From 35a7bb72d3846be4dc06ccca3ea1058c855609ec Mon Sep 17 00:00:00 2001 From: Michiel Broek Date: Sun, 28 Aug 2005 10:30:41 +0000 Subject: [PATCH] Secured sprintf with snprintf --- lib/attach.c | 24 ++++++++++++------------ lib/dbcfg.c | 4 ++-- lib/dbdupe.c | 4 ++-- lib/dbfdb.c | 18 +++++++++--------- 4 files changed, 25 insertions(+), 25 deletions(-) diff --git a/lib/attach.c b/lib/attach.c index 4a68ab01..9bc361e6 100644 --- a/lib/attach.c +++ b/lib/attach.c @@ -4,7 +4,7 @@ * Purpose ...............: Attach files to outbound * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -57,7 +57,7 @@ int attach(faddr noden, char *ofile, int mode, char flavor) flofile = calloc(PATH_MAX, sizeof(char)); thefile = calloc(PATH_MAX, sizeof(char)); - sprintf(flofile, "%s", floname(&noden, flavor)); + snprintf(flofile, PATH_MAX -1, "%s", floname(&noden, flavor)); /* * Check if outbound directory exists and @@ -86,33 +86,33 @@ int attach(faddr noden, char *ofile, int mode, char flavor) case LEAVE: if (strlen(CFG.dospath)) { if (CFG.leavecase) - sprintf(thefile, "@%s", Unix2Dos(ofile)); + snprintf(thefile, PATH_MAX -1, "@%s", Unix2Dos(ofile)); else - sprintf(thefile, "@%s", tu(Unix2Dos(ofile))); + snprintf(thefile, PATH_MAX -1, "@%s", tu(Unix2Dos(ofile))); } else { - sprintf(thefile, "@%s", ofile); + snprintf(thefile, PATH_MAX -1, "@%s", ofile); } break; case KFS: if (strlen(CFG.dospath)) { if (CFG.leavecase) - sprintf(thefile, "^%s", Unix2Dos(ofile)); + snprintf(thefile, PATH_MAX -1, "^%s", Unix2Dos(ofile)); else - sprintf(thefile, "^%s", tu(Unix2Dos(ofile))); + snprintf(thefile, PATH_MAX -1, "^%s", tu(Unix2Dos(ofile))); } else { - sprintf(thefile, "^%s", ofile); + snprintf(thefile, PATH_MAX -1, "^%s", ofile); } break; case TFS: if (strlen(CFG.dospath)) { if (CFG.leavecase) - sprintf(thefile, "#%s", Unix2Dos(ofile)); + snprintf(thefile, PATH_MAX -1, "#%s", Unix2Dos(ofile)); else - sprintf(thefile, "#%s", tu(Unix2Dos(ofile))); + snprintf(thefile, PATH_MAX -1, "#%s", tu(Unix2Dos(ofile))); } else { - sprintf(thefile, "#%s", ofile); + snprintf(thefile, PATH_MAX -1, "#%s", ofile); } break; } @@ -168,7 +168,7 @@ int check_flo(faddr *node, char *filename, char flavor) flofile = calloc(PATH_MAX, sizeof(char)); ticfile = calloc(PATH_MAX, sizeof(char)); - sprintf(flofile, "%s", floname(node, flavor)); + snprintf(flofile, PATH_MAX -1, "%s", floname(node, flavor)); Syslog('p', "check_flo: %s", flofile); if ((fp = fopen(flofile, "r+"))) { filepos = 0; diff --git a/lib/dbcfg.c b/lib/dbcfg.c index 9ad623e1..c3609b1a 100644 --- a/lib/dbcfg.c +++ b/lib/dbcfg.c @@ -4,7 +4,7 @@ * Purpose ...............: Config Database. * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -56,7 +56,7 @@ void LoadConfig(void) char *FileName; FileName = calloc(PATH_MAX, sizeof(char)); - sprintf(FileName, "%s/etc/config.data", getenv("MBSE_ROOT")); + snprintf(FileName, PATH_MAX -1, "%s/etc/config.data", getenv("MBSE_ROOT")); if ((pDataFile = fopen(FileName, "r")) == NULL) { perror("\n\nFATAL ERROR:"); printf(" Can't open %s\n", FileName); diff --git a/lib/dbdupe.c b/lib/dbdupe.c index f22cac46..00e7cd60 100644 --- a/lib/dbdupe.c +++ b/lib/dbdupe.c @@ -79,7 +79,7 @@ int CheckDupe(unsigned long crc, int idx, int max) if (!dupes[idx].loaded) { dfile = calloc(PATH_MAX, sizeof(char)); - sprintf(dfile, "%s/etc/%s.dupe", getenv("MBSE_ROOT"), files[idx]); + snprintf(dfile, PATH_MAX -1, "%s/etc/%s.dupe", getenv("MBSE_ROOT"), files[idx]); if ((fil = fopen(dfile, "r+")) == NULL) { /* * Dupe database doesn't exist yet. @@ -155,7 +155,7 @@ void CloseDdb(int idx) start = dupes[idx].count - dupes[idx].max; else start = 0; - sprintf(dfile, "%s/etc/%s.dupe", getenv("MBSE_ROOT"), files[idx]); + snprintf(dfile, PATH_MAX -1, "%s/etc/%s.dupe", getenv("MBSE_ROOT"), files[idx]); if ((fil = fopen(dfile, "w"))) { for (j = start; j < dupes[idx].count; j++) fwrite(&dupes[idx].crcs[j], sizeof(unsigned long), 1, fil); diff --git a/lib/dbfdb.c b/lib/dbfdb.c index 9938df5a..cadc90c7 100644 --- a/lib/dbfdb.c +++ b/lib/dbfdb.c @@ -4,7 +4,7 @@ * Purpose ...............: Files database functions * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -50,7 +50,7 @@ struct _fdbarea *mbsedb_OpenFDB(long Area, int Timeout) temp = calloc(PATH_MAX, sizeof(char)); fdb_area = malloc(sizeof(struct _fdbarea)); /* Will be freed by CloseFDB */ - sprintf(temp, "%s/var/fdb/file%ld.data", getenv("MBSE_ROOT"), Area); + snprintf(temp, PATH_MAX -1, "%s/var/fdb/file%ld.data", getenv("MBSE_ROOT"), Area); /* * Open the file database, if it's locked, just wait. @@ -200,12 +200,12 @@ void mbsedb_Temp2Data(unsigned long fdb_area) * we will give that a new name on disk. Then we move the temp in place. * Finaly remove the old (still locked) original file. */ - sprintf(temp2, "%s/var/fdb/file%ld.data", getenv("MBSE_ROOT"), fdb_area); - sprintf(temp1, "%s/var/fdb/file%ld.xxxx", getenv("MBSE_ROOT"), fdb_area); + snprintf(temp2, PATH_MAX -1, "%s/var/fdb/file%ld.data", getenv("MBSE_ROOT"), fdb_area); + snprintf(temp1, PATH_MAX -1, "%s/var/fdb/file%ld.xxxx", getenv("MBSE_ROOT"), fdb_area); rename(temp2, temp1); - sprintf(temp1, "%s/var/fdb/file%ld.temp", getenv("MBSE_ROOT"), fdb_area); + snprintf(temp1, PATH_MAX -1, "%s/var/fdb/file%ld.temp", getenv("MBSE_ROOT"), fdb_area); rename(temp1, temp2); - sprintf(temp1, "%s/var/fdb/file%ld.xxxx", getenv("MBSE_ROOT"), fdb_area); + snprintf(temp1, PATH_MAX -1, "%s/var/fdb/file%ld.xxxx", getenv("MBSE_ROOT"), fdb_area); unlink(temp1); free(temp1); @@ -241,7 +241,7 @@ int mbsedb_InsertFDB(struct _fdbarea *fdb_area, struct FILE_record frec, int Add * There are files, search the insert point. */ temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/var/fdb/file%ld.temp", getenv("MBSE_ROOT"), fdb_area->area); + snprintf(temp, PATH_MAX -1, "%s/var/fdb/file%ld.temp", getenv("MBSE_ROOT"), fdb_area->area); fseek(fdb_area->fp, fdbhdr.hdrsize, SEEK_SET); Insert = 0; do { @@ -356,7 +356,7 @@ int mbsedb_PackFDB(struct _fdbarea *fdb_area) * There are files, copy the remaining entries */ temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/var/fdb/file%ld.temp", getenv("MBSE_ROOT"), fdb_area->area); + snprintf(temp, PATH_MAX -1, "%s/var/fdb/file%ld.temp", getenv("MBSE_ROOT"), fdb_area->area); if ((fp = fopen(temp, "a+")) == NULL) { WriteError("$Can't create %s", temp); mbsedb_UnlockFDB(fdb_area); @@ -494,7 +494,7 @@ int mbsedb_SortFDB(struct _fdbarea *fdb_area) } temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/var/fdb/file%ld.temp", getenv("MBSE_ROOT"), fdb_area->area); + snprintf(temp, PATH_MAX -1, "%s/var/fdb/file%ld.temp", getenv("MBSE_ROOT"), fdb_area->area); if ((fp = fopen(temp, "a+")) == NULL) { WriteError("$Can't create %s", temp); mbsedb_UnlockFDB(fdb_area);