bbs/deb-mbse
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Secured sprintf with snprintf

Browse Source
This commit is contained in:
Michiel Broek 2005-08-29 14:21:48 +00:00
parent cd22f3920f
commit 1b0a440ed4
3 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
mbsetup/mbsetup.c
View File

@ -4,7 +4,7 @@
* Purpose ...............: Setup Program * Purpose ...............: Setup Program
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -93,7 +93,7 @@ static void die(int onsig)
/* /*
* Export ~/etc/msg.txt for MsgEd. * Export ~/etc/msg.txt for MsgEd.
*/ */
sprintf(temp, "%s/etc/msg.txt", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/msg.txt", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "w")) != NULL) { if ((fp = fopen(temp, "w")) != NULL) {
fprintf(fp, "; msg.txt -- Automatic created by mbsetup %s -- Do not edit!\n;\n", VERSION); fprintf(fp, "; msg.txt -- Automatic created by mbsetup %s -- Do not edit!\n;\n", VERSION);
fprintf(fp, "; Mail areas for MsgEd.\n;\n"); fprintf(fp, "; Mail areas for MsgEd.\n;\n");
@ -107,7 +107,7 @@ static void die(int onsig)
/* /*
* Export ~/etc/golded.inc for GoldED * Export ~/etc/golded.inc for GoldED
*/ */
sprintf(temp, "%s/etc/golded.inc", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/golded.inc", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "w")) != NULL) { if ((fp = fopen(temp, "w")) != NULL) {
fprintf(fp, "; GoldED.inc -- Automatic created by mbsetup %s -- Do not edit!\n\n", VERSION); fprintf(fp, "; GoldED.inc -- Automatic created by mbsetup %s -- Do not edit!\n\n", VERSION);
fprintf(fp, "; Basic information.\n;\n"); fprintf(fp, "; Basic information.\n;\n");
@ -158,7 +158,7 @@ void soft_info(void)
temp = calloc(81, sizeof(char)); temp = calloc(81, sizeof(char));
clr_index(); clr_index();
set_color(YELLOW, BLACK); set_color(YELLOW, BLACK);
sprintf(temp, "MBSE BBS (%s-%s)", OsName(), OsCPU()); snprintf(temp, 81, "MBSE BBS (%s-%s)", OsName(), OsCPU());
center_addstr( 6, temp); center_addstr( 6, temp);
set_color(WHITE, BLACK); set_color(WHITE, BLACK);
center_addstr( 8, (char *)COPYRIGHT); center_addstr( 8, (char *)COPYRIGHT);
@ -166,12 +166,12 @@ void soft_info(void)
center_addstr(10, (char *)"Made in the Netherlands"); center_addstr(10, (char *)"Made in the Netherlands");
set_color(WHITE, BLACK); set_color(WHITE, BLACK);
#ifdef __GLIBC__ #ifdef __GLIBC__
sprintf(temp, "Compiled on glibc v%d.%d", __GLIBC__, __GLIBC_MINOR__); snprintf(temp, 81, "Compiled on glibc v%d.%d", __GLIBC__, __GLIBC_MINOR__);
#else #else
#ifdef __GNU_LIBRARY__ #ifdef __GNU_LIBRARY__
sprintf(temp, "Compiled on libc v%d", __GNU_LIBRARY__); snprintf(temp, 81, "Compiled on libc v%d", __GNU_LIBRARY__);
#else #else
sprintf(temp, "Compiled on unknown library"); snprintf(temp, 81, "Compiled on unknown library");
#endif #endif
#endif #endif
center_addstr(12, temp); center_addstr(12, temp);
@ -198,12 +198,12 @@ void site_docs(void)
if (config_read() == -1) if (config_read() == -1)
return; return;
sprintf(temp, "%s/share/doc/site.doc", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/share/doc/site.doc", getenv("MBSE_ROOT"));
mkdirs(temp, 0755); mkdirs(temp, 0755);
if ((fp = fopen(temp, "w")) == NULL) if ((fp = fopen(temp, "w")) == NULL)
return; return;
sprintf(temp1, "%s/tmp/toc.tmp", getenv("MBSE_ROOT")); snprintf(temp1, PATH_MAX, "%s/tmp/toc.tmp", getenv("MBSE_ROOT"));
if ((toc = fopen(temp1, "w+")) == NULL) { if ((toc = fopen(temp1, "w+")) == NULL) {
fclose(fp); fclose(fp);
return; return;
@ -220,7 +220,7 @@ void site_docs(void)
mbse_mvprintw( 7,11, (char *)"Erasing directory %s/share/doc/html", getenv("MBSE_ROOT")); mbse_mvprintw( 7,11, (char *)"Erasing directory %s/share/doc/html", getenv("MBSE_ROOT"));
fflush(stdout); fflush(stdout);
sprintf(temp, "-r -f %s/share/doc/html", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "-r -f %s/share/doc/html", getenv("MBSE_ROOT"));
execute_pth((char *)"rm", temp, (char *)"/dev/null", (char *)"/dev/null", (char *)"/dev/null"); execute_pth((char *)"rm", temp, (char *)"/dev/null", (char *)"/dev/null", (char *)"/dev/null");
if ((hp = open_webdoc((char *)"index.html", (char *)"BBS Site Documentation", NULL))) { if ((hp = open_webdoc((char *)"index.html", (char *)"BBS Site Documentation", NULL))) {
@ -333,9 +333,9 @@ void site_docs(void)
/* /*
* Remove obsolete documents * Remove obsolete documents
*/ */
sprintf(temp, "%s/doc/xref.doc", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/doc/xref.doc", getenv("MBSE_ROOT"));
unlink(temp); unlink(temp);
sprintf(temp, "%s/doc/stat.doc", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/doc/stat.doc", getenv("MBSE_ROOT"));
unlink(temp); unlink(temp);
center_addstr(LINES -4, (char *)"Press any key"); center_addstr(LINES -4, (char *)"Press any key");
@ -412,7 +412,7 @@ int main(int argc, char *argv[])
config_check(getenv("MBSE_ROOT")); config_check(getenv("MBSE_ROOT"));
config_read(); config_read();
if (strlen(CFG.debuglog) == 0) if (strlen(CFG.debuglog) == 0)
sprintf(CFG.debuglog, "debug.log"); snprintf(CFG.debuglog, 15, "debug.log");
InitClient(pw->pw_name, (char *)"mbsetup", CFG.location, CFG.logfile, 0x1f, CFG.error_log, CFG.mgrlog, CFG.debuglog); InitClient(pw->pw_name, (char *)"mbsetup", CFG.location, CFG.logfile, 0x1f, CFG.error_log, CFG.mgrlog, CFG.debuglog);
/* /*

8
mbsetup/mutil.c
View File

@ -4,7 +4,7 @@
* Purpose ...............: Menu Utils * Purpose ...............: Menu Utils
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -122,7 +122,7 @@ void addtoc(FILE *fp, FILE *toc, int chapt, int par, int page, char *title)
char temp[81]; char temp[81];
char *tit; char *tit;
sprintf(temp, "%s ", title); snprintf(temp, 81, "%s ", title);
tit = xstrcpy(title); tit = xstrcpy(title);
tu(tit); tu(tit);
@ -152,7 +152,7 @@ FILE *open_webdoc(char *filename, char *title, char *title2)
time_t now; time_t now;
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/share/doc/html/%s", getenv("MBSE_ROOT"), filename); snprintf(temp, PATH_MAX, "%s/share/doc/html/%s", getenv("MBSE_ROOT"), filename);
mkdirs(temp, 0755); mkdirs(temp, 0755);
if ((fp = fopen(temp, "w+")) == NULL) { if ((fp = fopen(temp, "w+")) == NULL) {
@ -215,7 +215,7 @@ void add_webtable(FILE *fp, char *hstr, char *dstr)
if (strlen(dstr)) if (strlen(dstr))
html_massage(dstr, right, 1023); html_massage(dstr, right, 1023);
else else
sprintf(right, " "); snprintf(right, 1024, " ");
fprintf(fp, "<TR><TH align='left'>%s</TH><TD>%s</TD></TR>\n", left, right); fprintf(fp, "<TR><TH align='left'>%s</TH><TD>%s</TD></TR>\n", left, right);
} }

4
mbsetup/stlist.c
View File

@ -4,7 +4,7 @@
* Purpose ...............: String sorting for databases. * Purpose ...............: String sorting for databases.
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -59,7 +59,7 @@ void fill_stlist(st_list **fdp, char *stringname, long pos)
tmp = (st_list *)malloc(sizeof(st_list)); tmp = (st_list *)malloc(sizeof(st_list));
tmp->next = *fdp; tmp->next = *fdp;
sprintf(tmp->string, "%s", stringname); snprintf(tmp->string, 81, "%s", stringname);
tmp->pos = pos; tmp->pos = pos;
*fdp = tmp; *fdp = tmp;
} }