Secured sprintf with snprintf

This commit is contained in:
Michiel Broek 2005-08-28 12:41:57 +00:00
parent 62dbe6534f
commit 109480dde1
3 changed files with 28 additions and 28 deletions

View File

@ -103,7 +103,7 @@ int toss_onemsg(char *msgname)
{ {
int rc = 0, islocal, empty = TRUE; int rc = 0, islocal, empty = TRUE;
char *temp, *dospath, *flagstr = NULL, *l, *r, *msgid = NULL; char *temp, *dospath, *flagstr = NULL, *l, *r, *msgid = NULL;
char fromUserName[36], toUserName[36], subject[72], DateTime[20]; char fromUserName[37], toUserName[37], subject[73], DateTime[21];
FILE *fp, *np; FILE *fp, *np;
faddr *ta; faddr *ta;
unsigned char buf[0xbe]; unsigned char buf[0xbe];
@ -114,7 +114,7 @@ int toss_onemsg(char *msgname)
net_msgs++; net_msgs++;
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/%s", CFG.msgs_path, msgname); snprintf(temp, PATH_MAX -1, "%s/%s", CFG.msgs_path, msgname);
if ((fp = fopen(temp, "r")) == NULL) { if ((fp = fopen(temp, "r")) == NULL) {
WriteError("$Can't open %s", temp); WriteError("$Can't open %s", temp);
@ -315,7 +315,7 @@ int toss_onemsg(char *msgname)
(strncasecmp(toUserName, "postmaster", 10) == 0) || (strncasecmp(toUserName, "postmaster", 10) == 0) ||
(strncasecmp(toUserName, "coordinator", 11) == 0)) { (strncasecmp(toUserName, "coordinator", 11) == 0)) {
Syslog('+', " Readdress from %s to %s", toUserName, CFG.sysop_name); Syslog('+', " Readdress from %s to %s", toUserName, CFG.sysop_name);
sprintf(toUserName, "%s", CFG.sysop_name); snprintf(toUserName, 36, "%s", CFG.sysop_name);
strcpy(Msg.To, toUserName); strcpy(Msg.To, toUserName);
} }
net_imp++; net_imp++;
@ -328,19 +328,19 @@ int toss_onemsg(char *msgname)
Msg.Netmail = TRUE; Msg.Netmail = TRUE;
if (origPoint) if (origPoint)
sprintf(Msg.FromAddress, "%d:%d/%d.%d@%s", origZone, origNet, origNode, origPoint, fidonet.domain); snprintf(Msg.FromAddress, 100, "%d:%d/%d.%d@%s", origZone, origNet, origNode, origPoint, fidonet.domain);
else else
sprintf(Msg.FromAddress, "%d:%d/%d@%s", origZone, origNet, origNode, fidonet.domain); snprintf(Msg.FromAddress, 100, "%d:%d/%d@%s", origZone, origNet, origNode, fidonet.domain);
if (SearchFidonet(destZone)) { if (SearchFidonet(destZone)) {
if (destPoint) if (destPoint)
sprintf(Msg.ToAddress, "%d:%d/%d.%d@%s", destZone, destNet, destNode, destPoint, fidonet.domain); snprintf(Msg.ToAddress, 100, "%d:%d/%d.%d@%s", destZone, destNet, destNode, destPoint, fidonet.domain);
else else
sprintf(Msg.ToAddress, "%d:%d/%d@%s", destZone, destNet, destNode, fidonet.domain); snprintf(Msg.ToAddress, 100, "%d:%d/%d@%s", destZone, destNet, destNode, fidonet.domain);
} else { } else {
if (destPoint) if (destPoint)
sprintf(Msg.ToAddress, "%d:%d/%d.%d", destZone, destNet, destNode, destPoint); snprintf(Msg.ToAddress, 100, "%d:%d/%d.%d", destZone, destNet, destNode, destPoint);
else else
sprintf(Msg.ToAddress, "%d:%d/%d", destZone, destNet, destNode); snprintf(Msg.ToAddress, 100, "%d:%d/%d", destZone, destNet, destNode);
} }
/* /*
@ -367,7 +367,7 @@ int toss_onemsg(char *msgname)
if (!islocal) { if (!islocal) {
do_scan = TRUE; do_scan = TRUE;
sprintf(temp, "%s/tmp/netmail.jam", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX -1, "%s/tmp/netmail.jam", getenv("MBSE_ROOT"));
if ((np = fopen(temp, "a")) != NULL) { if ((np = fopen(temp, "a")) != NULL) {
fprintf(np, "%s %lu\n", msgs.Base, Msg.Id); fprintf(np, "%s %lu\n", msgs.Base, Msg.Id);
fclose(np); fclose(np);
@ -385,7 +385,7 @@ int toss_onemsg(char *msgname)
if (rc == 0) { if (rc == 0) {
net_in++; net_in++;
sprintf(temp, "%s/%s", CFG.msgs_path, msgname); snprintf(temp, PATH_MAX -1, "%s/%s", CFG.msgs_path, msgname);
if (unlink(temp) != 0) if (unlink(temp) != 0)
WriteError("Can't remove %s", temp); WriteError("Can't remove %s", temp);
} }

View File

@ -72,7 +72,7 @@ void Msg_Id(fidoaddr aka)
unsigned long crc = -1; unsigned long crc = -1;
temp = calloc(81, sizeof(char)); temp = calloc(81, sizeof(char));
sprintf(temp, "\001MSGID: %s %08lx", aka2str(aka), sequencer()); snprintf(temp, 80, "\001MSGID: %s %08lx", aka2str(aka), sequencer());
MsgText_Add2(temp); MsgText_Add2(temp);
Msg.MsgIdCRC = upd_crc32(temp, crc, strlen(temp)); Msg.MsgIdCRC = upd_crc32(temp, crc, strlen(temp));
Msg.ReplyCRC = 0xffffffff; Msg.ReplyCRC = 0xffffffff;
@ -87,16 +87,16 @@ void Msg_Pid(void)
time_t tt; time_t tt;
temp = calloc(81, sizeof(char)); temp = calloc(81, sizeof(char));
sprintf(temp, "\001PID: MBSE-FIDO %s (%s-%s)", VERSION, OsName(), OsCPU()); snprintf(temp, 80, "\001PID: MBSE-FIDO %s (%s-%s)", VERSION, OsName(), OsCPU());
MsgText_Add2(temp); MsgText_Add2(temp);
if (msgs.Charset != FTNC_NONE) { if (msgs.Charset != FTNC_NONE) {
sprintf(temp, "\001CHRS: %s", getftnchrs(msgs.Charset)); snprintf(temp, 80, "\001CHRS: %s", getftnchrs(msgs.Charset));
} else { } else {
sprintf(temp, "\001CHRS: %s", getftnchrs(FTNC_LATIN_1)); snprintf(temp, 80, "\001CHRS: %s", getftnchrs(FTNC_LATIN_1));
} }
MsgText_Add2(temp); MsgText_Add2(temp);
tt = time(NULL); tt = time(NULL);
sprintf(temp, "\001TZUTC: %s", gmtoffset(tt)); snprintf(temp, 80, "\001TZUTC: %s", gmtoffset(tt));
MsgText_Add2(temp); MsgText_Add2(temp);
free(temp); free(temp);
} }
@ -168,7 +168,7 @@ long Msg_Top(char *template, int language, fidoaddr aka)
hasmodems = TRUE; hasmodems = TRUE;
} }
sprintf(temp, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX -1, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) != NULL) { if ((fp = fopen(temp, "r")) != NULL) {
fread(&ttyinfohdr, sizeof(ttyinfohdr), 1, fp); fread(&ttyinfohdr, sizeof(ttyinfohdr), 1, fp);
while (fread(&ttyinfo, ttyinfohdr.recsize, 1, fp) == 1) { while (fread(&ttyinfo, ttyinfohdr.recsize, 1, fp) == 1) {
@ -220,11 +220,11 @@ void Msg_Bot(fidoaddr UseAka, char *Org, char *template)
MsgText_Add2(TearLine()); MsgText_Add2(TearLine());
if (UseAka.point) if (UseAka.point)
sprintf(aka, "(%d:%d/%d.%d)", UseAka.zone, UseAka.net, UseAka.node, UseAka.point); snprintf(aka, 39, "(%d:%d/%d.%d)", UseAka.zone, UseAka.net, UseAka.node, UseAka.point);
else else
sprintf(aka, "(%d:%d/%d)", UseAka.zone, UseAka.net, UseAka.node); snprintf(aka, 39, "(%d:%d/%d)", UseAka.zone, UseAka.net, UseAka.node);
sprintf(temp, " * Origin: %s %s", Org, aka); snprintf(temp, 80, " * Origin: %s %s", Org, aka);
MsgText_Add2(temp); MsgText_Add2(temp);
free(aka); free(aka);
free(temp); free(temp);
@ -238,7 +238,7 @@ void CountPosted(char *Base)
FILE *fp; FILE *fp;
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/mareas.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX -1, "%s/etc/mareas.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r+")) != NULL) { if ((fp = fopen(temp, "r+")) != NULL) {
fread(&msgshdr, sizeof(msgshdr), 1, fp); fread(&msgshdr, sizeof(msgshdr), 1, fp);

View File

@ -60,7 +60,7 @@ int newspost(void)
* a file, try to post the articles. They may be * a file, try to post the articles. They may be
* still here if the newsserver wasn't available. * still here if the newsserver wasn't available.
*/ */
sprintf(buf, "%s/tmp/newsout", getenv("MBSE_ROOT")); snprintf(buf, 10239, "%s/tmp/newsout", getenv("MBSE_ROOT"));
if ((nfp = fopen(buf, "r")) == NULL) { if ((nfp = fopen(buf, "r")) == NULL) {
if (newsopen) if (newsopen)
WriteError("$Can't reopen %s", buf); WriteError("$Can't reopen %s", buf);
@ -115,7 +115,7 @@ int newspost(void)
*/ */
if ((CFG.newsfeed == FEEDUUCP) || (CFG.newsfeed == FEEDRNEWS)) { if ((CFG.newsfeed == FEEDUUCP) || (CFG.newsfeed == FEEDRNEWS)) {
Syslog('+', "Posting news articles to the news batchfile"); Syslog('+', "Posting news articles to the news batchfile");
sprintf(buf, "%s/tmp/newsbatch", getenv("MBSE_ROOT")); snprintf(buf, 10239, "%s/tmp/newsbatch", getenv("MBSE_ROOT"));
if ((ofp = fopen(buf, "w+")) == NULL) { if ((ofp = fopen(buf, "w+")) == NULL) {
WriteError("$Can't create %s", buf); WriteError("$Can't create %s", buf);
free(buf); free(buf);
@ -178,7 +178,7 @@ int newspost(void)
} else } else
Syslog('+', "Articles send through %s", CFG.rnewspath); Syslog('+', "Articles send through %s", CFG.rnewspath);
fclose(ofp); fclose(ofp);
sprintf(buf, "%s/tmp/newsbatch", getenv("MBSE_ROOT")); snprintf(buf, 10239, "%s/tmp/newsbatch", getenv("MBSE_ROOT"));
unlink(buf); unlink(buf);
} }
@ -194,7 +194,7 @@ int newspost(void)
return TRUE; return TRUE;
} }
sprintf(buf, "%s/C.%s%lx", CFG.rnewspath, CFG.nntpnode, seqnr); snprintf(buf, 10239, "%s/C.%s%lx", CFG.rnewspath, CFG.nntpnode, seqnr);
if ((nb = fopen(buf, "a")) == NULL) { if ((nb = fopen(buf, "a")) == NULL) {
WriteError("Can't create %s", buf); WriteError("Can't create %s", buf);
newsopen = FALSE; newsopen = FALSE;
@ -204,7 +204,7 @@ int newspost(void)
fprintf(nb, "E D.%s%lx D.%s%lx news -C D.%s%lx 0666 \"\" 0 rnews\n", fprintf(nb, "E D.%s%lx D.%s%lx news -C D.%s%lx 0666 \"\" 0 rnews\n",
utsbuf.nodename, seqnr, utsbuf.nodename, seqnr, utsbuf.nodename, seqnr); utsbuf.nodename, seqnr, utsbuf.nodename, seqnr, utsbuf.nodename, seqnr);
fclose(nb); fclose(nb);
sprintf(buf, "%s/D.%s%lx", CFG.rnewspath, utsbuf.nodename, seqnr); snprintf(buf, 10239, "%s/D.%s%lx", CFG.rnewspath, utsbuf.nodename, seqnr);
if ((nb = fopen(buf, "a")) == NULL) { if ((nb = fopen(buf, "a")) == NULL) {
WriteError("Can't create %s", buf); WriteError("Can't create %s", buf);
newsopen = FALSE; newsopen = FALSE;
@ -215,12 +215,12 @@ int newspost(void)
} }
Syslog('+', "Articles placed in %s", CFG.rnewspath); Syslog('+', "Articles placed in %s", CFG.rnewspath);
fclose(ofp); fclose(ofp);
sprintf(buf, "%s/tmp/newsbatch", getenv("MBSE_ROOT")); snprintf(buf, 10239, "%s/tmp/newsbatch", getenv("MBSE_ROOT"));
unlink(buf); unlink(buf);
} }
if (! news_bad) { if (! news_bad) {
sprintf(buf, "%s/tmp/newsout", getenv("MBSE_ROOT")); snprintf(buf, 10239, "%s/tmp/newsout", getenv("MBSE_ROOT"));
unlink(buf); unlink(buf);
} }