%02d-%d %02d:%02d:%02d", tm->tm_mday, tm->tm_mon+1, snprintf(temp, 81, "%02d-%02d-%d %02d:%02d:%02d", tm->tm_mday, tm->tm_mon+1,
tm->tm_year+1900, tm->tm_hour, tm->tm_min, tm->tm_sec); tm->tm_year+1900, tm->tm_hour, tm->tm_min, tm->tm_sec);
pout(LIGHTGREEN, BLACK, temp); pout(LIGHTGREEN, BLACK, temp);
colour(LIGHTRED, BLACK); colour(LIGHTRED, BLACK);
@ -156,11 +156,11 @@ void ShowEmailHdr(void)
Enter(1); Enter(1);
if (Msg.Reply) if (Msg.Reply)
sprintf(Buf1, "\"+\" %s %lu", (char *)Language(211), Msg.Reply); snprintf(Buf1, 35, "\"+\" %s %lu", (char *)Language(211), Msg.Reply);
if (Msg.Original) if (Msg.Original)
sprintf(Buf2, " \"-\" %s %lu", (char *)Language(212), Msg.Original); snprintf(Buf2, 35, " \"-\" %s %lu", (char *)Language(212), Msg.Original);
sprintf(Buf3, "%s%s ", Buf1, Buf2); snprintf(Buf3, 35, "%s%s ", Buf1, Buf2);
sprintf(temp, "%78s ", Buf3); snprintf(temp, 81, "%78s ", Buf3);
pout(YELLOW, BLUE, temp); pout(YELLOW, BLUE, temp);
Enter(1); Enter(1);
} }
@ -211,7 +211,7 @@ int Export_a_Email(unsigned long Num)
* written in M$DOS <cr/lf> format. * written in M$DOS <cr/lf> format.
*/ */
p = calloc(PATH_MAX, sizeof(char)); p = calloc(PATH_MAX, sizeof(char));
sprintf(p, "%s/%s/wrk/%s_%lu.msg", CFG.bbs_usersdir, exitinfo.Name, sMailbox, Num); snprintf(p, PATH_MAX, "%s/%s/wrk/%s_%lu.msg", CFG.bbs_usersdir, exitinfo.Name, sMailbox, Num);
if ((qf = fopen(p, "w")) != NULL) { if ((qf = fopen(p, "w")) != NULL) {
free(p); free(p);
p = NULL; p = NULL;
@ -240,7 +240,7 @@ int Export_a_Email(unsigned long Num)
*/ */
Enter(2); Enter(2);
pout(CFG.TextColourF, CFG.TextColourB, (char *) Language(46)); pout(CFG.TextColourF, CFG.TextColourB, (char *) Language(46));
sprintf(temp, "%s_%lu.msg", sMailbox, Num); snprintf(temp, 21, "%s_%lu.msg", sMailbox, Num);
pout(CFG.HiliteF, CFG.HiliteB, temp); pout(CFG.HiliteF, CFG.HiliteB, temp);
Enter(2); Enter(2);
Pause(); Pause();
@ -276,36 +276,36 @@ int Save_Email(int IsReply)
/* /*
* Add header lines * Add header lines
*/ */
sprintf(temp, "\001Date: %s", rfcdate(Msg.Written)); snprintf(temp, PATH_MAX, "\001Date: %s", rfcdate(Msg.Written));
MsgText_Add2(temp); MsgText_Add2(temp);
sprintf(temp, "\001From: %s", Msg.From); snprintf(temp, PATH_MAX, "\001From: %s", Msg.From);
MsgText_Add2(temp); MsgText_Add2(temp);
sprintf(temp, "\001Subject: %s", Msg.Subject); snprintf(temp, PATH_MAX, "\001Subject: %s", Msg.Subject);
MsgText_Add2(temp); MsgText_Add2(temp);
sprintf(temp, "\001Sender: %s", Msg.From); snprintf(temp, PATH_MAX, "\001Sender: %s", Msg.From);
MsgText_Add2(temp); MsgText_Add2(temp);
sprintf(temp, "\001To: %s", Msg.To); snprintf(temp, PATH_MAX, "\001To: %s", Msg.To);
MsgText_Add2(temp); MsgText_Add2(temp);
MsgText_Add2((char *)"\001MIME-Version: 1.0"); MsgText_Add2((char *)"\001MIME-Version: 1.0");
if (exitinfo.Charset != FTNC_NONE) { if (exitinfo.Charset != FTNC_NONE) {
sprintf(temp, "\001Content-Type: text/plain; charset=%s", getrfcchrs(exitinfo.Charset)); snprintf(temp, PATH_MAX, "\001Content-Type: text/plain; charset=%s", getrfcchrs(exitinfo.Charset));
} else { } else {
sprintf(temp, "\001Content-Type: text/plain; charset=iso8859-1"); snprintf(temp, PATH_MAX, "\001Content-Type: text/plain; charset=iso8859-1");
} }
MsgText_Add2(temp); MsgText_Add2(temp);
MsgText_Add2((char *)"\001Content-Transfer-Encoding: 8bit"); MsgText_Add2((char *)"\001Content-Transfer-Encoding: 8bit");
sprintf(temp, "\001X-Mailreader: MBSE BBS %s", VERSION); snprintf(temp, PATH_MAX, "\001X-Mailreader: MBSE BBS %s", VERSION);
MsgText_Add2(temp); MsgText_Add2(temp);
p = calloc(81, sizeof(char)); p = calloc(81, sizeof(char));
id = sequencer(); id = sequencer();
sprintf(p, "<%08lx@%s>", id, CFG.sysdomain); snprintf(p, 81, "<%08lx@%s>", id, CFG.sysdomain);
sprintf(temp, "\001Message-id: %s", p); snprintf(temp, PATH_MAX, "\001Message-id: %s", p);
MsgText_Add2(temp); MsgText_Add2(temp);
Msg.MsgIdCRC = upd_crc32(temp, crc, strlen(temp)); Msg.MsgIdCRC = upd_crc32(temp, crc, strlen(temp));
free(p); free(p);
if (IsReply) { if (IsReply) {
sprintf(temp, "\001In-reply-to: %s", Msg.Replyid); snprintf(temp, PATH_MAX, "\001In-reply-to: %s", Msg.Replyid);
MsgText_Add2(temp); MsgText_Add2(temp);
crc = -1; crc = -1;
Msg.ReplyCRC = upd_crc32(temp, crc, strlen(temp)); Msg.ReplyCRC = upd_crc32(temp, crc, strlen(temp));
@ -322,7 +322,7 @@ int Save_Email(int IsReply)
/* /*
* Add signature. * Add signature.
*/ */
sprintf(temp, "%s/%s/.signature", CFG.bbs_usersdir, exitinfo.Name); snprintf(temp, PATH_MAX, "%s/%s/.signature", CFG.bbs_usersdir, exitinfo.Name);
if ((fp = fopen(temp, "r"))) { if ((fp = fopen(temp, "r"))) {
Syslog('m', " Add .signature"); Syslog('m', " Add .signature");
MsgText_Add2((char *)""); MsgText_Add2((char *)"");
@ -352,7 +352,7 @@ int Save_Email(int IsReply)
Enter(1); Enter(1);
/* Saving message to disk */ /* Saving message to disk */
sprintf(temp, "%s(%ld)", (char *) Language(202), Msg.Id); snprintf(temp, 81, "%s(%ld)", (char *) Language(202), Msg.Id);
pout(CFG.HiliteF, CFG.HiliteB, temp); pout(CFG.HiliteF, CFG.HiliteB, temp);
Enter(2); Enter(2);
sleep(2); sleep(2);
@ -360,7 +360,7 @@ int Save_Email(int IsReply)
/* /*
* Add quick mailscan info * Add quick mailscan info
*/ */
sprintf(temp, "%s/tmp/netmail.jam", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/tmp/netmail.jam", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "a")) != NULL) { if ((fp = fopen(temp, "a")) != NULL) {
fprintf(fp, "%s/%s/mailbox %lu\n", CFG.bbs_usersdir, exitinfo.Name, Msg.Id); fprintf(fp, "%s/%s/mailbox %lu\n", CFG.bbs_usersdir, exitinfo.Name, Msg.Id);
fclose(fp); fclose(fp);
@ -416,7 +416,7 @@ int Read_a_Email(unsigned long Num)
* for the Quote> strings at the start of each line. * for the Quote> strings at the start of each line.
*/ */
fn = calloc(PATH_MAX, sizeof(char)); fn = calloc(PATH_MAX, sizeof(char));
sprintf(fn, "%s/%s/.quote", CFG.bbs_usersdir, exitinfo.Name); snprintf(fn, PATH_MAX, "%s/%s/.quote", CFG.bbs_usersdir, exitinfo.Name);
if ((qf = fopen(fn, "w")) != NULL) { if ((qf = fopen(fn, "w")) != NULL) {
if (Msg_Read(Num, 75)) { if (Msg_Read(Num, 75)) {
if ((p = (char *)MsgText_First()) != NULL) if ((p = (char *)MsgText_First()) != NULL)
@ -427,7 +427,7 @@ int Read_a_Email(unsigned long Num)
* a reply will be made. * a reply will be made.
*/ */
if (strncasecmp(p, "\001Message-id: ", 13) == 0) { if (strncasecmp(p, "\001Message-id: ", 13) == 0) {
sprintf(Msg.Msgid, "%s", p+13); snprintf(Msg.Msgid, 101, "%s", p+13);
Syslog('m', "Stored Msgid \"%s\"", Msg.Msgid); Syslog('m', "Stored Msgid \"%s\"", Msg.Msgid);
} }
if (Kludges) { if (Kludges) {
@ -611,7 +611,7 @@ void Read_Email(void)
Enter(1); Enter(1);
temp = calloc(128, sizeof(char)); temp = calloc(128, sizeof(char));
/* Message area \"%s\" contains %lu messages. */ /* Message area \"%s\" contains %lu messages. */
sprintf(temp, "\n%s\"%s\" %s%lu %s", (char *) Language(221), sMailbox, (char *) Language(222), snprintf(temp, 128, "\n%s\"%s\" %s%lu %s", (char *) Language(221), sMailbox, (char *) Language(222),
EmailBase.Total, (char *) Language(223)); EmailBase.Total, (char *) Language(223));
pout(CFG.TextColourF, CFG.TextColourB, temp); pout(CFG.TextColourF, CFG.TextColourB, temp);
@ -637,11 +637,11 @@ void Read_Email(void)
Enter(1); Enter(1);
/* Please enter a message between */ /* Please enter a message between */
sprintf(temp, "%s(%lu - %lu)", (char *) Language(224), EmailBase.Lowest, EmailBase.Highest); snprintf(temp, 81, "%s(%lu - %lu)", (char *) Language(224), EmailBase.Lowest, EmailBase.Highest);
pout(WHITE, BLACK, temp); pout(WHITE, BLACK, temp);
Enter(1); Enter(1);
/* Message number [ */ /* Message number [ */
sprintf(temp, "%s%lu]: ", (char *) Language(225), Start); snprintf(temp, 81, "%s%lu]: ", (char *) Language(225), Start);
PUTSTR(temp); PUTSTR(temp);
colour(CFG.InputColourF, CFG.InputColourB); colour(CFG.InputColourF, CFG.InputColourB);
@ -668,31 +668,31 @@ void Read_Email(void)
void Reply_Email(int IsReply) void Reply_Email(int IsReply)
{ {
int i, j, x; int i, j, x;
char to[65], from[65], subj[72], msgid[81], replyto[81], replyaddr[81], *tmp, *buf, qin[9], temp[81]; char to[101], from[101], subj[101], msgid[101], replyto[101], replyaddr[101], *tmp, *buf, qin[9], temp[81];
faddr *Dest = NULL; faddr *Dest = NULL;
sprintf(from, "%s", Msg.To); snprintf(from, 101, "%s", Msg.To);
sprintf(to, "%s", Msg.From); snprintf(to, 101, "%s", Msg.From);
sprintf(replyto, "%s", Msg.ReplyTo); snprintf(replyto, 101, "%s", Msg.ReplyTo);
sprintf(replyaddr, "%s", Msg.ReplyAddr); snprintf(replyaddr, 101, "%s", Msg.ReplyAddr);
if (strncasecmp(Msg.Subject, "Re:", 3) && IsReply) { if (strncasecmp(Msg.Subject, "Re:", 3) && IsReply) {
sprintf(subj, "Re: %s", Msg.Subject); snprintf(subj, 101, "Re: %s", Msg.Subject);
} else { } else {
sprintf(subj, "%s", Msg.Subject); snprintf(subj, 101, "%s", Msg.Subject);
} }
mbse_CleanSubject(subj); mbse_CleanSubject(subj);
Syslog('m', "Reply msg to %s, subject %s", to, subj); Syslog('m', "Reply msg to %s, subject %s", to, subj);
Syslog('m', "Msgid was %s", Msg.Msgid); Syslog('m', "Msgid was %s", Msg.Msgid);
sprintf(msgid, "%s", Msg.Msgid); snprintf(msgid, 101, "%s", Msg.Msgid);
x = 0; x = 0;
Line = 1; Line = 1;
WhosDoingWhat(READ_POST, NULL); WhosDoingWhat(READ_POST, NULL);
clear(); clear();
sprintf(temp, " %-70s", sMailbox); snprintf(temp, 81, " %-70s", sMailbox);
pout(BLUE, LIGHTGRAY, temp); pout(BLUE, LIGHTGRAY, temp);
sprintf(temp, "#%-5lu", EmailBase.Highest + 1); snprintf(temp, 81, "#%-5lu", EmailBase.Highest + 1);
pout(RED, LIGHTGRAY, temp); pout(RED, LIGHTGRAY, temp);
Enter(1); Enter(1);
@ -705,9 +705,9 @@ void Reply_Email(int IsReply)
Line = 1; Line = 1;
Msg_New(); Msg_New();
sprintf(Msg.Replyid, "%s", msgid); snprintf(Msg.Replyid, 101, "%s", msgid);
sprintf(Msg.ReplyTo, "%s", replyto); snprintf(Msg.ReplyTo, 101, "%s", replyto);
sprintf(Msg.ReplyAddr, "%s", replyaddr); snprintf(Msg.ReplyAddr, 101, "%s", replyaddr);
/* From : */ /* From : */
pout(YELLOW, BLACK, (char *) Language(209)); pout(YELLOW, BLACK, (char *) Language(209));
@ -716,9 +716,9 @@ void Reply_Email(int IsReply)
* If not permanent connected to the internet, use fidonet.org style addressing. * If not permanent connected to the internet, use fidonet.org style addressing.
*/ */
Dest = fido2faddr(CFG.EmailFidoAka); Dest = fido2faddr(CFG.EmailFidoAka);
sprintf(Msg.From, "%s@%s (%s)", exitinfo.sUserName, ascinode(Dest, 0x2f), exitinfo.sUserName); snprintf(Msg.From, 101, "%s@%s (%s)", exitinfo.sUserName, ascinode(Dest, 0x2f), exitinfo.sUserName);
} else { } else {
sprintf(Msg.From, "%s@%s (%s)", exitinfo.Name, CFG.sysdomain, exitinfo.sUserName); snprintf(Msg.From, 101, "%s@%s (%s)", exitinfo.Name, CFG.sysdomain, exitinfo.sUserName);
} }
for (i = 0; i < strlen(Msg.From); i++) { for (i = 0; i < strlen(Msg.From); i++) {
if (Msg.From[i] == ' ') if (Msg.From[i] == ' ')
@ -731,7 +731,7 @@ void Reply_Email(int IsReply)
Syslog('b', "Setting From: %s", Msg.From); Syslog('b', "Setting From: %s", Msg.From);
/* To : */ /* To : */
sprintf(Msg.To, "%s", to); snprintf(Msg.To, 101, "%s", to);
pout(YELLOW, BLACK, (char *) Language(208)); pout(YELLOW, BLACK, (char *) Language(208));
pout(CFG.MsgInputColourF, CFG.MsgInputColourB, Msg.To); pout(CFG.MsgInputColourF, CFG.MsgInputColourB, Msg.To);
Enter(1); Enter(1);
@ -741,7 +741,7 @@ void Reply_Email(int IsReply)
Enter(1); Enter(1);
/* Subject : */ /* Subject : */
pout(YELLOW, BLACK, (char *) Language(210)); pout(YELLOW, BLACK, (char *) Language(210));
sprintf(Msg.Subject, "%s", subj); snprintf(Msg.Subject, 101, "%s", subj);
pout(CFG.MsgInputColourF, CFG.MsgInputColourB, Msg.Subject); pout(CFG.MsgInputColourF, CFG.MsgInputColourB, Msg.Subject);
x = strlen(subj); x = strlen(subj);
@ -761,12 +761,12 @@ void Reply_Email(int IsReply)
* initials into qin. If its a name@system.dom the use the * initials into qin. If its a name@system.dom the use the
* first 8 characters of the name part. * first 8 characters of the name part.
*/ */
sprintf(Message[1], "%s wrote to %s:", to, from); snprintf(Message[1], TEXTBUFSIZE +1, "%s wrote to %s:", to, from);
memset(&qin, 0, sizeof(qin)); memset(&qin, 0, sizeof(qin));
if (strchr(to, '@')) { if (strchr(to, '@')) {
tmp = xstrcpy(strtok(to, "@")); tmp = xstrcpy(strtok(to, "@"));
tmp[8] = '\0'; tmp[8] = '\0';
sprintf(qin, "%s", tmp); snprintf(qin, 9, "%s", tmp);
free(tmp); free(tmp);
} else { } else {
x = TRUE; x = TRUE;
@ -785,14 +785,14 @@ void Reply_Email(int IsReply)
} }
Line = 2; Line = 2;
tmp = calloc(128, sizeof(char)); tmp = calloc(PATH_MAX, sizeof(char));
buf = calloc(128, sizeof(char)); buf = calloc(TEXTBUFSIZE +1, sizeof(char));
sprintf(tmp, "%s/%s/.quote", CFG.bbs_usersdir, exitinfo.Name); snprintf(tmp, PATH_MAX, "%s/%s/.quote", CFG.bbs_usersdir, exitinfo.Name);
if ((qf = fopen(tmp, "r")) != NULL) { if ((qf = fopen(tmp, "r")) != NULL) {
while ((fgets(buf, 128, qf)) != NULL) { while ((fgets(buf, TEXTBUFSIZE, qf)) != NULL) {
Striplf(buf); Striplf(buf);
sprintf(Message[Line], "%s> %s", (char *)qin, buf); snprintf(Message[Line], TEXTBUFSIZE +1, "%s> %s", (char *)qin, buf);
Line++; Line++;
if (Line == TEXTBUFSIZE) if (Line == TEXTBUFSIZE)
break; break;
@ -848,9 +848,9 @@ void Write_Email(void)
* If not permanent connected to the internet, use fidonet.org style addressing. * If not permanent connected to the internet, use fidonet.org style addressing.
*/ */
Dest = fido2faddr(CFG.EmailFidoAka); Dest = fido2faddr(CFG.EmailFidoAka);
sprintf(Msg.From, "%s@%s (%s)", exitinfo.sUserName, ascinode(Dest, 0x2f), exitinfo.sUserName); snprintf(Msg.From, 101, "%s@%s (%s)", exitinfo.sUserName, ascinode(Dest, 0x2f), exitinfo.sUserName);
} else } else
sprintf(Msg.From, "%s@%s (%s)", exitinfo.Name, CFG.sysdomain, exitinfo.sUserName); snprintf(Msg.From, 101, "%s@%s (%s)", exitinfo.Name, CFG.sysdomain, exitinfo.sUserName);
for (i = 0; i < strlen(Msg.From); i++) { for (i = 0; i < strlen(Msg.From); i++) {
if (Msg.From[i] == ' ') if (Msg.From[i] == ' ')
@ -940,14 +940,14 @@ void QuickScan_Email(void)
for (i = EmailBase.Lowest; i <= EmailBase.Highest; i++) { for (i = EmailBase.Lowest; i <= EmailBase.Highest; i++) {
if (Msg_ReadHeader(i)) { if (Msg_ReadHeader(i)) {
sprintf(temp, "%-6lu", Msg.Id); snprintf(temp, 81, "%-6lu", Msg.Id);
pout(WHITE, BLACK, temp); pout(WHITE, BLACK, temp);
sprintf(temp, "%s ", padleft(Msg.From, 20, ' ')); snprintf(temp, 81, "%s ", padleft(Msg.From, 20, ' '));
pout(CYAN, BLACK, temp); pout(CYAN, BLACK, temp);
sprintf(temp, "%s ", padleft(Msg.To, 20, ' ')); snprintf(temp, 81, "%s ", padleft(Msg.To, 20, ' '));
pout(GREEN, BLACK, temp); pout(GREEN, BLACK, temp);
sprintf(temp, "%s", padleft(Msg.Subject, 31, ' ')); snprintf(temp, 81, "%s", padleft(Msg.Subject, 31, ' '));
pout(MAGENTA, BLACK, temp); pout(MAGENTA, BLACK, temp);
Enter(1); Enter(1);
FoundMsg = TRUE; FoundMsg = TRUE;
@ -1043,8 +1043,8 @@ void SetEmailArea(char *box)
if (!exitinfo.Email) if (!exitinfo.Email)
return; return;
sprintf(sMailpath, "%s/%s/%s", CFG.bbs_usersdir, exitinfo.Name, box); snprintf(sMailpath, PATH_MAX, "%s/%s/%s", CFG.bbs_usersdir, exitinfo.Name, box);
sprintf(sMailbox, "%s", box); snprintf(sMailbox, 21, "%s", box);
/* /*
* Get information from the message base * Get information from the message base

32
mbsebbs/mail.c
View File

@ -1546,14 +1546,14 @@ int ReadPanel()
void Reply_Msg(int IsReply) void Reply_Msg(int IsReply)
{ {
int i, j, x, cc; int i, j, x, cc;
char to[65], from[65], subj[73], msgid[81], replyto[81], replyaddr[81], *tmp, *buf, qin[6], msg[81]; char to[101], from[101], subj[101], msgid[101], replyto[101], replyaddr[101], *tmp, *buf, qin[6], msg[81];
faddr *Dest = NULL; faddr *Dest = NULL;
if (!Post_Allowed()) if (!Post_Allowed())
return; return;
strncpy(from, Msg.To, 64); strncpy(from, Msg.To, 100);
strncpy(to, Msg.From, 64); strncpy(to, Msg.From, 100);
strncpy(replyto, Msg.ReplyTo, 80); strncpy(replyto, Msg.ReplyTo, 80);
/* /*
@ -1563,20 +1563,20 @@ void Reply_Msg(int IsReply)
tmp = Msg.ReplyAddr; tmp = Msg.ReplyAddr;
while (*tmp && isspace(*tmp)) while (*tmp && isspace(*tmp))
tmp++; tmp++;
strncpy(replyaddr, tmp, 80); strncpy(replyaddr, tmp, 100);
Dest = parsefnode(Msg.FromAddress); Dest = parsefnode(Msg.FromAddress);
Syslog('m', "Parsed from address %s", ascfnode(Dest, 0x1f)); Syslog('m', "Parsed from address %s", ascfnode(Dest, 0x1f));
if (strncasecmp(Msg.Subject, "Re:", 3) && strncasecmp(Msg.Subject, "Re^2:", 5) && IsReply) { if (strncasecmp(Msg.Subject, "Re:", 3) && strncasecmp(Msg.Subject, "Re^2:", 5) && IsReply) {
snprintf(subj, 73, "Re: "); snprintf(subj, 101, "Re: ");
strncpy(subj+4, Msg.Subject, 68); strncpy(subj+4, Msg.Subject, 97);
} else { } else {
strncpy(subj, Msg.Subject, 72); strncpy(subj, Msg.Subject, 101);
} }
Syslog('m', "Reply msg to %s, subject %s", to, subj); Syslog('m', "Reply msg to %s, subject %s", to, subj);
Syslog('m', "Msgid was %s", Msg.Msgid); Syslog('m', "Msgid was %s", Msg.Msgid);
strncpy(msgid, Msg.Msgid, 80); strncpy(msgid, Msg.Msgid, 100);
x = 0; x = 0;
WhosDoingWhat(READ_POST, NULL); WhosDoingWhat(READ_POST, NULL);
@ -1594,9 +1594,9 @@ void Reply_Msg(int IsReply)
Message[i] = (char *) calloc(MAX_LINE_LENGTH +1, sizeof(char)); Message[i] = (char *) calloc(MAX_LINE_LENGTH +1, sizeof(char));
Msg_New(); Msg_New();
strncpy(Msg.Replyid, msgid, 80); strncpy(Msg.Replyid, msgid, 101);
strncpy(Msg.ReplyTo, replyto, 80); strncpy(Msg.ReplyTo, replyto, 101);
strncpy(Msg.ReplyAddr, replyaddr, 80); strncpy(Msg.ReplyAddr, replyaddr, 101);
/* From : */ /* From : */
if (Alias_Option()) { if (Alias_Option()) {
@ -1617,7 +1617,7 @@ void Reply_Msg(int IsReply)
snprintf(Msg.From, 101, "%s@%s (%s)", exitinfo.Name, CFG.sysdomain, exitinfo.sUserName); snprintf(Msg.From, 101, "%s@%s (%s)", exitinfo.Name, CFG.sysdomain, exitinfo.sUserName);
} }
} else { } else {
strncpy(Msg.From, exitinfo.sUserName, 100); strncpy(Msg.From, exitinfo.sUserName, 101);
tlcap(Msg.From); tlcap(Msg.From);
} }
} }
@ -1626,7 +1626,7 @@ void Reply_Msg(int IsReply)
Enter(1); Enter(1);
/* To : */ /* To : */
strncpy(Msg.To, to, 100); strncpy(Msg.To, to, 101);
pout(YELLOW, BLACK, (char *) Language(208)); pout(YELLOW, BLACK, (char *) Language(208));
pout(CFG.MsgInputColourF, CFG.MsgInputColourB, Msg.To); pout(CFG.MsgInputColourF, CFG.MsgInputColourB, Msg.To);
Enter(1); Enter(1);
@ -1636,7 +1636,7 @@ void Reply_Msg(int IsReply)
Enter(1); Enter(1);
/* Subject : */ /* Subject : */
pout(YELLOW, BLACK, (char *) Language(210)); pout(YELLOW, BLACK, (char *) Language(210));
strncpy(Msg.Subject, subj, 100); strncpy(Msg.Subject, subj, 101);
pout(CFG.MsgInputColourF, CFG.MsgInputColourB, Msg.Subject); pout(CFG.MsgInputColourF, CFG.MsgInputColourB, Msg.Subject);
x = strlen(subj); x = strlen(subj);
@ -1700,11 +1700,11 @@ void Reply_Msg(int IsReply)
Line = 2; Line = 2;
tmp = calloc(PATH_MAX, sizeof(char)); tmp = calloc(PATH_MAX, sizeof(char));
buf = calloc(129, sizeof(char)); buf = calloc(TEXTBUFSIZE +1, sizeof(char));
snprintf(tmp, PATH_MAX, "%s/%s/.quote", CFG.bbs_usersdir, exitinfo.Name); snprintf(tmp, PATH_MAX, "%s/%s/.quote", CFG.bbs_usersdir, exitinfo.Name);
if ((qf = fopen(tmp, "r")) != NULL) { if ((qf = fopen(tmp, "r")) != NULL) {
while ((fgets(buf, 128, qf)) != NULL) { while ((fgets(buf, TEXTBUFSIZE, qf)) != NULL) {
Striplf(buf); Striplf(buf);
snprintf(Message[Line], TEXTBUFSIZE +1, "%s> %s", (char *)qin, buf); snprintf(Message[Line], TEXTBUFSIZE +1, "%s> %s", (char *)qin, buf);
Line++; Line++;