bbs/deb-mbse
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Secured sprintf into snprintf

Browse Source
This commit is contained in:
Michiel Broek 2005-08-27 18:04:18 +00:00
parent b8c6dd296c
commit 3db0afe335
4 changed files with 24 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/charset.c
View File

@ -305,7 +305,7 @@ int charset_read_bin(void)
char *name; char *name;
name = calloc(PATH_MAX, sizeof(char)); name = calloc(PATH_MAX, sizeof(char));
sprintf(name, "%s/etc/charset.bin", getenv("MBSE_ROOT")); snprintf(name, PATH_MAX -1, "%s/etc/charset.bin", getenv("MBSE_ROOT"));
if ((fp = fopen(name, "r")) == NULL) { if ((fp = fopen(name, "r")) == NULL) {
WriteError("$Can't open %s", name); WriteError("$Can't open %s", name);
free(name); free(name);

26
lib/clcomm.c
View File

@ -109,15 +109,15 @@ void InitClient(char *user, char *myname, char *where, char *logfname, long logg
exit(MBERR_INIT_ERROR); exit(MBERR_INIT_ERROR);
} }
sprintf(progname, "%s", myname); snprintf(progname, 20, "%s", myname);
sprintf(logfile, "%s", logfname); snprintf(logfile, PATH_MAX -1, "%s", logfname);
sprintf(errfile, "%s", err); snprintf(errfile, PATH_MAX -1, "%s", err);
sprintf(mgrfile, "%s", mgr); snprintf(mgrfile, PATH_MAX -1, "%s", mgr);
sprintf(logdebug, "%s", debug); snprintf(logdebug, PATH_MAX -1, "%s", debug);
loggrade = loggr; loggrade = loggr;
sprintf(cpath, "%s/tmp/%s%d", getenv("MBSE_ROOT"), progname, getpid()); snprintf(cpath, 107, "%s/tmp/%s%d", getenv("MBSE_ROOT"), progname, getpid());
sprintf(spath, "%s/tmp/mbtask", getenv("MBSE_ROOT")); snprintf(spath, 107, "%s/tmp/mbtask", getenv("MBSE_ROOT"));
/* /*
* Store my pid in case a child process is forked and wants to do * Store my pid in case a child process is forked and wants to do
@ -181,7 +181,7 @@ char *SockR(const char *format, ...)
va_end(va_ptr); va_end(va_ptr);
if (socket_send(out) == 0) if (socket_send(out) == 0)
sprintf(buf, "%s", socket_receive()); snprintf(buf, SS_BUFSIZE -1, "%s", socket_receive());
free(out); free(out);
return buf; return buf;
@ -207,7 +207,7 @@ void WriteError(const char *format, ...)
outputstr[i] = ' '; outputstr[i] = ' ';
if (*outputstr == '$') if (*outputstr == '$')
sprintf(outputstr+strlen(outputstr), ": %s", strerror(errno)); snprintf(outputstr+strlen(outputstr), 10239, ": %s", strerror(errno));
if (strlen(outputstr) > (SS_BUFSIZE - 64)) { if (strlen(outputstr) > (SS_BUFSIZE - 64)) {
outputstr[SS_BUFSIZE - 65] = ';'; outputstr[SS_BUFSIZE - 65] = ';';
@ -451,7 +451,7 @@ unsigned long sequencer()
unsigned long seq = 0; unsigned long seq = 0;
buf = calloc(SS_BUFSIZE, sizeof(char)); buf = calloc(SS_BUFSIZE, sizeof(char));
sprintf(buf, "SSEQ:0;"); snprintf(buf, SS_BUFSIZE -1, "SSEQ:0;");
if (socket_send(buf) == 0) { if (socket_send(buf) == 0) {
free(buf); free(buf);
@ -477,10 +477,10 @@ int enoughspace(unsigned long needed)
unsigned long avail = 0L; unsigned long avail = 0L;
buf = calloc(SS_BUFSIZE, sizeof(char)); buf = calloc(SS_BUFSIZE, sizeof(char));
sprintf(buf, "DSPC:1,%ld;", needed); snprintf(buf, SS_BUFSIZE -1, "DSPC:1,%ld;", needed);
if (socket_send(buf) == 0) { if (socket_send(buf) == 0) {
sprintf(buf, "%s", socket_receive()); snprintf(buf, SS_BUFSIZE -1, "%s", socket_receive());
res = strtok(buf, ":"); res = strtok(buf, ":");
cnt = atoi(strtok(NULL, ",")); cnt = atoi(strtok(NULL, ","));
if (cnt == 1) { if (cnt == 1) {
@ -535,7 +535,7 @@ char *printable(char *s, int l)
case '\n': *p++='\\'; *p++='n'; break; case '\n': *p++='\\'; *p++='n'; break;
case '\t': *p++='\\'; *p++='t'; break; case '\t': *p++='\\'; *p++='t'; break;
case '\b': *p++='\\'; *p++='b'; break; case '\b': *p++='\\'; *p++='b'; break;
default: sprintf(p,"\\%02x", (*s & 0xff)); p+=3; break; default: snprintf(p, 5, "\\%02x", (*s & 0xff)); p+=3; break;
} }
s++; s++;
} }

4
lib/client.c
View File

@ -117,7 +117,7 @@ int socket_connect(char *user, char *prg, char *city)
/* /*
* Send the information to the server. * Send the information to the server.
*/ */
sprintf(buf, "AINI:5,%d,%s,%s,%s,%s;", getpid(), tty, user, prg, city); snprintf(buf, SS_BUFSIZE -1, "AINI:5,%d,%s,%s,%s,%s;", getpid(), tty, user, prg, city);
if (socket_send(buf) != 0) { if (socket_send(buf) != 0) {
sock = -1; sock = -1;
return -1; return -1;
@ -198,7 +198,7 @@ int socket_shutdown(pid_t pid)
if (sock == -1) if (sock == -1)
return 0; return 0;
sprintf(buf, "ACLO:1,%d;", pid); snprintf(buf, SS_BUFSIZE -1, "ACLO:1,%d;", pid);
if (socket_send(buf) == 0) { if (socket_send(buf) == 0) {
strcpy(buf, socket_receive()); strcpy(buf, socket_receive());
if (strncmp(buf, "107:0;", 6) != 0) { if (strncmp(buf, "107:0;", 6) != 0) {

16
lib/strutil.c
View File

@ -262,7 +262,7 @@ char *StrTimeHM(time_t date)
struct tm *l_d; struct tm *l_d;
l_d = localtime(&date); l_d = localtime(&date);
sprintf(ttime, "%02d:%02d", l_d->tm_hour, l_d->tm_min); snprintf(ttime, 5, "%02d:%02d", l_d->tm_hour, l_d->tm_min);
return ttime; return ttime;
} }
@ -277,7 +277,7 @@ char *StrTimeHMS(time_t date)
struct tm *l_d; struct tm *l_d;
l_d = localtime(&date); l_d = localtime(&date);
sprintf(ttime, "%02d:%02d:%02d", l_d->tm_hour, l_d->tm_min, l_d->tm_sec); snprintf(ttime, 8, "%02d:%02d:%02d", l_d->tm_hour, l_d->tm_min, l_d->tm_sec);
return ttime; return ttime;
} }
@ -292,7 +292,7 @@ char *GetLocalHM()
time_t T_Now; time_t T_Now;
T_Now = time(NULL); T_Now = time(NULL);
sprintf(gettime,"%s", StrTimeHM(T_Now)); snprintf(gettime, 14, "%s", StrTimeHM(T_Now));
return(gettime); return(gettime);
} }
@ -308,7 +308,7 @@ char *GetLocalHMS()
time_t T_Now; time_t T_Now;
T_Now = time(NULL); T_Now = time(NULL);
sprintf(gettime,"%s", StrTimeHMS(T_Now)); snprintf(gettime, 14, "%s", StrTimeHMS(T_Now));
return(gettime); return(gettime);
} }
@ -323,7 +323,7 @@ char *StrDateMDY(time_t *Clock)
static char cdate[12]; static char cdate[12];
tm = localtime(Clock); tm = localtime(Clock);
sprintf(cdate,"%02d-%02d-%04d", tm->tm_mon+1, tm->tm_mday, tm->tm_year+1900); snprintf(cdate, 11, "%02d-%02d-%04d", tm->tm_mon+1, tm->tm_mday, tm->tm_year+1900);
return(cdate); return(cdate);
} }
@ -338,7 +338,7 @@ char *StrDateDMY(time_t date)
struct tm *l_d; struct tm *l_d;
l_d = localtime(&date); l_d = localtime(&date);
sprintf(tdate, "%02d-%02d-%04d", l_d->tm_mday, l_d->tm_mon+1, l_d->tm_year+1900); snprintf(tdate, 14, "%02d-%02d-%04d", l_d->tm_mday, l_d->tm_mon+1, l_d->tm_year+1900);
return tdate; return tdate;
} }
@ -357,7 +357,7 @@ char *GetDateDMY()
T_Now = time(NULL); T_Now = time(NULL);
l_d = localtime(&T_Now); l_d = localtime(&T_Now);
sprintf(tdate, "%02d-%02d-%04d", l_d->tm_mday,l_d->tm_mon+1,l_d->tm_year+1900); snprintf(tdate, 14, "%02d-%02d-%04d", l_d->tm_mday,l_d->tm_mon+1,l_d->tm_year+1900);
return(tdate); return(tdate);
} }
@ -408,7 +408,7 @@ char *TearLine()
{ {
static char tearline[41]; static char tearline[41];
sprintf(tearline, "--- MBSE BBS v%s (%s-%s)", VERSION, OsName(), OsCPU()); snprintf(tearline, 40, "--- MBSE BBS v%s (%s-%s)", VERSION, OsName(), OsCPU());
return tearline; return tearline;
} }