From 94f92ab25b19a9a3391d12151ad3fc356876c45c Mon Sep 17 00:00:00 2001 From: Michiel Broek Date: Mon, 29 Aug 2005 12:50:02 +0000 Subject: [PATCH] Secured sprintf with snprintf --- mbsebbs/chat.c | 28 ++++---- mbsebbs/dispfile.c | 166 ++++++++++++++++++++++----------------------- 2 files changed, 97 insertions(+), 97 deletions(-) diff --git a/mbsebbs/chat.c b/mbsebbs/chat.c index ad7037ea..8f0be427 100644 --- a/mbsebbs/chat.c +++ b/mbsebbs/chat.c @@ -4,7 +4,7 @@ * Purpose ...............: Sysop to user chat utility * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -45,7 +45,7 @@ int chat_with_sysop = FALSE; /* Global sysop chat flag */ int chatting = FALSE; /* Global chatting flag */ -char rbuf[50][80]; /* Chat receive buffer */ /* FIXME: must be a dynamic buffer */ +char rbuf[50][81]; /* Chat receive buffer */ /* FIXME: must be a dynamic buffer */ int rpointer = 0; /* Chat receive pointer */ int rsize = 5; /* Chat receive size */ extern pid_t mypid; @@ -123,7 +123,7 @@ void DispMsg(char *msg) { int i; - strncpy(rbuf[rpointer], msg, 80); + strncpy(rbuf[rpointer], msg, 81); Showline(2 + rpointer, 1, rbuf[rpointer]); if (rpointer == rsize) { /* @@ -132,7 +132,7 @@ void DispMsg(char *msg) for (i = 0; i <= rsize; i++) { locate(i + 2, 1); clrtoeol(); - sprintf(rbuf[i], "%s", rbuf[i+1]); + snprintf(rbuf[i], 81, "%s", rbuf[i+1]); Showline(i + 2, 1, rbuf[i]); } } else { @@ -194,10 +194,10 @@ void Chat(char *username, char *channel) locate(1, 1); colour(WHITE, BLUE); clrtoeol(); - sprintf(buf, "%-*s", 79, " MBSE BBS Chat Server"); + snprintf(buf, 200, "%-*s", 79, " MBSE BBS Chat Server"); mvprintw(1, 1, buf); - sprintf(buf, "CCON,4,%d,%s,%s,0;", mypid, exitinfo.sUserName, exitinfo.Name); + snprintf(buf, 200, "CCON,4,%d,%s,%s,0;", mypid, exitinfo.sUserName, exitinfo.Name); Syslog('c', "> %s", buf); if (socket_send(buf) == 0) { strncpy(buf, socket_receive(), sizeof(buf)-1); @@ -218,7 +218,7 @@ void Chat(char *username, char *channel) locate(exitinfo.iScreenLen - 2, 1); colour(WHITE, BLUE); clrtoeol(); - sprintf(buf, "%-*s", 79, " Chat, type \"/EXIT\" to exit or \"/HELP\" for help"); + snprintf(buf, 200, "%-*s", 79, " Chat, type \"/EXIT\" to exit or \"/HELP\" for help"); mvprintw(exitinfo.iScreenLen - 2, 1, buf); colour(LIGHTGRAY, BLACK); @@ -231,10 +231,10 @@ void Chat(char *username, char *channel) * commands to the chatserver. */ if (username && channel) { - sprintf(buf, "CPUT:2,%d,/nick %s;", mypid, username); + snprintf(buf, 200, "CPUT:2,%d,/nick %s;", mypid, username); if (socket_send(buf) == 0) strcpy(buf, socket_receive()); - sprintf(buf, "CPUT:2,%d,/join %s;", mypid, channel); + snprintf(buf, 200, "CPUT:2,%d,/join %s;", mypid, channel); if (socket_send(buf) == 0) strcpy(buf, socket_receive()); } @@ -249,7 +249,7 @@ void Chat(char *username, char *channel) */ data = TRUE; while (data) { - sprintf(buf, "CGET:1,%d;", mypid); + snprintf(buf, 200, "CGET:1,%d;", mypid); if (socket_send(buf) == 0) { strncpy(buf, socket_receive(), sizeof(buf)-1); if (strncmp(buf, "100:2,", 6) == 0) { @@ -303,7 +303,7 @@ void Chat(char *username, char *channel) } } else if ((ch == '\r') && curpos) { alarm_on(); - sprintf(buf, "CPUT:2,%d,%s;", mypid, sbuf); + snprintf(buf, 200, "CPUT:2,%d,%s;", mypid, sbuf); Syslog('c', "> %s", buf); if (socket_send(buf) == 0) { strcpy(buf, socket_receive()); @@ -336,7 +336,7 @@ void Chat(char *username, char *channel) */ data = TRUE; while (data) { - sprintf(buf, "CGET:1,%d;", mypid); + snprintf(buf, 200, "CGET:1,%d;", mypid); if (socket_send(buf) == 0) { strncpy(buf, socket_receive(), sizeof(buf)-1); if (strncmp(buf, "100:2,", 6) == 0) { @@ -366,7 +366,7 @@ void Chat(char *username, char *channel) */ /* *** Sysop has terminated chat *** */ - sprintf(buf, "%s", (char *) Language(60)); + snprintf(buf, 200, "%s", (char *) Language(60)); DispMsg(buf); Syslog('+', "Sysop chat ended"); chat_with_sysop = FALSE; @@ -377,7 +377,7 @@ void Chat(char *username, char *channel) /* * Close server connection */ - sprintf(buf, "CCLO,1,%d;", mypid); + snprintf(buf, 200, "CCLO,1,%d;", mypid); Syslog('c', "> %s", buf); if (socket_send(buf) == 0) { strcpy(buf, socket_receive()); diff --git a/mbsebbs/dispfile.c b/mbsebbs/dispfile.c index 62dfaaa6..b667abbe 100644 --- a/mbsebbs/dispfile.c +++ b/mbsebbs/dispfile.c @@ -63,7 +63,7 @@ int TotalUsers(void) struct userrec u; temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/etc/users.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT")); if(( pUsrConfig = fopen(temp,"rb")) == NULL) WriteError("ControlCodeK: Can't open users file %s for reading", temp); else { @@ -97,7 +97,7 @@ void DisplayRules(void) DIR *dp; struct dirent *de; int Found = FALSE; - char temp[128]; + char temp[PATH_MAX]; if ((dp = opendir(CFG.rulesdir)) == NULL) { WriteError("$Can't open directory %s", CFG.rulesdir); @@ -114,21 +114,21 @@ void DisplayRules(void) strcpy(temp, msgs.Tag); if (strcasecmp(de->d_name, temp) == 0) { Found = TRUE; - sprintf(temp, "%s/%s", CFG.rulesdir, de->d_name); + snprintf(temp, PATH_MAX, "%s/%s", CFG.rulesdir, de->d_name); break; } - sprintf(temp, "%s.rul", temp); + snprintf(temp, PATH_MAX, "%s.rul", temp); if (strcasecmp(de->d_name, temp) == 0) { Found = TRUE; - sprintf(temp, "%s/%s", CFG.rulesdir, de->d_name); + snprintf(temp, PATH_MAX, "%s/%s", CFG.rulesdir, de->d_name); break; } memset(&temp, 0, sizeof(temp)); strncpy(temp, msgs.Tag, 8); - sprintf(temp, "%s.rul", temp); + snprintf(temp, PATH_MAX, "%s.rul", temp); if (strcasecmp(de->d_name, temp) == 0) { Found = TRUE; - sprintf(temp, "%s/%s", CFG.rulesdir, de->d_name); + snprintf(temp, PATH_MAX, "%s/%s", CFG.rulesdir, de->d_name); break; } } @@ -247,16 +247,16 @@ int DisplayFile(char *filename) */ pFileName = NULL; if (exitinfo.GraphMode) { - sprintf(newfile, "%s/%s.ans", lang.TextPath, filename); + snprintf(newfile, PATH_MAX, "%s/%s.ans", lang.TextPath, filename); if ((pFileName = fopen(newfile, "rb")) == NULL) { - sprintf(newfile, "%s/%s.ans", CFG.bbs_txtfiles, filename); + snprintf(newfile, PATH_MAX, "%s/%s.ans", CFG.bbs_txtfiles, filename); pFileName = fopen(newfile, "rb"); } } if (pFileName == NULL) { - sprintf(newfile, "%s/%s.asc", lang.TextPath, filename); + snprintf(newfile, PATH_MAX, "%s/%s.asc", lang.TextPath, filename); if ((pFileName = fopen(newfile, "rb")) == NULL) { - sprintf(newfile, "%s/%s.asc", CFG.bbs_txtfiles, filename); + snprintf(newfile, PATH_MAX, "%s/%s.asc", CFG.bbs_txtfiles, filename); if ((pFileName = fopen(newfile, "rb")) == NULL) { free(sFileName); free(tmp); @@ -297,7 +297,7 @@ int DisplayFile(char *filename) x++; strcpy(tmp1, ""); while (*(sFileName + x) != '') { - sprintf(tmp, "%c", *(sFileName + x)); + snprintf(tmp, PATH_MAX, "%c", *(sFileName + x)); strcat(tmp1, tmp); x++; } @@ -357,50 +357,50 @@ void ControlCodeF(int ch) switch (toupper(ch)) { case '!': - sprintf(temp, "%s", exitinfo.sProtocol); + snprintf(temp, 81, "%s", exitinfo.sProtocol); break; case 'A': - sprintf(temp, "%ld", exitinfo.Uploads); + snprintf(temp, 81, "%ld", exitinfo.Uploads); break; case 'B': - sprintf(temp, "%ld", exitinfo.Downloads); + snprintf(temp, 81, "%ld", exitinfo.Downloads); break; case 'C': - sprintf(temp, "%lu", exitinfo.DownloadK); + snprintf(temp, 81, "%lu", exitinfo.DownloadK); break; case 'D': - sprintf(temp, "%lu", exitinfo.UploadK); + snprintf(temp, 81, "%lu", exitinfo.UploadK); break; case 'E': - sprintf(temp, "%lu", exitinfo.DownloadK + exitinfo.UploadK); + snprintf(temp, 81, "%lu", exitinfo.DownloadK + exitinfo.UploadK); break; case 'F': - sprintf(temp, "%lu", LIMIT.DownK); + snprintf(temp, 81, "%lu", LIMIT.DownK); break; case 'H': - sprintf(temp, "%d", iAreaNumber); + snprintf(temp, 81, "%d", iAreaNumber); break; case 'I': - sprintf(temp, "%s", sAreaDesc); + snprintf(temp, 81, "%s", sAreaDesc); break; case 'J': - sprintf(temp, "%u", LIMIT.DownF); + snprintf(temp, 81, "%u", LIMIT.DownF); break; case 'K': - sprintf(temp, "%s", LIMIT.Description); + snprintf(temp, 81, "%s", LIMIT.Description); break; default: - sprintf(temp, " "); + snprintf(temp, 81, " "); } PUTSTR(temp); } @@ -419,147 +419,147 @@ void ControlCodeU(int ch) switch (toupper(ch)) { case 'A': - sprintf(temp, "%s", exitinfo.sUserName); + snprintf(temp, 81, "%s", exitinfo.sUserName); break; case 'B': - sprintf(temp, "%s", exitinfo.sLocation); + snprintf(temp, 81, "%s", exitinfo.sLocation); break; case 'C': - sprintf(temp, "%s", exitinfo.sVoicePhone); + snprintf(temp, 81, "%s", exitinfo.sVoicePhone); break; case 'D': - sprintf(temp, "%s", exitinfo.sDataPhone); + snprintf(temp, 81, "%s", exitinfo.sDataPhone); break; case 'E': - sprintf(temp, "%s", LastLoginDate); + snprintf(temp, 81, "%s", LastLoginDate); break; case 'F': - sprintf(temp, "%s %s", StrDateDMY(exitinfo.tFirstLoginDate), StrTimeHMS(exitinfo.tFirstLoginDate)); + snprintf(temp, 81, "%s %s", StrDateDMY(exitinfo.tFirstLoginDate), StrTimeHMS(exitinfo.tFirstLoginDate)); break; case 'G': - sprintf(temp, "%s", LastLoginTime); + snprintf(temp, 81, "%s", LastLoginTime); break; case 'H': - sprintf(temp, "%d", exitinfo.Security.level); + snprintf(temp, 81, "%d", exitinfo.Security.level); break; case 'I': - sprintf(temp, "%d", exitinfo.iTotalCalls); + snprintf(temp, 81, "%d", exitinfo.iTotalCalls); break; case 'J': - sprintf(temp, "%d", exitinfo.iTimeUsed); + snprintf(temp, 81, "%d", exitinfo.iTimeUsed); break; case 'K': - sprintf(temp, "%d", exitinfo.iConnectTime); + snprintf(temp, 81, "%d", exitinfo.iConnectTime); break; case 'L': - sprintf(temp, "%d", exitinfo.iTimeLeft); + snprintf(temp, 81, "%d", exitinfo.iTimeLeft); break; case 'M': - sprintf(temp, "%d", exitinfo.iScreenLen); + snprintf(temp, 81, "%d", exitinfo.iScreenLen); break; case 'N': - sprintf(temp, "%s", FirstName); + snprintf(temp, 81, "%s", FirstName); break; case 'O': - sprintf(temp, "%s", LastName); + snprintf(temp, 81, "%s", LastName); break; case 'Q': - sprintf(temp, "%s", exitinfo.ieNEWS ? (char *) Language(147) : (char *) Language(148)); + snprintf(temp, 81, "%s", exitinfo.ieNEWS ? (char *) Language(147) : (char *) Language(148)); break; case 'P': - sprintf(temp, "%s", exitinfo.GraphMode ? (char *) Language(147) : (char *) Language(148)); + snprintf(temp, 81, "%s", exitinfo.GraphMode ? (char *) Language(147) : (char *) Language(148)); break; case 'R': - sprintf(temp, "%s", exitinfo.HotKeys ? (char *) Language(147) : (char *) Language(148)); + snprintf(temp, 81, "%s", exitinfo.HotKeys ? (char *) Language(147) : (char *) Language(148)); break; case 'S': - sprintf(temp, "%d", exitinfo.iTimeUsed + exitinfo.iTimeLeft); + snprintf(temp, 81, "%d", exitinfo.iTimeUsed + exitinfo.iTimeLeft); break; case 'T': - sprintf(temp, "%s", exitinfo.sDateOfBirth); + snprintf(temp, 81, "%s", exitinfo.sDateOfBirth); break; case 'U': - sprintf(temp, "%d", exitinfo.iPosted); + snprintf(temp, 81, "%d", exitinfo.iPosted); break; case 'X': - sprintf(temp, "%s", lang.Name); + snprintf(temp, 81, "%s", lang.Name); break; case 'Y': - sprintf(temp, "%s", exitinfo.sHandle); + snprintf(temp, 81, "%s", exitinfo.sHandle); break; case 'Z': - sprintf(temp, "%s", exitinfo.DoNotDisturb ? (char *) Language(147) : (char *) Language(148)); + snprintf(temp, 81, "%s", exitinfo.DoNotDisturb ? (char *) Language(147) : (char *) Language(148)); break; case '1': - sprintf(temp, "%s", exitinfo.MailScan ? (char *) Language(147) : (char *) Language(148)); + snprintf(temp, 81, "%s", exitinfo.MailScan ? (char *) Language(147) : (char *) Language(148)); break; case '2': - sprintf(temp, "%s", exitinfo.ieFILE ? (char *) Language(147) : (char *) Language(148)); + snprintf(temp, 81, "%s", exitinfo.ieFILE ? (char *) Language(147) : (char *) Language(148)); break; case '3': switch(exitinfo.MsgEditor) { - case LINEEDIT: sprintf(temp, "%s", Language(387)); + case LINEEDIT: snprintf(temp, 81, "%s", Language(387)); break; - case FSEDIT: sprintf(temp, "%s", Language(388)); + case FSEDIT: snprintf(temp, 81, "%s", Language(388)); break; - case EXTEDIT: sprintf(temp, "%s", Language(389)); + case EXTEDIT: snprintf(temp, 81, "%s", Language(389)); break; - default: sprintf(temp, "?"); + default: snprintf(temp, 81, "?"); } break; case '4': - sprintf(temp, "%s", exitinfo.FSemacs ? (char *) Language(147) : (char *) Language(148)); + snprintf(temp, 81, "%s", exitinfo.FSemacs ? (char *) Language(147) : (char *) Language(148)); break; case '5': - sprintf(temp, "%s", exitinfo.address[0]); + snprintf(temp, 81, "%s", exitinfo.address[0]); break; case '6': - sprintf(temp, "%s", exitinfo.address[1]); + snprintf(temp, 81, "%s", exitinfo.address[1]); break; case '7': - sprintf(temp, "%s", exitinfo.address[2]); + snprintf(temp, 81, "%s", exitinfo.address[2]); break; case '8': - sprintf(temp, "%s", exitinfo.OL_ExtInfo ? (char *) Language(147) : (char *) Language(148)); + snprintf(temp, 81, "%s", exitinfo.OL_ExtInfo ? (char *) Language(147) : (char *) Language(148)); break; case '9': - sprintf(temp, "%s", getftnchrs(exitinfo.Charset)); + snprintf(temp, 81, "%s", getftnchrs(exitinfo.Charset)); break; default: - sprintf(temp, " "); + snprintf(temp, 81, " "); } PUTSTR(temp); } @@ -574,57 +574,57 @@ void ControlCodeK(int ch) switch (toupper(ch)) { case 'A': - sprintf(temp, "%s", (char *) GetDateDMY()); + snprintf(temp, 81, "%s", (char *) GetDateDMY()); break; case 'B': - sprintf(temp, "%s", (char *) GetLocalHMS()); + snprintf(temp, 81, "%s", (char *) GetLocalHMS()); break; case 'C': - sprintf(temp, "%s", (char *) GLCdate()); + snprintf(temp, 81, "%s", (char *) GLCdate()); break; case 'D': - sprintf(temp, "%s", (char *) GLCdateyy()); + snprintf(temp, 81, "%s", (char *) GLCdateyy()); break; case 'E': - sprintf(temp, "%ld", Speed()); + snprintf(temp, 81, "%ld", Speed()); break; case 'F': - sprintf(temp, "%s", LastCaller); + snprintf(temp, 81, "%s", LastCaller); break; case 'G': - sprintf(temp, "%d", TotalUsers()); + snprintf(temp, 81, "%d", TotalUsers()); break; case 'H': - sprintf(sDataFile, "%s/etc/sysinfo.data", getenv("MBSE_ROOT")); + snprintf(sDataFile, PATH_MAX, "%s/etc/sysinfo.data", getenv("MBSE_ROOT")); if((pCallerLog = fopen(sDataFile, "rb")) != NULL) { fread(&SYSINFO, sizeof(SYSINFO), 1, pCallerLog); - sprintf(temp, "%ld", SYSINFO.SystemCalls); + snprintf(temp, 81, "%ld", SYSINFO.SystemCalls); fclose(pCallerLog); } break; case 'I': - sprintf(temp, "%d", iMsgAreaNumber + 1); + snprintf(temp, 81, "%d", iMsgAreaNumber + 1); break; case 'J': - sprintf(temp, "%s", sMsgAreaDesc); + snprintf(temp, 81, "%s", sMsgAreaDesc); break; case 'K': - sprintf(temp, "%s", Oneliner_Get()); + snprintf(temp, 81, "%s", Oneliner_Get()); break; case 'L': SetMsgArea(iMsgAreaNumber); - sprintf(temp, "%ld", MsgBase.Total); + snprintf(temp, 81, "%ld", MsgBase.Total); break; case 'M': @@ -633,42 +633,42 @@ void ControlCodeK(int ch) if (Msg_GetLastRead(&LR) == TRUE) { if (LR.HighReadMsg > MsgBase.Highest) LR.HighReadMsg = MsgBase.Highest; - sprintf(temp, "%ld", LR.HighReadMsg); + snprintf(temp, 81, "%ld", LR.HighReadMsg); } else - sprintf(temp, "?"); + snprintf(temp, 81, "?"); Msg_Close(); } break; case 'N': - sprintf(temp, "%s", sMailbox); + snprintf(temp, 81, "%s", sMailbox); break; case 'O': SetEmailArea(sMailbox); - sprintf(temp, "%ld", EmailBase.Total); + snprintf(temp, 81, "%ld", EmailBase.Total); break; case 'P': - sprintf(sDataFile, "%s/%s/%s", CFG.bbs_usersdir, exitinfo.Name, sMailbox); + snprintf(sDataFile, PATH_MAX, "%s/%s/%s", CFG.bbs_usersdir, exitinfo.Name, sMailbox); LR.UserID = grecno; if (Msg_Open(sDataFile)) { if (Msg_GetLastRead(&LR) == TRUE) { if (LR.HighReadMsg > EmailBase.Highest) LR.HighReadMsg = EmailBase.Highest; - sprintf(temp, "%ld", LR.HighReadMsg); + snprintf(temp, 81, "%ld", LR.HighReadMsg); } else - sprintf(temp, "?"); + snprintf(temp, 81, "?"); Msg_Close(); } break; case 'Q': - sprintf(temp, "%s %s", StrDateDMY(LastCallerTime), StrTimeHMS(LastCallerTime)); + snprintf(temp, 81, "%s %s", StrDateDMY(LastCallerTime), StrTimeHMS(LastCallerTime)); break; default: - sprintf(temp, " "); + snprintf(temp, 81, " "); }