bbs/deb-mbse
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Secured sprintf with snprintf

Browse Source
This commit is contained in:
Michiel Broek 2005-08-29 10:59:47 +00:00
parent e0fcfc4f59
commit 818bb9e884
7 changed files with 96 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
mbsebbs/mbnewusr.c
View File

@ -4,7 +4,7 @@
* Purpose ...............: New user registration
*
*****************************************************************************
* Copyright (C) 1997-2004
* Copyright (C) 1997-2005
*
* Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10
@ -137,11 +137,11 @@ int main(int argc, char **argv)
}
if (strncmp("/dev/", tty, 5) == 0)
sprintf(pTTY, "%s", tty+5);
snprintf(pTTY, 15, "%s", tty+5);
else if (*tty == '/') {
tty = strrchr(ttyname(0), '/');
++tty;
sprintf(pTTY, "%s", tty);
snprintf(pTTY, 15, "%s", tty);
}
umask(007);
@ -173,7 +173,7 @@ int main(int argc, char **argv)
Fast_Bye(MBERR_OK);
}
sprintf(temp, "MBSE BBS v%s (Release: %s) on %s/%s", VERSION, ReleaseDate, OsName(), OsCPU());
snprintf(temp, 81, "MBSE BBS v%s (Release: %s) on %s/%s", VERSION, ReleaseDate, OsName(), OsCPU());
poutCR(YELLOW, BLACK, temp);
pout(WHITE, BLACK, (char *)COPYRIGHT);
Enter(2);
@ -181,7 +181,7 @@ int main(int argc, char **argv)
/*
* Check if this port is available.
*/
sprintf(temp, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
snprintf(temp, PATH_MAX, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
if ((pTty = fopen(temp, "r")) == NULL) {
WriteError("Can't read %s", temp);
@ -206,10 +206,10 @@ int main(int argc, char **argv)
*/
if (CFG.iConnectString) {
/* Connected on port */
sprintf(temp, "%s\"%s\" ", (char *) Language(348), ttyinfo.comment);
snprintf(temp, 81, "%s\"%s\" ", (char *) Language(348), ttyinfo.comment);
pout(CYAN, BLACK, temp);
/* on */
sprintf(temp, "%s %s", (char *) Language(135), ctime(&ltime));
snprintf(temp, 81, "%s %s", (char *) Language(135), ctime(&ltime));
PUTSTR(temp);
Enter(1);
}

22
mbsebbs/mbsebbs.c
View File

@ -4,7 +4,7 @@
* Purpose ...............: Main startup
*
*****************************************************************************
* Copyright (C) 1997-2004
* Copyright (C) 1997-2005
*
* Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10
@ -143,11 +143,11 @@ int main(int argc, char **argv)
}
if (strncmp("/dev/", tty, 5) == 0)
sprintf(pTTY, "%s", tty+5);
snprintf(pTTY, 15, "%s", tty+5);
else if (*tty == '/') {
tty = strrchr(ttyname(0), '/');
++tty;
sprintf(pTTY, "%s", tty);
snprintf(pTTY, 15, "%s", tty);
}
umask(007);
@ -181,7 +181,7 @@ int main(int argc, char **argv)
clear();
DisplayLogo();
sprintf(temp, "MBSE BBS v%s (Release: %s) on %s/%s", VERSION, ReleaseDate, OsName(), OsCPU());
snprintf(temp, 81, "MBSE BBS v%s (Release: %s) on %s/%s", VERSION, ReleaseDate, OsName(), OsCPU());
poutCR(YELLOW, BLACK, temp);
pout(WHITE, BLACK, (char *)COPYRIGHT);
Enter(2);
@ -190,9 +190,9 @@ int main(int argc, char **argv)
* Check users homedirectory, some *nix systems let users in if no
* homedirectory exists
*/
sprintf(temp, "%s/%s", CFG.bbs_usersdir, sUnixName);
snprintf(temp, PATH_MAX, "%s/%s", CFG.bbs_usersdir, sUnixName);
if (stat(temp, &sb)) {
sprintf(temp, "No homedirectory\r\n\r\n");
snprintf(temp, 81, "No homedirectory\r\n\r\n");
PUTSTR(temp);
WriteError("homedirectory %s doesn't exist", temp);
Quick_Bye(MBERR_OK);
@ -202,7 +202,7 @@ int main(int argc, char **argv)
* Check if this port is available. In iNode we set a fake
* line number, this will be used by doors.
*/
sprintf(temp, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
snprintf(temp, PATH_MAX, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
if ((pTty = fopen(temp, "r")) == NULL) {
WriteError("Can't read %s", temp);
} else {
@ -216,7 +216,7 @@ int main(int argc, char **argv)
if ((strcmp(ttyinfo.tty, pTTY) != 0) || (!ttyinfo.available)) {
Syslog('+', "No BBS allowed on port \"%s\"", pTTY);
sprintf(temp, "No BBS on this port allowed!\r\n\r\n");
snprintf(temp, 81, "No BBS on this port allowed!\r\n\r\n");
PUTSTR(temp);
Free_Language();
Quick_Bye(MBERR_OK);
@ -227,10 +227,10 @@ int main(int argc, char **argv)
*/
if (CFG.iConnectString) {
/* Connected on port */
sprintf(temp, "%s\"%s\" ", (char *) Language(348), ttyinfo.comment);
snprintf(temp, 81, "%s\"%s\" ", (char *) Language(348), ttyinfo.comment);
pout(CYAN, BLACK, temp);
/* on */
sprintf(temp, "%s %s", (char *) Language(135), ctime(&ltime));
snprintf(temp, 81, "%s %s", (char *) Language(135), ctime(&ltime));
PUTSTR(temp);
Enter(1);
}
@ -243,7 +243,7 @@ int main(int argc, char **argv)
/* Next is not usefull */
Syslog('b', "nl_langinfo(LC_CTYPE) returns \"%s\"", printable(nl_langinfo(LC_CTYPE), 0));
sprintf(sMailbox, "mailbox");
snprintf(sMailbox, 21, "mailbox");
colour(LIGHTGRAY, BLACK);
user();
return 0;

22
mbsebbs/menu.c
View File

@ -81,7 +81,7 @@ void InitMenu()
memset(Menus[i], 0, 51);
MenuLevel = 0;
MenuError = 0;
sprintf(Menus[0], "%s", CFG.default_menu);
snprintf(Menus[0], 15, "%s", CFG.default_menu);
}
@ -107,9 +107,9 @@ void menu()
* Open menufile, first users language menu, if it fails
* try to open the default menu.
*/
sprintf(sMenuPathFileName,"%s/%s", lang.MenuPath, Menus[MenuLevel]);
snprintf(sMenuPathFileName, PATH_MAX, "%s/%s", lang.MenuPath, Menus[MenuLevel]);
if ((pMenuFile = fopen(sMenuPathFileName, "r")) == NULL) {
sprintf(sMenuPathFileName,"%s/%s", CFG.bbs_menus, Menus[MenuLevel]);
snprintf(sMenuPathFileName, PATH_MAX, "%s/%s", CFG.bbs_menus, Menus[MenuLevel]);
pMenuFile = fopen(sMenuPathFileName,"r");
if (pMenuFile != NULL)
Syslog('b', "Menu %s (Default)", Menus[MenuLevel]);
@ -127,7 +127,7 @@ void menu()
*/
if (MenuError == 10) {
WriteError("FATAL ERROR: Too many menu errors");
sprintf(temp, "Too many menu errors, notifying Sysop\r\n\r\n");
snprintf(temp, 81, "Too many menu errors, notifying Sysop\r\n\r\n");
PUTSTR(temp);
sleep(3);
die(MBERR_CONFIG_ERROR);
@ -180,7 +180,7 @@ void menu()
if (IsSema((char *)"upsdown")) {
fclose(pMenuFile);
Syslog('+', "Kicking user out, upsdown semafore detected");
sprintf(temp, "System power failure, closing the bbs");
snprintf(temp, 81, "System power failure, closing the bbs");
PUTSTR(temp);
Enter(2);
sleep(3);
@ -191,7 +191,7 @@ void menu()
* Check if SysOp wants to chat to user everytime user gets prompt.
*/
if (CFG.iChatPromptChk) {
sprintf(buf, "CISC:1,%d", mypid);
snprintf(buf, 81, "CISC:1,%d", mypid);
if (socket_send(buf) == 0) {
strcpy(buf, socket_receive());
if (strcmp(buf, "100:1,1;") == 0) {
@ -210,7 +210,7 @@ void menu()
if (exitinfo.HotKeys) {
Key = Readkey();
sprintf(Input, "%c", Key);
snprintf(Input, 81, "%c", Key);
Enter(1);
} else {
colour(CFG.InputColourF, CFG.InputColourB);
@ -302,7 +302,7 @@ void DoMenu(int Type)
if (menus.OptionalData[x] == '~') {
strcat(sPrompt, sUserTimeleft);
} else {
sprintf(temp, "%c", menus.OptionalData[x]);
snprintf(temp, 81, "%c", menus.OptionalData[x]);
strcat(sPrompt, temp);
}
}
@ -315,9 +315,9 @@ void DoMenu(int Type)
else if (*(sPromptBak + x) == '^')
strcat(sPrompt, sMsgAreaDesc);
else if (*(sPromptBak + x) == '#')
sprintf(sPrompt, "%s%s", sPrompt, (char *) GetLocalHM());
snprintf(sPrompt, 81, "%s%s", sPrompt, (char *) GetLocalHM());
else {
sprintf(temp, "%c", *(sPromptBak + x));
snprintf(temp, 81, "%c", *(sPromptBak + x));
strcat(sPrompt, temp);
}
}
@ -384,7 +384,7 @@ void DoMenu(int Type)
for (i = 0; i < strlen(menus.OptionalData); i++)
if (*(menus.OptionalData + i) == '@')
*(menus.OptionalData + i) = '\n';
sprintf(temp, "%s\r\n", menus.OptionalData);
snprintf(temp, 81, "%s\r\n", menus.OptionalData);
PUTSTR(temp);
}
break;

28
mbsebbs/misc.c
View File

@ -69,7 +69,7 @@ int ChkFiles()
/*
* Check if users.data exists, if not create a new one.
*/
sprintf(temp, "%s/etc/users.data", getenv("MBSE_ROOT"));
snprintf(temp, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp,"rb")) == NULL) {
if ((fp = fopen(temp,"wb")) == NULL) {
WriteError("$Can't create %s", temp);
@ -88,7 +88,7 @@ int ChkFiles()
/*
* Check if sysinfo.data exists, if not, create a new one.
*/
sprintf(temp, "%s/etc/sysinfo.data", getenv("MBSE_ROOT"));
snprintf(temp, PATH_MAX, "%s/etc/sysinfo.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "rb")) == NULL) {
if ((fp = fopen(temp, "wb")) == NULL) {
WriteError("$ChkFiles: Can't create %s", temp);
@ -118,7 +118,7 @@ void DisplayLogo()
temp = calloc(PATH_MAX, sizeof(char));
sString = calloc(1024, sizeof(char));
sprintf(temp, "%s/%s", CFG.bbs_txtfiles, CFG.welcome_logo);
snprintf(temp, PATH_MAX, "%s/%s", CFG.bbs_txtfiles, CFG.welcome_logo);
if ((pLogo = fopen(temp,"rb")) == NULL)
WriteError("$DisplayLogo: Can't open %s", temp);
else {
@ -156,11 +156,11 @@ void SaveLastCallers()
* First check if we passed midnight, in that case we create a fresh file.
*/
sFileName = calloc(PATH_MAX, sizeof(char));
sprintf(sFileName,"%s/etc/lastcall.data", getenv("MBSE_ROOT"));
snprintf(sFileName, PATH_MAX, "%s/etc/lastcall.data", getenv("MBSE_ROOT"));
stat(sFileName, &statfile);
sprintf(sFileDate,"%s", StrDateDMY(statfile.st_mtime));
sprintf(sDate,"%s", (char *) GetDateDMY());
snprintf(sFileDate, 9, "%s", StrDateDMY(statfile.st_mtime));
snprintf(sDate, 9, "%s", (char *) GetDateDMY());
if ((strcmp(sDate,sFileDate)) != 0) {
unlink(sFileName);
@ -192,11 +192,11 @@ void SaveLastCallers()
} else {
ReadExitinfo();
memset(&LCALL, 0, sizeof(LCALL));
sprintf(LCALL.UserName,"%s", exitinfo.sUserName);
sprintf(LCALL.Handle,"%s", exitinfo.sHandle);
sprintf(LCALL.Name, "%s", exitinfo.Name);
sprintf(LCALL.TimeOn,"%s", StartTime);
sprintf(LCALL.Device,"%s", pTTY);
snprintf(LCALL.UserName, 36, "%s", exitinfo.sUserName);
snprintf(LCALL.Handle, 36, "%s", exitinfo.sHandle);
snprintf(LCALL.Name, 9, "%s", exitinfo.Name);
snprintf(LCALL.TimeOn, 6, "%s", StartTime);
snprintf(LCALL.Device, 10, "%s", pTTY);
LCALL.SecLevel = exitinfo.Security.level;
LCALL.Calls = exitinfo.iTotalCalls;
LCALL.CallTime = exitinfo.iConnectTime;
@ -207,12 +207,12 @@ void SaveLastCallers()
LCALL.Chat = LC_Chat;
LCALL.Olr = LC_Olr;
LCALL.Door = LC_Door;
sprintf(LCALL.Speed, "%s", ttyinfo.speed);
snprintf(LCALL.Speed, 21, "%s", ttyinfo.speed);
/* If true then set hidden so it doesn't display in lastcallers function */
LCALL.Hidden = exitinfo.Hidden;
sprintf(LCALL.Location,"%s", exitinfo.sLocation);
snprintf(LCALL.Location, 28, "%s", exitinfo.sLocation);
rewind(pGLC); /* ???????????? */
fwrite(&LCALL, sizeof(LCALL), 1, pGLC);
@ -230,7 +230,7 @@ char *GLCdate()
Time_Now = time(NULL);
l_date = localtime(&Time_Now);
sprintf(GLcdate,"%02d-", l_date->tm_mday);
snprintf(GLcdate, 15, "%02d-", l_date->tm_mday);
strcat(GLcdate,GetMonth(l_date->tm_mon+1));
return(GLcdate);

6
mbsebbs/morefile.c
View File

@ -4,7 +4,7 @@
* Purpose ...............: Display file with more
*
*****************************************************************************
* Copyright (C) 1997-2004
* Copyright (C) 1997-2005
*
* Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10
@ -49,7 +49,7 @@ int MoreFile(char *filename)
maxlines = lines = exitinfo.iScreenLen - 2;
if ((fptr = fopen(filename,"r")) == NULL) {
sprintf(Buf, "%s%s", (char *) Language(72), filename);
snprintf(Buf, 81, "%s%s", (char *) Language(72), filename);
pout(LIGHTRED, BLACK, Buf);
Enter(2);
return(0);
@ -69,7 +69,7 @@ int MoreFile(char *filename)
}
if (lines == 0) {
/* More (Y/n/=) */
sprintf(Buf, " %sY\x08", (char *) Language(61));
snprintf(Buf, 81, " %sY\x08", (char *) Language(61));
PUTSTR(Buf);
alarm_on();
input = toupper(getchar());

60
mbsebbs/msgutil.c
View File

@ -95,7 +95,7 @@ char *rfcdate(time_t now)
hr=offset/60L;
min=offset%60L;
sprintf(buf,"%s, %02d %s %04d %02d:%02d:%02d %c%02d%02d",
snprintf(buf,40,"%s, %02d %s %04d %02d:%02d:%02d %c%02d%02d",
wdays[gtm.tm_wday],gtm.tm_mday,months[gtm.tm_mon],
gtm.tm_year+1900,gtm.tm_hour,gtm.tm_min,gtm.tm_sec,
sign,hr,min);
@ -167,55 +167,55 @@ void Add_Headkludges(faddr *dest, int IsReply)
break;
case NETMAIL: Msg.Netmail = TRUE;
sprintf(Msg.FromAddress, "%s", aka2str(msgs.Aka));
sprintf(Msg.ToAddress, "%s", ascfnode(dest, 0x1f));
snprintf(Msg.FromAddress, 101, "%s", aka2str(msgs.Aka));
snprintf(Msg.ToAddress, 101, "%s", ascfnode(dest, 0x1f));
if (msgs.Aka.point) {
sprintf(temp, "\001FMPT %d", msgs.Aka.point);
snprintf(temp, 128, "\001FMPT %d", msgs.Aka.point);
MsgText_Add2(temp);
}
if (dest->point) {
sprintf(temp, "\001TOPT %d", dest->point);
snprintf(temp, 128, "\001TOPT %d", dest->point);
MsgText_Add2(temp);
}
sprintf(temp, "\001INTL %d:%d/%d %d:%d/%d", dest->zone, dest->net,
snprintf(temp, 128, "\001INTL %d:%d/%d %d:%d/%d", dest->zone, dest->net,
dest->node, msgs.Aka.zone, msgs.Aka.net, msgs.Aka.node);
MsgText_Add2(temp);
break;
case LIST: Msg.Echomail = TRUE;
sprintf(Msg.FromAddress, "%s", aka2str(msgs.Aka));
snprintf(Msg.FromAddress, 101, "%s", aka2str(msgs.Aka));
break;
case ECHOMAIL: Msg.Echomail = TRUE;
sprintf(Msg.FromAddress, "%s", aka2str(msgs.Aka));
snprintf(Msg.FromAddress, 101, "%s", aka2str(msgs.Aka));
break;
case NEWS: /*
* Header style is the same as GoldED does.
*/
Msg.News = TRUE;
sprintf(temp, "\001Date: %s", rfcdate(Msg.Written));
snprintf(temp, 101, "\001Date: %s", rfcdate(Msg.Written));
MsgText_Add2(temp);
Node = fido2faddr(msgs.Aka);
sprintf(temp, "\001From: %s", Msg.From);
snprintf(temp, 101, "\001From: %s", Msg.From);
MsgText_Add2(temp);
sprintf(temp, "\001Subject: %s", Msg.Subject);
snprintf(temp, 101, "\001Subject: %s", Msg.Subject);
MsgText_Add2(temp);
sprintf(temp, "\001Sender: %s", Msg.From);
snprintf(temp, 101, "\001Sender: %s", Msg.From);
MsgText_Add2(temp);
tidy_faddr(Node);
MsgText_Add2((char *)"\001To: All");
MsgText_Add2((char *)"\001MIME-Version: 1.0");
if (exitinfo.Charset != FTNC_NONE) {
sprintf(temp, "\001Content-Type: text/plain; charset=%s", getrfcchrs(exitinfo.Charset));
snprintf(temp, PATH_MAX, "\001Content-Type: text/plain; charset=%s", getrfcchrs(exitinfo.Charset));
} else if (msgs.Charset != FTNC_NONE) {
sprintf(temp, "\001Content-Type: text/plain; charset=%s", getrfcchrs(msgs.Charset));
snprintf(temp, PATH_MAX, "\001Content-Type: text/plain; charset=%s", getrfcchrs(msgs.Charset));
} else {
sprintf(temp, "\001Content-Type: text/plain; charset=iso8859-1");
snprintf(temp, PATH_MAX, "\001Content-Type: text/plain; charset=iso8859-1");
}
MsgText_Add2(temp);
MsgText_Add2((char *)"\001Content-Transfer-Encoding: 8bit");
sprintf(temp, "\001X-Mailreader: MBSE BBS %s", VERSION);
snprintf(temp, PATH_MAX, "\001X-Mailreader: MBSE BBS %s", VERSION);
MsgText_Add2(temp);
break;
}
@ -224,29 +224,29 @@ void Add_Headkludges(faddr *dest, int IsReply)
* Set the right charset kludge
*/
if (exitinfo.Charset != FTNC_NONE) {
sprintf(temp, "\001CHRS: %s", getftnchrs(exitinfo.Charset));
snprintf(temp, PATH_MAX, "\001CHRS: %s", getftnchrs(exitinfo.Charset));
} else if (msgs.Charset != FTNC_NONE) {
sprintf(temp, "\001CHRS: %s", getftnchrs(msgs.Charset));
snprintf(temp, PATH_MAX, "\001CHRS: %s", getftnchrs(msgs.Charset));
} else {
sprintf(temp, "\001CHRS: %s", getftnchrs(FTNC_LATIN_1));
snprintf(temp, PATH_MAX, "\001CHRS: %s", getftnchrs(FTNC_LATIN_1));
}
MsgText_Add2(temp);
sprintf(temp, "\001MSGID: %s %08lx", aka2str(msgs.Aka), sequencer());
snprintf(temp, PATH_MAX, "\001MSGID: %s %08lx", aka2str(msgs.Aka), sequencer());
MsgText_Add2(temp);
Msg.MsgIdCRC = upd_crc32(temp, crc, strlen(temp));
if (IsReply) {
sprintf(temp, "\001REPLY: %s", Msg.Replyid);
snprintf(temp, PATH_MAX, "\001REPLY: %s", Msg.Replyid);
MsgText_Add2(temp);
crc = -1;
Msg.ReplyCRC = upd_crc32(temp, crc, strlen(temp));
} else
Msg.ReplyCRC = 0xffffffff;
sprintf(temp, "\001PID: MBSE-BBS %s (%s-%s)", VERSION, OsName(), OsCPU());
snprintf(temp, PATH_MAX, "\001PID: MBSE-BBS %s (%s-%s)", VERSION, OsName(), OsCPU());
MsgText_Add2(temp);
tt = time(NULL);
sprintf(temp, "\001TZUTC: %s", gmtoffset(tt));
snprintf(temp, PATH_MAX, "\001TZUTC: %s", gmtoffset(tt));
MsgText_Add2(temp);
free(temp);
}
@ -270,7 +270,7 @@ void Add_Footkludges(int Quote, char *tear, int HasTear)
* If Quote (message entered at the bbs) we append a signature.
*/
if (Quote) {
sprintf(temp, "%s/%s/.signature", CFG.bbs_usersdir, exitinfo.Name);
snprintf(temp, PATH_MAX, "%s/%s/.signature", CFG.bbs_usersdir, exitinfo.Name);
if ((fp = fopen(temp, "r"))) {
MsgText_Add2((char *)"");
while (fgets(temp, 80, fp)) {
@ -283,7 +283,7 @@ void Add_Footkludges(int Quote, char *tear, int HasTear)
}
if (msgs.Quotes && Quote) {
sprintf(temp, "... %s", Oneliner_Get());
snprintf(temp, 81, "... %s", Oneliner_Get());
MsgText_Add2(temp);
MsgText_Add2((char *)"");
}
@ -295,21 +295,21 @@ void Add_Footkludges(int Quote, char *tear, int HasTear)
if (tear == NULL) {
MsgText_Add2(TearLine());
} else {
sprintf(temp, "--- %s", tear);
snprintf(temp, 81, "--- %s", tear);
MsgText_Add2(temp);
}
}
if ((msgs.Type == ECHOMAIL) || (msgs.Type == LIST)) {
if (msgs.Aka.point)
sprintf(aka, "(%d:%d/%d.%d)", msgs.Aka.zone, msgs.Aka.net, msgs.Aka.node, msgs.Aka.point);
snprintf(aka, 32, "(%d:%d/%d.%d)", msgs.Aka.zone, msgs.Aka.net, msgs.Aka.node, msgs.Aka.point);
else
sprintf(aka, "(%d:%d/%d)", msgs.Aka.zone, msgs.Aka.net, msgs.Aka.node);
snprintf(aka, 32, "(%d:%d/%d)", msgs.Aka.zone, msgs.Aka.net, msgs.Aka.node);
if (strlen(msgs.Origin))
sprintf(temp, " * Origin: %s %s", msgs.Origin, aka);
snprintf(temp, 81, " * Origin: %s %s", msgs.Origin, aka);
else
sprintf(temp, " * Origin: %s %s", CFG.origin, aka);
snprintf(temp, 81, " * Origin: %s %s", CFG.origin, aka);
MsgText_Add2(temp);
}

40
mbsebbs/newuser.c
View File

@ -176,7 +176,7 @@ int newuser()
Enter(2);
/* Your password must contain at least */
language(LIGHTRED, BLACK, 42);
sprintf(temp, "%d ", CFG.password_length);
snprintf(temp, 81, "%d ", CFG.password_length);
PUTSTR(temp);
/* characters! Try again. */
language(WHITE, BLACK, 43);
@ -185,9 +185,9 @@ int newuser()
}
memset(&usrconfig.Password, 0, sizeof(usrconfig.Password));
sprintf(usrconfig.Password, "%s", temp2);
snprintf(usrconfig.Password, Max_passlen +1, "%s", temp2);
alarm_on();
sprintf(UnixName, "%s", (char *) NameCreate(NameGen(FullName), FullName, temp2));
snprintf(UnixName, 9, "%s", (char *) NameCreate(NameGen(FullName), FullName, temp2));
UserCity(mypid, UnixName, (char *)"Unknown");
strcpy(usrconfig.sUserName, FullName);
@ -293,7 +293,7 @@ int newuser()
/* Please enter a longer location */
language(LIGHTRED, BLACK, 50);
Enter(1);
sprintf(temp, "%s%d)", (char *) Language(74), CFG.CityLen);
snprintf(temp, 81, "%s%d)", (char *) Language(74), CFG.CityLen);
PUTSTR(temp);
Enter(1);
} else {
@ -311,7 +311,7 @@ int newuser()
language(LIGHTMAGENTA, BLACK, 474);
Enter(1);
for (i = 0; i < 3; i++) {
sprintf(temp, "%d: ", i+1);
snprintf(temp, 81, "%d: ", i+1);
pout(YELLOW, BLACK, temp);
colour(CFG.InputColourF, CFG.InputColourB);
alarm_on();
@ -364,13 +364,13 @@ int newuser()
if (i == Keystroke(51, 0)) {
/* Male */
sprintf(usrconfig.sSex, "Male");
snprintf(usrconfig.sSex, 8, "Male");
pout(CFG.InputColourF, CFG.InputColourB, (char *) Language(52));
Enter(1);
break;
} else if (i == Keystroke(51, 1)) {
/* Female */
sprintf(usrconfig.sSex, "Female");
snprintf(usrconfig.sSex, 8, "Female");
pout(CFG.InputColourF, CFG.InputColourB, (char *) Language(53));
Enter(1);
break;
@ -382,7 +382,7 @@ int newuser()
}
}
} else /* End of if Statement */
sprintf(usrconfig.sSex, "Unknown"); /* If set off, set to Unknown */
snprintf(usrconfig.sSex, 8, "Unknown"); /* If set off, set to Unknown */
if (CFG.iDOB) {
while (TRUE) {
@ -393,10 +393,10 @@ int newuser()
alarm_on();
GetDate(temp, 10);
sprintf(temp1, "%c%c%c%c", temp[6], temp[7], temp[8], temp[9]);
sprintf(temp2, "%02d", l_date->tm_year);
snprintf(temp1, 81, "%c%c%c%c", temp[6], temp[7], temp[8], temp[9]);
snprintf(temp2, 81, "%02d", l_date->tm_year);
iLang = atoi(temp2) + 1900;
sprintf(temp2, "%04d", iLang);
snprintf(temp2, 81, "%04d", iLang);
if ((strcmp(temp1,temp2)) == 0) {
Enter(1);
@ -472,7 +472,7 @@ int newuser()
usrconfig.iLastFileArea = 1;
usrconfig.iLastMsgArea = 1;
sprintf(usrconfig.sProtocol, "%s", (char *) Language(65));
snprintf(usrconfig.sProtocol, 21, "%s", (char *) Language(65));
usrconfig.DoNotDisturb = FALSE;
switch (CFG.AskNewmail) {
@ -537,7 +537,7 @@ int newuser()
/*
* Search a free slot in the users datafile
*/
sprintf(temp, "%s/etc/users.data", getenv("MBSE_ROOT"));
snprintf(temp, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT"));
if ((pUsrConfig = fopen(temp, "r+")) == NULL) {
WriteError("Can't open file: %s", temp);
ExitClient(MBERR_GENERAL);
@ -572,7 +572,7 @@ int newuser()
/* Login Name : */
pout(LIGHTBLUE, BLACK, (char *) Language(68));
colour(CYAN, BLACK);
sprintf(temp, "%s (%s)", UnixName, FullName);
snprintf(temp, 81, "%s (%s)", UnixName, FullName);
PUTSTR(temp);
Enter(1);
/* Password : */
@ -622,7 +622,7 @@ void Fast_Bye(int onsig)
socket_shutdown(mypid);
temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/tmp/mbnewusr%d", getenv("MBSE_ROOT"), getpid());
snprintf(temp, PATH_MAX, "%s/tmp/mbnewusr%d", getenv("MBSE_ROOT"), getpid());
unlink(temp);
free(temp);
@ -703,8 +703,8 @@ char *NameCreate(char *Name, char *Comment, char *Password)
* Call mbuseradd, this is a special setuid root program to create
* unix acounts and home directories.
*/
sprintf(progname, "%s/bin/mbuseradd", getenv("MBSE_ROOT"));
sprintf(gidstr, "%d", getgid());
snprintf(progname, PATH_MAX, "%s/bin/mbuseradd", getenv("MBSE_ROOT"));
snprintf(gidstr, 10, "%d", getgid());
args[0] = progname;
args[1] = gidstr;
args[2] = Name;
@ -720,7 +720,7 @@ char *NameCreate(char *Name, char *Comment, char *Password)
}
free(gidstr);
sprintf(progname, "%s/bin/mbpasswd", getenv("MBSE_ROOT"));
snprintf(progname, PATH_MAX, "%s/bin/mbpasswd", getenv("MBSE_ROOT"));
memset(args, 0, sizeof(args));
args[0] = progname;
args[1] = Name;
@ -759,7 +759,7 @@ int BadNames(char *Username)
strcpy(User, tl(Username));
sprintf(temp, "%s/etc/badnames.ctl", getenv("MBSE_ROOT"));
snprintf(temp, PATH_MAX, "%s/etc/badnames.ctl", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) != NULL) {
while ((fgets(String, 80, fp)) != NULL) {
strcpy(String, tl(String));
@ -799,7 +799,7 @@ int TelephoneScan(char *Number, char *Name)
temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/users.data", getenv("MBSE_ROOT"));
snprintf(temp, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp,"rb")) != NULL) {
fread(&uhdr, sizeof(uhdr), 1, fp);