diff --git a/mbtask/callstat.c b/mbtask/callstat.c index b3a5b14b..a5527d0b 100644 --- a/mbtask/callstat.c +++ b/mbtask/callstat.c @@ -4,7 +4,7 @@ * Purpose ...............: Read mailer last call status * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -44,13 +44,13 @@ char *stsname(faddr *addr) char *p, *domain=NULL, zpref[8]; int i; - sprintf(buf, "%s", CFG.outbound); + snprintf(buf, PATH_MAX, "%s", CFG.outbound); if (CFG.addr4d) { if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone)) zpref[0] = '\0'; else - sprintf(zpref, ".%03x", addr->zone); + snprintf(zpref, 8, ".%03x", addr->zone); } else { /* * If we got a 5d address we use the given domain, if @@ -85,7 +85,7 @@ char *stsname(faddr *addr) if (CFG.aka[i].zone == addr->zone) zpref[0] = '\0'; else - sprintf(zpref, ".%03x", addr->zone); + snprintf(zpref, 8, ".%03x", addr->zone); } else { /* * this is our primary domain @@ -93,16 +93,16 @@ char *stsname(faddr *addr) if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone)) zpref[0]='\0'; else - sprintf(zpref,".%03x",addr->zone); + snprintf(zpref, 8, ".%03x",addr->zone); } } p = buf + strlen(buf); if (addr->point) - sprintf(p,"%s/%04x%04x.pnt/%08x.sts", zpref,addr->net,addr->node,addr->point); + snprintf(p, PATH_MAX - strlen(buf), "%s/%04x%04x.pnt/%08x.sts", zpref,addr->net,addr->node,addr->point); else - sprintf(p,"%s/%04x%04x.sts",zpref,addr->net,addr->node); + snprintf(p, PATH_MAX - strlen(buf), "%s/%04x%04x.sts",zpref,addr->net,addr->node); if (domain) free(domain); diff --git a/mbtask/mbtask.c b/mbtask/mbtask.c index 5c88f21e..a278ac47 100644 --- a/mbtask/mbtask.c +++ b/mbtask/mbtask.c @@ -4,7 +4,7 @@ * Purpose ...............: MBSE BBS Task Manager * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -146,58 +146,58 @@ void load_maincfg(void) /* * Fill Registration defaults */ - sprintf(CFG.bbs_name, "MBSE BBS"); + snprintf(CFG.bbs_name, 36, "MBSE BBS"); uname((struct utsname *)&un); #if defined(__USE_GNU) - sprintf(CFG.sysdomain, "%s.%s", un.nodename, un.domainname); + snprintf(CFG.sysdomain, 36, "%s.%s", un.nodename, un.domainname); #elif defined(__linux__) - sprintf(CFG.sysdomain, "%s.%s", un.nodename, un.__domainname); + snprintf(CFG.sysdomain, 36, "%s.%s", un.nodename, un.__domainname); #elif defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) - sprintf(CFG.sysdomain, "%s", un.nodename); /* No domain in FreeBSD */ + snprintf(CFG.sysdomain, 36, "%s", un.nodename); /* No domain in FreeBSD */ #else #error "Don't know un.domainname on this OS" #endif - sprintf(CFG.comment, "MBSE BBS development"); - sprintf(CFG.origin, "MBSE BBS. Made in the Netherlands"); - sprintf(CFG.location, "Earth"); + snprintf(CFG.comment, 56, "MBSE BBS development"); + snprintf(CFG.origin, 51, "MBSE BBS. Made in the Netherlands"); + snprintf(CFG.location, 36, "Earth"); /* * Fill Filenames defaults */ - sprintf(CFG.logfile, "system.log"); - sprintf(CFG.error_log, "error.log"); - sprintf(CFG.default_menu, "main.mnu"); - sprintf(CFG.current_language, "english.lang"); - sprintf(CFG.chat_log, "chat.log"); - sprintf(CFG.welcome_logo, "logo.asc"); - sprintf(CFG.mgrlog, "manager.log"); - sprintf(CFG.debuglog, "debug.log"); + snprintf(CFG.logfile, 15, "system.log"); + snprintf(CFG.error_log, 15, "error.log"); + snprintf(CFG.default_menu, 15, "main.mnu"); + snprintf(CFG.current_language, 15, "english.lang"); + snprintf(CFG.chat_log, 15, "chat.log"); + snprintf(CFG.welcome_logo, 15, "logo.asc"); + snprintf(CFG.mgrlog, 15, "manager.log"); + snprintf(CFG.debuglog, 15, "debug.log"); /* * Fill Global defaults */ - sprintf(CFG.bbs_menus, "%s/english/menus", getenv("MBSE_ROOT")); - sprintf(CFG.bbs_txtfiles, "%s/english/txtfiles", getenv("MBSE_ROOT")); - sprintf(CFG.bbs_macros, "%s/english/macro", getenv("MBSE_ROOT")); - sprintf(CFG.bbs_usersdir, "%s/home", getenv("MBSE_ROOT")); - sprintf(CFG.nodelists, "%s/var/nodelist", getenv("MBSE_ROOT")); - sprintf(CFG.inbound, "%s/var/unknown", getenv("MBSE_ROOT")); - sprintf(CFG.pinbound, "%s/var/inbound", getenv("MBSE_ROOT")); - sprintf(CFG.outbound, "%s/var/bso/outbound", getenv("MBSE_ROOT")); - sprintf(CFG.msgs_path, "%s/var/msgs", getenv("MBSE_ROOT")); - sprintf(CFG.uxpath, "%s", getenv("MBSE_ROOT")); - sprintf(CFG.badtic, "%s/var/badtic", getenv("MBSE_ROOT")); - sprintf(CFG.ticout, "%s/var/ticqueue", getenv("MBSE_ROOT")); - sprintf(CFG.req_magic, "%s/var/magic", getenv("MBSE_ROOT")); - sprintf(CFG.alists_path, "%s/var/arealists", getenv("MBSE_ROOT")); - sprintf(CFG.out_queue, "%s/var/queue", getenv("MBSE_ROOT")); - sprintf(CFG.rulesdir, "%s/var/rules", getenv("MBSE_ROOT")); + snprintf(CFG.bbs_menus, 65, "%s/english/menus", getenv("MBSE_ROOT")); + snprintf(CFG.bbs_txtfiles, 65, "%s/english/txtfiles", getenv("MBSE_ROOT")); + snprintf(CFG.bbs_macros, 65, "%s/english/macro", getenv("MBSE_ROOT")); + snprintf(CFG.bbs_usersdir, 65, "%s/home", getenv("MBSE_ROOT")); + snprintf(CFG.nodelists, 65, "%s/var/nodelist", getenv("MBSE_ROOT")); + snprintf(CFG.inbound, 65, "%s/var/unknown", getenv("MBSE_ROOT")); + snprintf(CFG.pinbound, 65, "%s/var/inbound", getenv("MBSE_ROOT")); + snprintf(CFG.outbound, 65, "%s/var/bso/outbound", getenv("MBSE_ROOT")); + snprintf(CFG.msgs_path, 65, "%s/var/msgs", getenv("MBSE_ROOT")); + snprintf(CFG.uxpath, 65, "%s", getenv("MBSE_ROOT")); + snprintf(CFG.badtic, 65, "%s/var/badtic", getenv("MBSE_ROOT")); + snprintf(CFG.ticout, 65, "%s/var/ticqueue", getenv("MBSE_ROOT")); + snprintf(CFG.req_magic, 65, "%s/var/magic", getenv("MBSE_ROOT")); + snprintf(CFG.alists_path, 65, "%s/var/arealists", getenv("MBSE_ROOT")); + snprintf(CFG.out_queue, 65, "%s/var/queue", getenv("MBSE_ROOT")); + snprintf(CFG.rulesdir, 65, "%s/var/rules", getenv("MBSE_ROOT")); CFG.leavecase = TRUE; /* * Newfiles reports */ - sprintf(CFG.ftp_base, "%s/ftp/pub", getenv("MBSE_ROOT")); + snprintf(CFG.ftp_base, 65, "%s/ftp/pub", getenv("MBSE_ROOT")); CFG.newdays = 30; CFG.security.level = 20; CFG.new_split = 27; @@ -233,7 +233,7 @@ void load_maincfg(void) CFG.iCrashLevel = 100; CFG.iAttachLevel = 100; CFG.new_groups = 25; - sprintf(CFG.startname, "bbs"); + snprintf(CFG.startname, 9, "bbs"); CFG.freespace = 10; /* @@ -297,7 +297,7 @@ void load_maincfg(void) CFG.ct_Message = TRUE; CFG.ct_TIC = TRUE; CFG.tic_days = 30; - sprintf(CFG.hatchpasswd, "DizIzMyBIGseeKret"); + snprintf(CFG.hatchpasswd, 21, "DizIzMyBIGseeKret"); CFG.tic_systems = 10; CFG.tic_groups = 25; CFG.tic_dupes = 16000; @@ -307,11 +307,11 @@ void load_maincfg(void) */ CFG.maxpktsize = 150; CFG.maxarcsize = 300; - sprintf(CFG.badboard, "%s/var/mail/badmail", getenv("MBSE_ROOT")); - sprintf(CFG.dupboard, "%s/var/mail/dupemail", getenv("MBSE_ROOT")); - sprintf(CFG.popnode, "localhost"); - sprintf(CFG.smtpnode, "localhost"); - sprintf(CFG.nntpnode, "localhost"); + snprintf(CFG.badboard, 65, "%s/var/mail/badmail", getenv("MBSE_ROOT")); + snprintf(CFG.dupboard, 65, "%s/var/mail/dupemail", getenv("MBSE_ROOT")); + snprintf(CFG.popnode, 65, "localhost"); + snprintf(CFG.smtpnode, 65, "localhost"); + snprintf(CFG.nntpnode, 65, "localhost"); CFG.toss_days = 30; CFG.toss_dupes = 16000; CFG.toss_old = 60; @@ -322,7 +322,7 @@ void load_maincfg(void) CFG.UUCPgate.zone = 2; CFG.UUCPgate.net = 292; CFG.UUCPgate.node = 875; - sprintf(CFG.UUCPgate.domain, "fidonet"); + snprintf(CFG.UUCPgate.domain, 13, "fidonet"); CFG.nntpdupes = 16000; CFG.ca_PlusAll = TRUE; CFG.ca_Notify = TRUE; @@ -331,10 +331,10 @@ void load_maincfg(void) CFG.ca_Check = TRUE; for (i = 0; i < 32; i++) { - sprintf(CFG.fname[i], "Flag %d", i+1); - sprintf(CFG.aname[i], "Flag %d", i+1); + snprintf(CFG.fname[i], 17, "Flag %d", i+1); + snprintf(CFG.aname[i], 17, "Flag %d", i+1); } - sprintf(CFG.aname[0], "Everyone"); + snprintf(CFG.aname[0], 17, "Everyone"); /* @@ -342,25 +342,25 @@ void load_maincfg(void) */ CFG.timeoutreset = 3L; CFG.timeoutconnect = 60L; - sprintf(CFG.phonetrans[0].match, "31-255"); - sprintf(CFG.phonetrans[1].match, "31-"); - sprintf(CFG.phonetrans[1].repl, "0"); - sprintf(CFG.phonetrans[2].repl, "00"); + snprintf(CFG.phonetrans[0].match, 21, "31-255"); + snprintf(CFG.phonetrans[1].match, 21, "31-"); + snprintf(CFG.phonetrans[1].repl, 21, "0"); + snprintf(CFG.phonetrans[2].repl, 21, "00"); CFG.IP_Speed = 256000; CFG.dialdelay = 60; - sprintf(CFG.IP_Flags, "ICM,XX,IBN"); + snprintf(CFG.IP_Flags, 31, "ICM,XX,IBN"); CFG.cico_loglevel = DLOG_ALLWAYS | DLOG_ERROR | DLOG_ATTENT | DLOG_NORMAL | DLOG_VERBOSE; /* * WWW defaults */ - sprintf(CFG.www_root, "/var/www/htdocs"); - sprintf(CFG.www_link2ftp, "files"); - sprintf(CFG.www_url, "http://%s", CFG.sysdomain); - sprintf(CFG.www_charset, "ISO 8859-1"); - sprintf(CFG.www_author, "Your Name"); + snprintf(CFG.www_root, 81, "/var/www/htdocs"); + snprintf(CFG.www_link2ftp, 21, "files"); + snprintf(CFG.www_url, 41, "http://%s", CFG.sysdomain); + snprintf(CFG.www_charset, 21, "ISO 8859-1"); + snprintf(CFG.www_author, 41, "Your Name"); if (strlen(_PATH_CONVERT)) - sprintf(CFG.www_convert,"%s -geometry x100", _PATH_CONVERT); + snprintf(CFG.www_convert, 81, "%s -geometry x100", _PATH_CONVERT); CFG.www_files_page = 10; CFG.maxarticles = 500; @@ -383,7 +383,7 @@ void load_maincfg(void) fread(&CFG, sizeof(CFG), 1, fp); fclose(fp); if (strlen(CFG.debuglog) == 0) - sprintf(CFG.debuglog, "debug.log"); + snprintf(CFG.debuglog, 15, "debug.log"); } cfg_time = file_time(cfgfn); @@ -401,19 +401,19 @@ void load_taskcfg(void) if ((fp = fopen(tcfgfn, "r")) == NULL) { memset(&TCFG, 0, sizeof(TCFG)); TCFG.maxload = 1.50; - sprintf(TCFG.zmh_start, "02:30"); - sprintf(TCFG.zmh_end, "03:30"); - sprintf(TCFG.cmd_mailout, "%s/bin/mbfido scan web -quiet", getenv("MBSE_ROOT")); - sprintf(TCFG.cmd_mailin, "%s/bin/mbfido tic toss web -quiet", getenv("MBSE_ROOT")); - sprintf(TCFG.cmd_newnews, "%s/bin/mbfido news web -quiet", getenv("MBSE_ROOT")); - sprintf(TCFG.cmd_mbindex1, "%s/bin/mbindex -quiet", getenv("MBSE_ROOT")); + snprintf(TCFG.zmh_start, 6, "02:30"); + snprintf(TCFG.zmh_end, 6, "03:30"); + snprintf(TCFG.cmd_mailout, 81, "%s/bin/mbfido scan web -quiet", getenv("MBSE_ROOT")); + snprintf(TCFG.cmd_mailin, 81, "%s/bin/mbfido tic toss web -quiet", getenv("MBSE_ROOT")); + snprintf(TCFG.cmd_newnews, 81, "%s/bin/mbfido news web -quiet", getenv("MBSE_ROOT")); + snprintf(TCFG.cmd_mbindex1, 81, "%s/bin/mbindex -quiet", getenv("MBSE_ROOT")); if (strlen(_PATH_GOLDNODE)) - sprintf(TCFG.cmd_mbindex2, "%s -f -q", _PATH_GOLDNODE); - sprintf(TCFG.cmd_msglink, "%s/bin/mbmsg link -quiet", getenv("MBSE_ROOT")); - sprintf(TCFG.cmd_reqindex, "%s/bin/mbfile index -quiet", getenv("MBSE_ROOT")); + snprintf(TCFG.cmd_mbindex2, 81, "%s -f -q", _PATH_GOLDNODE); + snprintf(TCFG.cmd_msglink, 81, "%s/bin/mbmsg link -quiet", getenv("MBSE_ROOT")); + snprintf(TCFG.cmd_reqindex, 81, "%s/bin/mbfile index -quiet", getenv("MBSE_ROOT")); TCFG.max_tcp = 0; - sprintf(TCFG.isp_ping1, "192.168.1.1"); - sprintf(TCFG.isp_ping2, "192.168.1.1"); + snprintf(TCFG.isp_ping1, 41, "192.168.1.1"); + snprintf(TCFG.isp_ping2, 41, "192.168.1.1"); if ((fp = fopen(tcfgfn, "a+")) == NULL) { Syslog('?', "$Can't create %s", tcfgfn); die(MBERR_INIT_ERROR); @@ -450,9 +450,9 @@ pid_t launch(char *cmd, char *opts, char *name, int tasktype) memset(vector, 0, sizeof(vector)); if (opts == NULL) - sprintf(buf, "%s", cmd); + snprintf(buf, PATH_MAX, "%s", cmd); else - sprintf(buf, "%s %s", cmd, opts); + snprintf(buf, PATH_MAX, "%s %s", cmd, opts); i = 0; vector[i++] = strtok(buf," \t\n\0"); @@ -717,7 +717,7 @@ void die(int onsig) */ count = 30; while (count) { - sprintf(temp, "%s", reg_fre()); + snprintf(temp, 80, "%s", reg_fre()); if (strcmp(temp, "100:0;") == 0) { Syslog('+', "Good, no more other programs running"); break; @@ -785,8 +785,8 @@ int locktask(char *root) tempfile = calloc(PATH_MAX, sizeof(char)); lockfile = calloc(PATH_MAX, sizeof(char)); - sprintf(tempfile, "%s/var/run/mbtask.tmp", root); - sprintf(lockfile, "%s/var/run/mbtask", root); + snprintf(tempfile, PATH_MAX, "%s/var/run/mbtask.tmp", root); + snprintf(lockfile, PATH_MAX, "%s/var/run/mbtask", root); if ((fp = fopen(tempfile, "w")) == NULL) { perror("mbtask"); @@ -857,7 +857,7 @@ void ulocktask(void) pw = getpwnam((char *)"mbse"); lockfile = calloc(PATH_MAX, sizeof(char)); - sprintf(lockfile, "%s/var/run/mbtask", pw->pw_dir); + snprintf(lockfile, PATH_MAX, "%s/var/run/mbtask", pw->pw_dir); if ((fp = fopen(lockfile, "r")) == NULL) { WriteError("$Can't open lockfile \"%s\"", lockfile); @@ -1131,19 +1131,19 @@ void *scheduler(void) */ memset(&doing, 0, sizeof(doing)); if ((running = checktasks(0))) - sprintf(doing, "Run %d tasks", running); + snprintf(doing, 32, "Run %d tasks", running); else if (UPSdown) - sprintf(doing, "UPS shutdown"); + snprintf(doing, 32, "UPS shutdown"); else if (UPSalarm) - sprintf(doing, "UPS alarm"); + snprintf(doing, 32, "UPS alarm"); else if (!s_bbsopen) - sprintf(doing, "BBS is closed"); + snprintf(doing, 32, "BBS is closed"); else if (Processing) - sprintf(doing, "%s", waitmsg); + snprintf(doing, 32, "%s", waitmsg); else - sprintf(doing, "Overload %2.2f", Load); + snprintf(doing, 32, "Overload %2.2f", Load); - sprintf(reginfo[0].doing, "%s", doing); + snprintf(reginfo[0].doing, 36, "%s", doing); reginfo[0].lastcon = time(NULL); /* @@ -1377,14 +1377,14 @@ void *scheduler(void) switch (calllist[call_entry].callmode) { case CM_ISDN: for (tpl = pl; tpl; tpl = tpl->next) { if (!tpl->locked && (tpl->dflags & calllist[call_entry].diflags)) { - sprintf(port, "-l %s ", tpl->tty); + snprintf(port, 21, "-l %s ", tpl->tty); break; } } break; case CM_POTS: for (tpl = pl; tpl; tpl = tpl->next) { if (!tpl->locked && (tpl->mflags & calllist[call_entry].moflags)) { - sprintf(port, "-l %s ", tpl->tty); + snprintf(port, 21, "-l %s ", tpl->tty); break; } } @@ -1393,11 +1393,11 @@ void *scheduler(void) break; } if (calllist[call_entry].addr.point) { - sprintf(opts, "%sp%u.f%u.n%u.z%u.%s", port, calllist[call_entry].addr.point, + snprintf(opts, 41, "%sp%u.f%u.n%u.z%u.%s", port, calllist[call_entry].addr.point, calllist[call_entry].addr.node, calllist[call_entry].addr.net, calllist[call_entry].addr.zone, calllist[call_entry].addr.domain); } else { - sprintf(opts, "%sf%u.n%u.z%u.%s", port, calllist[call_entry].addr.node, calllist[call_entry].addr.net, + snprintf(opts, 41, "%sf%u.n%u.z%u.%s", port, calllist[call_entry].addr.node, calllist[call_entry].addr.net, calllist[call_entry].addr.zone, calllist[call_entry].addr.domain); } calllist[call_entry].taskpid = launch(cmd, opts, (char *)"mbcico", calllist[call_entry].callmode); @@ -1491,7 +1491,7 @@ int main(int argc, char **argv) exit(MBERR_NO_PROGLOCK); } - sprintf(cfgfn, "%s/etc/config.data", getenv("MBSE_ROOT")); + snprintf(cfgfn, PATH_MAX, "%s/etc/config.data", getenv("MBSE_ROOT")); load_maincfg(); if (nodaemon) printf("main config loaded\n"); @@ -1506,15 +1506,16 @@ int main(int argc, char **argv) if (nodaemon) Syslog('+', "Starting in no-daemon mode"); - sprintf(tcfgfn, "%s/etc/task.data", getenv("MBSE_ROOT")); + snprintf(tcfgfn, PATH_MAX, "%s/etc/task.data", getenv("MBSE_ROOT")); load_taskcfg(); + status_init(); memset(&task, 0, sizeof(task)); memset(®info, 0, sizeof(reginfo)); memset(&calllist, 0, sizeof(calllist)); - sprintf(spath, "%s/tmp/mbtask", getenv("MBSE_ROOT")); - sprintf(ttyfn, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT")); + snprintf(spath, PATH_MAX, "%s/tmp/mbtask", getenv("MBSE_ROOT")); + snprintf(ttyfn, PATH_MAX, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT")); initnl(); load_ports(); check_ports(); @@ -1583,7 +1584,7 @@ int main(int argc, char **argv) * in the lockfile before leaving. */ lockfile = calloc(PATH_MAX, sizeof(char)); - sprintf(lockfile, "%s/var/run/mbtask", pw->pw_dir); + snprintf(lockfile, PATH_MAX, "%s/var/run/mbtask", pw->pw_dir); if ((fp = fopen(lockfile, "w"))) { fprintf(fp, "%10u\n", frk); fclose(fp); diff --git a/mbtask/outstat.c b/mbtask/outstat.c index 5e8cf883..f882c443 100644 --- a/mbtask/outstat.c +++ b/mbtask/outstat.c @@ -4,7 +4,7 @@ * Purpose ...............: mbtask - Scan mail outbound status * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -68,7 +68,7 @@ int load_node(fidoaddr n) int i, j = 0; temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/etc/nodes.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/nodes.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { free(temp); memset(&nodes, 0, sizeof(nodes)); @@ -103,9 +103,9 @@ char *size_str(long size) static char fmt[25]; if (size > 1048575) { - sprintf(fmt, "%ldK", size / 1024); + snprintf(fmt, 25, "%ldK", size / 1024); } else { - sprintf(fmt, "%ld ", size); + snprintf(fmt, 25, "%ld ", size); } return fmt; } @@ -199,7 +199,7 @@ void checkdir(char *boxpath, faddr *fa, char flavor) if ((dp = opendir(boxpath)) != NULL) { while ((de = readdir(dp))) { if (strcmp(de->d_name, ".") && strcmp(de->d_name, "..")) { - sprintf(temp, "%s/%s", boxpath, de->d_name); + snprintf(temp, PATH_MAX, "%s/%s", boxpath, de->d_name); if (stat(temp, &sb) == 0) { if (S_ISREG(sb.st_mode)) { if (pw->pw_uid == sb.st_uid) { @@ -288,7 +288,7 @@ int outstat() #endif uhour = tm.tm_hour; umin = tm.tm_min; - sprintf(utc, "%02d:%02d", uhour, umin); + snprintf(utc, 6, "%02d:%02d", uhour, umin); Syslog('+', "Scanning outbound at %s UTC.", utc); nxt_hour = 24; nxt_min = 0; @@ -312,7 +312,7 @@ int outstat() * Check private outbound box for nodes in the setup. */ temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/etc/nodes.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/nodes.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { Syslog('?', "Error open %s, aborting", temp); free(temp); @@ -355,7 +355,7 @@ int outstat() Syslog('o', "Checking T-Mail short box \"%s\"", CFG.tmailshort); while ((de = readdir(dp))) { if (strcmp(de->d_name, ".") && strcmp(de->d_name, "..")) { - sprintf(temp, "%s/%s", CFG.tmailshort, de->d_name); + snprintf(temp, PATH_MAX, "%s/%s", CFG.tmailshort, de->d_name); if (stat(temp, &sb) == 0) { Syslog('o' ,"checking \"%s\"", de->d_name); if (S_ISDIR(sb.st_mode)) { @@ -413,13 +413,13 @@ int outstat() Syslog('o', "Checking T-Mail long box \"%s\"", CFG.tmaillong); while ((de = readdir(dp))) { if (strcmp(de->d_name, ".") && strcmp(de->d_name, "..")) { - sprintf(temp, "%s/%s", CFG.tmaillong, de->d_name); + snprintf(temp, PATH_MAX, "%s/%s", CFG.tmaillong, de->d_name); if (stat(temp, &sb) == 0) { Syslog('o' ,"checking \"%s\"", de->d_name); if (S_ISDIR(sb.st_mode)) { char c, d; int n; - sprintf(temp2, "%s", de->d_name); + snprintf(temp2, PATH_MAX, "%s", de->d_name); fa = (faddr*)malloc(sizeof(faddr)); fa->name = NULL; fa->domain = NULL; @@ -510,14 +510,14 @@ int outstat() tmin = 0; else tmin = 30; - sprintf(as, "%02d:%02d", thour, tmin); + snprintf(as, 6, "%02d:%02d", thour, tmin); set_next(thour, tmin); thour = toupper(tmp->t2) - 'A'; if (isupper(tmp->t2)) tmin = 0; else tmin = 30; - sprintf(be, "%02d:%02d", thour, tmin); + snprintf(be, 6, "%02d:%02d", thour, tmin); set_next(thour, tmin); if (strcmp(as, be) > 0) { /* @@ -691,7 +691,7 @@ int outstat() /* * Show callresult for this node. */ - sprintf(temp, "%s %8s %08x %08x %08x %08x %5d %s %s %s", flstr, size_str(tmp->size), + snprintf(temp, PATH_MAX, "%s %8s %08x %08x %08x %08x %5d %s %s %s", flstr, size_str(tmp->size), (unsigned int)tmp->olflags, (unsigned int)tmp->moflags, (unsigned int)tmp->diflags, (unsigned int)tmp->ipflags, tmp->cst.tryno, callstatus(tmp->cst.trystat), callmode(tmp->callmode), fido2str(tmp->addr, 0x0f)); @@ -723,7 +723,7 @@ int outstat() /* * Log results */ - sprintf(waitmsg, "Next event at %02d:%02d UTC", nxt_hour, nxt_min); + snprintf(waitmsg, 81, "Next event at %02d:%02d UTC", nxt_hour, nxt_min); Syslog('+', "Systems to call: Inet=%d, ISDN=%d, POTS=%d, Next event at %02d:%02d UTC", inet_calls, isdn_calls, pots_calls, nxt_hour, nxt_min); free(temp); @@ -758,7 +758,7 @@ int each(faddr *addr, char flavor, int isflo, char *fname) (*tmp)->addr.net = addr->net; (*tmp)->addr.node = addr->node; (*tmp)->addr.point = addr->point; - sprintf((*tmp)->addr.domain, "%s", addr->domain); + snprintf((*tmp)->addr.domain, 13, "%s", addr->domain); if (nlent->addr.domain) free(nlent->addr.domain); if (nlent->url) diff --git a/mbtask/ping.c b/mbtask/ping.c index 539766ad..bb6177d0 100644 --- a/mbtask/ping.c +++ b/mbtask/ping.c @@ -4,7 +4,7 @@ * Purpose ...............: mbtask - ping functions * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -353,14 +353,14 @@ printf("Start ping thread\n"); if (pingnr == 1) { pingnr = 2; if (strlen(TCFG.isp_ping2)) { - sprintf(pingaddress, "%s", TCFG.isp_ping2); + snprintf(pingaddress, 41, "%s", TCFG.isp_ping2); } else { pingresult[2] = FALSE; } } else { pingnr = 1; if (strlen(TCFG.isp_ping1)) { - sprintf(pingaddress, "%s", TCFG.isp_ping1); + snprintf(pingaddress, 41, "%s", TCFG.isp_ping1); } else { pingresult[1] = FALSE; } diff --git a/mbtask/ports.c b/mbtask/ports.c index ba85f7e6..c510ed11 100644 --- a/mbtask/ports.c +++ b/mbtask/ports.c @@ -4,7 +4,7 @@ * Purpose ...............: mbtask - mode portlists * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -191,7 +191,7 @@ void check_ports(void) pots_free = isdn_free = 0; for (tpl = pl; tpl; tpl = tpl->next) { - sprintf(lckname, "%s%s", LCKPREFIX, tpl->tty); + snprintf(lckname, 256, "%s%s", LCKPREFIX, tpl->tty); if ((lf = fopen(lckname, "r")) == NULL) { if (tpl->locked) { tpl->locked = 0; diff --git a/mbtask/scanout.c b/mbtask/scanout.c index ba3bcb3e..fe9866a6 100644 --- a/mbtask/scanout.c +++ b/mbtask/scanout.c @@ -4,7 +4,7 @@ * Purpose ...............: Outbound scanning * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -67,7 +67,7 @@ static int scan_dir(int (*fn)(faddr *, char, int, char *), char *dname, int ispo /* * Create a fake filename, mkdirs() likes that. */ - sprintf(fname, "%s/foo", dname); + snprintf(fname, PATH_MAX, "%s/foo", dname); (void)mkdirs(fname, 0770); if ((dp = opendir(dname)) == NULL) { Syslog('o' ,"\"%s\" cannot be opened, proceed",MBSE_SS(dname)); @@ -136,7 +136,7 @@ static int scan_dir(int (*fn)(faddr *, char, int, char *), char *dname, int ispo if ((rc = fn(&addr, flavor, isflo, fname))) goto exout; - sprintf(fname, "%s/%s", dname, de->d_name); + snprintf(fname, PATH_MAX, "%s/%s", dname, de->d_name); fage = (int)((t_start - file_time(fname)) / 86400); if (file_size(fname) == 0) { @@ -206,7 +206,7 @@ int scanout(int (*fn)(faddr *, char, int, char *)) */ if (fidonet.zone[j]) { if (j) { - sprintf(fext, ".%03x", fidonet.zone[j]); + snprintf(fext, 5, ".%03x", fidonet.zone[j]); p = xstrcat(p, fext); } addr.zone = fidonet.zone[j]; diff --git a/mbtask/taskchat.c b/mbtask/taskchat.c index 9a1ebae7..ed8d1123 100644 --- a/mbtask/taskchat.c +++ b/mbtask/taskchat.c @@ -119,7 +119,7 @@ void system_msg(pid_t pid, char *msg) Syslog('-', "system_msg(%d, %s) ptr=%d", pid, msg, buffer_head); memset(&chat_messages[buffer_head], 0, sizeof(_chat_messages)); chat_messages[buffer_head].topid = pid; - sprintf(chat_messages[buffer_head].fromname, "Server"); + snprintf(chat_messages[buffer_head].fromname, 36, "Server"); strncpy(chat_messages[buffer_head].message, msg, 80); chat_messages[buffer_head].posted = time(NULL); } @@ -136,7 +136,7 @@ void system_shout(const char *format, ...) usr_list *tmpu; va_start(va_ptr, format); - vsprintf(buf, format, va_ptr); + vsnprintf(buf, 512, format, va_ptr); va_end(va_ptr); for (tmpu = users; tmpu; tmpu = tmpu->next) @@ -199,7 +199,7 @@ int join(pid_t pid, char *channel, int sysop) chnchg = TRUE; chat_dump(); - sprintf(buf, "%s has joined channel %s, now %d users", tmpu->nick, channel, tmp->users); + snprintf(buf, 81, "%s has joined channel %s, now %d users", tmpu->nick, channel, tmp->users); chat_msg(channel, NULL, buf); /* @@ -218,7 +218,7 @@ int join(pid_t pid, char *channel, int sysop) * A new channel must be created, but only the sysop may create the "sysop" channel */ if (!sysop && (strcasecmp(channel, "#sysop") == 0)) { - sprintf(buf, "*** Only the sysop may create channel \"%s\"", channel); + snprintf(buf, 81, "*** Only the sysop may create channel \"%s\"", channel); system_msg(pid, buf); return FALSE; } @@ -238,7 +238,7 @@ int join(pid_t pid, char *channel, int sysop) chnchg = TRUE; srvchg = TRUE; - sprintf(buf, "* Created channel %s", channel); + snprintf(buf, 81, "* Created channel %s", channel); chat_msg(channel, NULL, buf); chat_dump(); if (strcasecmp(channel, "#sysop")) @@ -252,7 +252,7 @@ int join(pid_t pid, char *channel, int sysop) /* * No matching or free channels */ - sprintf(buf, "*** Cannot create chat channel %s, no free channels", channel); + snprintf(buf, 81, "*** Cannot create chat channel %s, no free channels", channel); system_msg(pid, buf); Syslog('+', "%s", buf); return FALSE; @@ -284,7 +284,7 @@ int part(pid_t pid, char *reason) if (reason != NULL) { chat_msg(tmpu->channel, tmpu->nick, reason); } - sprintf(buf, "%s has left channel %s, %d users left", tmpu->nick, tmp->name, tmp->users); + snprintf(buf, 81, "%s has left channel %s, %d users left", tmpu->nick, tmp->name, tmp->users); chat_msg(tmpu->channel, NULL, buf); if (strcasecmp(tmp->name, (char *)"#sysop")) { if (reason && strlen(reason)) @@ -354,13 +354,13 @@ void chat_msg(char *channel, char *nick, char *msg) usr_list *tmpu; if (nick == NULL) - sprintf(buf, "%s", msg); + snprintf(buf, 128, "%s", msg); else - sprintf(buf, "<%s> %s", nick, msg); + snprintf(buf, 128, "<%s> %s", nick, msg); if (CFG.iAutoLog && strlen(CFG.chat_log)) { logm = calloc(PATH_MAX, sizeof(char)); - sprintf(logm, "%s/log/%s", getenv("MBSE_ROOT"), CFG.chat_log); + snprintf(logm, PATH_MAX, "%s/log/%s", getenv("MBSE_ROOT"), CFG.chat_log); ulog(logm, (char *)"+", channel, (char *)"-1", buf); free(logm); } @@ -390,12 +390,12 @@ char *chat_connect(char *data) memset(&buf, 0, sizeof(buf)); if (IsSema((char *)"upsalarm")) { - sprintf(buf, "100:1,*** Power failure, running on UPS;"); + snprintf(buf, 200, "100:1,*** Power failure, running on UPS;"); return buf; } if (s_bbsopen == FALSE) { - sprintf(buf, "100:1,*** The BBS is closed now;"); + snprintf(buf, 200, "100:1,*** The BBS is closed now;"); return buf; } @@ -431,25 +431,25 @@ char *chat_connect(char *data) /* * Now put welcome message into the ringbuffer and report success. */ - sprintf(buf, "MBSE BBS v%s chat server; type /help for help", VERSION); + snprintf(buf, 200, "MBSE BBS v%s chat server; type /help for help", VERSION); system_msg(tmpu->pid, buf); - sprintf(buf, "Welcome to the Internet BBS Chat Network"); + snprintf(buf, 200, "Welcome to the Internet BBS Chat Network"); system_msg(tmpu->pid, buf); - sprintf(buf, "Current connected servers:"); + snprintf(buf, 200, "Current connected servers:"); system_msg(tmpu->pid, buf); for (sl = servers; sl; sl = sl->next) { - sprintf(buf, " %s (%d user%s)", sl->fullname, sl->users, (sl->users == 1) ? "":"s"); + snprintf(buf, 200, " %s (%d user%s)", sl->fullname, sl->users, (sl->users == 1) ? "":"s"); system_msg(tmpu->pid, buf); count += sl->users; } - sprintf(buf, "There %s %d user%s connected", (count != 1)?"are":"is", count, (count != 1)?"s":""); + snprintf(buf, 200, "There %s %d user%s connected", (count != 1)?"are":"is", count, (count != 1)?"s":""); system_msg(tmpu->pid, buf); - sprintf(buf, "100:0;"); + snprintf(buf, 200, "100:0;"); return buf; } } - sprintf(buf, "100:1,Too many users connected;"); + snprintf(buf, 200, "100:1,Too many users connected;"); return buf; } @@ -474,12 +474,12 @@ char *chat_close(char *data) send_all("QUIT %s@%s Leaving chat\r\n", tmpu->name, CFG.myfqdn); del_user(&users, CFG.myfqdn, tmpu->name); Syslog('-', "Closing chat for pid %s", pid); - sprintf(buf, "100:0;"); + snprintf(buf, 200, "100:0;"); return buf; } } Syslog('-', "Pid %s was not connected to chatserver"); - sprintf(buf, "100:1,*** ERROR - Not connected to server;"); + snprintf(buf, 200, "100:1,*** ERROR - Not connected to server;"); return buf; } @@ -499,12 +499,12 @@ char *chat_put(char *data) memset(&buf, 0, sizeof(buf)); if (IsSema((char *)"upsalarm")) { - sprintf(buf, "100:2,1,*** Power alarm, running on UPS;"); + snprintf(buf, 200, "100:2,1,*** Power alarm, running on UPS;"); return buf; } if (s_bbsopen == FALSE) { - sprintf(buf, "100:2,1,*** The BBS is closed now;"); + snprintf(buf, 200, "100:2,1,*** The BBS is closed now;"); return buf; } @@ -523,14 +523,14 @@ char *chat_put(char *data) chat_help(atoi(pid)); goto ack; } else if (strncasecmp(msg, "/echo", 5) == 0) { - sprintf(buf, "%s", msg); + snprintf(buf, 200, "%s", msg); system_msg(tmpu->pid, buf); goto ack; } else if ((strncasecmp(msg, "/exit", 5) == 0) || (strncasecmp(msg, "/quit", 5) == 0) || (strncasecmp(msg, "/bye", 4) == 0)) { part(tmpu->pid, (char *)"Quitting"); - sprintf(buf, "Goodbye"); + snprintf(buf, 200, "Goodbye"); system_msg(tmpu->pid, buf); goto hangup; } else if ((strncasecmp(msg, "/join", 5) == 0) || @@ -540,10 +540,10 @@ char *chat_put(char *data) cmd = strtok(NULL, "\0"); Syslog('-', "\"%s\"", cmd); if ((cmd == NULL) || (cmd[0] != '#') || (strcmp(cmd, "#") == 0)) { - sprintf(buf, "** Try /join #channel"); + snprintf(buf, 200, "** Try /join #channel"); system_msg(tmpu->pid, buf); } else if (strlen(tmpu->channel)) { - sprintf(buf, "** Cannot join while in a channel"); + snprintf(buf, 200, "** Cannot join while in a channel"); system_msg(tmpu->pid, buf); } else { Syslog('-', "Trying to join channel %s", cmd); @@ -555,42 +555,42 @@ char *chat_put(char *data) first = TRUE; for (tmpc = channels; tmpc; tmpc = tmpc->next) { if (first) { - sprintf(buf, "Cnt Channel name Channel topic"); + snprintf(buf, 200, "Cnt Channel name Channel topic"); system_msg(tmpu->pid, buf); - sprintf(buf, "--- -------------------- ------------------------------------------------------"); + snprintf(buf, 200, "--- -------------------- ------------------------------------------------------"); system_msg(tmpu->pid, buf); } first = FALSE; - sprintf(buf, "%3d %-20s %-54s", tmpc->users, tmpc->name, tmpc->topic); + snprintf(buf, 200, "%3d %-20s %-54s", tmpc->users, tmpc->name, tmpc->topic); system_msg(tmpu->pid, buf); } if (first) { - sprintf(buf, "No active channels to list"); + snprintf(buf, 200, "No active channels to list"); system_msg(tmpu->pid, buf); } goto ack; } else if (strncasecmp(msg, "/names", 6) == 0) { if (strlen(tmpu->channel)) { - sprintf(buf, "Present in channel %s:", tmpu->channel); + snprintf(buf, 200, "Present in channel %s:", tmpu->channel); system_msg(tmpu->pid, buf); - sprintf(buf, "Nick Real name Flags"); + snprintf(buf, 200, "Nick Real name Flags"); system_msg(tmpu->pid, buf); - sprintf(buf, "---------------------------------------- ------------------------------ -------"); + snprintf(buf, 200, "---------------------------------------- ------------------------------ -------"); system_msg(tmpu->pid, buf); count = 0; for (tmp = users; tmp; tmp = tmp->next) { if (strcmp(tmp->channel, tmpu->channel) == 0) { - sprintf(temp, "%s@%s", tmp->nick, tmp->server); - sprintf(buf, "%-40s %-30s %s", temp, tmp->realname, + snprintf(temp, 81, "%s@%s", tmp->nick, tmp->server); + snprintf(buf, 200, "%-40s %-30s %s", temp, tmp->realname, tmp->sysop ? (char *)"sysop" : (char *)""); system_msg(tmpu->pid, buf); count++; } } - sprintf(buf, "%d user%s in this channel", count, (count == 1) ?"":"s"); + snprintf(buf, 200, "%d user%s in this channel", count, (count == 1) ?"":"s"); system_msg(tmpu->pid, buf); } else { - sprintf(buf, "** Not in a channel"); + snprintf(buf, 200, "** Not in a channel"); system_msg(tmpu->pid, buf); } goto ack; @@ -598,7 +598,7 @@ char *chat_put(char *data) cmd = strtok(msg, " \0"); cmd = strtok(NULL, "\0"); if ((cmd == NULL) || (strlen(cmd) == 0) || (strlen(cmd) > 9)) { - sprintf(buf, "** Nickname must be between 1 and 9 characters"); + snprintf(buf, 200, "** Nickname must be between 1 and 9 characters"); } else { found = FALSE; for (tmp = users; tmp; tmp = tmp->next) { @@ -609,14 +609,14 @@ char *chat_put(char *data) if (!found ) { strncpy(tmpu->nick, cmd, 9); - sprintf(buf, "Nick set to \"%s\"", cmd); + snprintf(buf, 200, "Nick set to \"%s\"", cmd); system_msg(tmpu->pid, buf); send_all("NICK %s %s %s %s\r\n", tmpu->nick, tmpu->name, CFG.myfqdn, tmpu->realname); usrchg = TRUE; chat_dump(); goto ack; } - sprintf(buf, "Can't set nick"); + snprintf(buf, 200, "Can't set nick"); } system_msg(tmpu->pid, buf); chat_dump(); @@ -627,34 +627,34 @@ char *chat_put(char *data) cmd = strtok(NULL, "\0"); Syslog('-', "\"%s\"", printable(cmd, 0)); if (part(tmpu->pid, cmd ? cmd : (char *)"Quitting") == FALSE) { - sprintf(buf, "** Not in a channel"); + snprintf(buf, 200, "** Not in a channel"); system_msg(tmpu->pid, buf); } chat_dump(); goto ack; } else if (strncasecmp(msg, "/topic", 6) == 0) { if (strlen(tmpu->channel)) { - sprintf(buf, "** Internal system error"); + snprintf(buf, 200, "** Internal system error"); for (tmpc = channels; tmpc; tmpc = tmpc->next) { if (strcmp(tmpu->channel, tmpc->name) == 0) { if ((strcmp(tmpu->name, tmpc->owner) == 0) || (strcmp(tmpu->nick, tmpc->owner) == 0)) { cmd = strtok(msg, " \0"); cmd = strtok(NULL, "\0"); if ((cmd == NULL) || (strlen(cmd) == 0) || (strlen(cmd) > 54)) { - sprintf(buf, "** Topic must be between 1 and 54 characters"); + snprintf(buf, 200, "** Topic must be between 1 and 54 characters"); } else { strncpy(tmpc->topic, cmd, 54); - sprintf(buf, "Topic set to \"%s\"", cmd); + snprintf(buf, 200, "Topic set to \"%s\"", cmd); send_all("TOPIC %s %s\r\n", tmpc->name, tmpc->topic); } } else { - sprintf(buf, "** You are not the channel owner"); + snprintf(buf, 200, "** You are not the channel owner"); } break; } } } else { - sprintf(buf, "** Not in a channel"); + snprintf(buf, 200, "** Not in a channel"); } system_msg(tmpu->pid, buf); chat_dump(); @@ -664,7 +664,7 @@ char *chat_put(char *data) * If still here, the command was not recognized. */ cmd = strtok(msg, " \t\r\n\0"); - sprintf(buf, "*** \"%s\" :Unknown command", cmd+1); + snprintf(buf, 200, "*** \"%s\" :Unknown command", cmd+1); system_msg(tmpu->pid, buf); goto ack; } @@ -673,7 +673,7 @@ char *chat_put(char *data) /* * Trying messages while not in a channel */ - sprintf(buf, "** No channel joined. Try /join #channel"); + snprintf(buf, 200, "** No channel joined. Try /join #channel"); system_msg(tmpu->pid, buf); chat_dump(); goto ack; @@ -686,15 +686,15 @@ char *chat_put(char *data) } } Syslog('-', "Pid %s was not connected to chatserver"); - sprintf(buf, "100:2,1,*** ERROR - Not connected to server;"); + snprintf(buf, 200, "100:2,1,*** ERROR - Not connected to server;"); return buf; ack: - sprintf(buf, "100:0;"); + snprintf(buf, 200, "100:0;"); return buf; hangup: - sprintf(buf, "100:2,1,Disconnecting;"); + snprintf(buf, 200, "100:2,1,Disconnecting;"); return buf; } @@ -711,12 +711,12 @@ char *chat_get(char *data) usr_list *tmpu; if (IsSema((char *)"upsalarm")) { - sprintf(buf, "100:2,1,*** Power failure, running on UPS;"); + snprintf(buf, 200, "100:2,1,*** Power failure, running on UPS;"); return buf; } if (s_bbsopen == FALSE) { - sprintf(buf, "100:2,1,*** The BBS is closed now;"); + snprintf(buf, 200, "100:2,1,*** The BBS is closed now;"); return buf; } @@ -735,16 +735,16 @@ char *chat_get(char *data) /* * Message is for us */ - sprintf(buf, "100:2,0,%s;", chat_messages[tmpu->pointer].message); + snprintf(buf, 200, "100:2,0,%s;", chat_messages[tmpu->pointer].message); Syslog('-', "%s", buf); return buf; } } - sprintf(buf, "100:0;"); + snprintf(buf, 200, "100:0;"); return buf; } } - sprintf(buf, "100:2,1,*** ERROR - Not connected to server;"); + snprintf(buf, 200, "100:2,1,*** ERROR - Not connected to server;"); return buf; } @@ -773,7 +773,7 @@ char *chat_checksysop(char *data) if (atoi(pid) != tmpu->pid) { if (strlen(tmpu->channel) && (strcasecmp(tmpu->channel, "#sysop") == 0) && tmpu->sysop) { Syslog('-', "Sending ACK on check"); - sprintf(buf, "100:1,1;"); + snprintf(buf, 20, "100:1,1;"); reg_sysoptalk(pid); return buf; } @@ -781,7 +781,7 @@ char *chat_checksysop(char *data) } } - sprintf(buf, "100:1,0;"); + snprintf(buf, 20, "100:1,0;"); return buf; } diff --git a/mbtask/taskcomm.c b/mbtask/taskcomm.c index 544f4025..ad229a04 100644 --- a/mbtask/taskcomm.c +++ b/mbtask/taskcomm.c @@ -4,7 +4,7 @@ * Purpose ...............: MBSE BBS Daemon * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -58,12 +58,12 @@ int userlog(char *); int userlog(char *param) { char *prname, *prpid, *grade, *msg; - static char lfn[64], token[14]; + static char lfn[PATH_MAX], token[14]; lfn[0] = '\0'; strcpy(token, strtok(param, ",")); strcpy(token, strtok(NULL, ",")); - sprintf(lfn, "%s/log/%s", getenv("MBSE_ROOT"), token); + snprintf(lfn, PATH_MAX, "%s/log/%s", getenv("MBSE_ROOT"), token); prname = strtok(NULL, ","); prpid = strtok(NULL, ","); grade = strtok(NULL, ","); @@ -111,7 +111,7 @@ char *exe_cmd(char *in) */ if (strncmp(cmd, "AINI", 4) == 0) { if ((result = reg_newcon(token)) != -1) { - sprintf(obuf, "100:1,%d;", result); + snprintf(obuf, SS_BUFSIZE, "100:1,%d;", result); return obuf; } else { stat_inc_serr(); @@ -183,7 +183,7 @@ char *exe_cmd(char *in) */ if (strncmp(cmd, "ALOG", 4) == 0) { if (userlog(token) != 0) - sprintf(obuf, "201:1,%d;", oserr); + snprintf(obuf, SS_BUFSIZE, "201:1,%d;", oserr); return obuf; } @@ -260,7 +260,7 @@ char *exe_cmd(char *in) */ if (strncmp(cmd, "CSPM", 4) == 0) { if ((result = reg_spm(token))) - sprintf(obuf, "100:1,%d;", result); + snprintf(obuf, SS_BUFSIZE, "100:1,%d;", result); return obuf; } @@ -281,7 +281,7 @@ char *exe_cmd(char *in) */ if (strncmp(cmd, "CPAG", 4) == 0) { if ((result = reg_page(token))) { - sprintf(obuf, "100:1,%d;", result); + snprintf(obuf, SS_BUFSIZE, "100:1,%d;", result); Syslog('+', "%s", obuf); } return obuf; @@ -412,7 +412,7 @@ char *exe_cmd(char *in) * 100:n,data; */ if (strncmp(cmd, "GPNG", 4) == 0) { - sprintf(obuf, "100:%s", token); + snprintf(obuf, SS_BUFSIZE, "100:%s", token); return obuf; } @@ -421,7 +421,7 @@ char *exe_cmd(char *in) * 100:1,Version ...; */ if (strncmp(cmd, "GVER", 4) == 0) { - sprintf(obuf, "100:1,Version %s;", VERSION); + snprintf(obuf, SS_BUFSIZE, "100:1,Version %s;", VERSION); return obuf; } @@ -491,11 +491,11 @@ char *exe_cmd(char *in) */ if (strncmp(cmd, "SBBS", 4) == 0) { switch(stat_bbs_stat()) { - case 0: sprintf(obuf, "100:2,0,The system is open for use;"); + case 0: snprintf(obuf, SS_BUFSIZE, "100:2,0,The system is open for use;"); break; - case 1: sprintf(obuf, "100:2,1,The system is closed right now!;"); + case 1: snprintf(obuf, SS_BUFSIZE, "100:2,1,The system is closed right now!;"); break; - case 2: sprintf(obuf, "100:2,2,The system is closed for Zone Mail Hour!;"); + case 2: snprintf(obuf, SS_BUFSIZE, "100:2,2,The system is closed for Zone Mail Hour!;"); break; } return obuf; @@ -584,7 +584,7 @@ void do_cmd(char *cmd) if (logtrans) Syslog('-', "< %s", cmd); - sprintf(buf, "%s", exe_cmd(cmd)); + snprintf(buf, SS_BUFSIZE, "%s", exe_cmd(cmd)); if (logtrans) Syslog('-', "> %s", buf); diff --git a/mbtask/taskdisk.c b/mbtask/taskdisk.c index 31c78e19..23abf047 100644 --- a/mbtask/taskdisk.c +++ b/mbtask/taskdisk.c @@ -239,7 +239,7 @@ char *disk_reset(void) static char buf[10]; disk_reread = TRUE; - sprintf(buf, "100:0;"); + snprintf(buf, 10, "100:0;"); return buf; } @@ -263,7 +263,7 @@ char *disk_check(char *token) /* * Answer Error */ - sprintf(buf, "100:1,3"); + snprintf(buf, SS_BUFSIZE, "100:1,3"); return buf; } @@ -279,9 +279,9 @@ char *disk_check(char *token) Syslog('!', "disk_check() mutex_unlock failed rc=%d", rc); if (lowest < needed) { - sprintf(buf, "100:2,0,%ld;", lowest); + snprintf(buf, SS_BUFSIZE, "100:2,0,%ld;", lowest); } else { - sprintf(buf, "100:2,1,%ld;", lowest); + snprintf(buf, SS_BUFSIZE, "100:2,1,%ld;", lowest); } return buf; } @@ -301,7 +301,7 @@ char *disk_getfs() buf[0] = '\0'; if (mfs == NULL) { - sprintf(buf, "100:0;"); + snprintf(buf, SS_BUFSIZE, "100:0;"); return buf; } @@ -315,7 +315,7 @@ char *disk_getfs() else ans = xstrcat(ans, (char *)","); tt[0] = '\0'; - sprintf(tt, "%lu %lu %s %s %d", tmp->size, tmp->avail, tmp->mountpoint, tmp->fstype, tmp->ro); + snprintf(tt, 80, "%lu %lu %s %s %d", tmp->size, tmp->avail, tmp->mountpoint, tmp->fstype, tmp->ro); ans = xstrcat(ans, tt); if (i == 10) /* No more then 10 filesystems */ break; @@ -324,9 +324,9 @@ char *disk_getfs() Syslog('!', "disk_getfs() mutex_unlock failed rc=%d", rc); if (strlen(ans) > (SS_BUFSIZE - 8)) - sprintf(buf, "100:0;"); + snprintf(buf, SS_BUFSIZE, "100:0;"); else - sprintf(buf, "100:%d%s;", i, ans); + snprintf(buf, SS_BUFSIZE, "100:%d%s;", i, ans); if (ans != NULL) free(ans); @@ -426,9 +426,9 @@ void add_path(char *lpath) * mounted filesystem that matches must be the one we seek. */ if (strncmp(fs, rpath, strlen(fs)) == 0) { - sprintf(fsname, "%s", fs); + snprintf(fsname, PATH_MAX, "%s", fs); fs = strtok(NULL, " \t"); - sprintf(fstype, "%s", fs); + snprintf(fstype, PATH_MAX, "%s", fs); } } fclose(fp); @@ -442,8 +442,8 @@ void add_path(char *lpath) for (i = 0; i < mntsize; i++) { if (strncmp(mntbuf[i].f_mntonname, rpath, strlen(mntbuf[i].f_mntonname)) == 0) { - sprintf(fsname, "%s", mntbuf[i].f_mntonname); - sprintf(fstype, "%s", mntbuf[i].f_fstypename); + snprintf(fsname, PATH_MAX, "%s", mntbuf[i].f_mntonname); + snprintf(fstype, PATH_MAX, "%s", mntbuf[i].f_fstypename); } } fill_mfslist(&mfs, fsname, fstype); @@ -520,7 +520,7 @@ void *disk_thread(void) add_path(CFG.tmaillong); temp = calloc(PATH_MAX, sizeof(char )); - sprintf(temp, "%s/etc/fareas.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/fareas.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r"))) { Syslog('d', "+ %s", temp); fread(&areahdr, sizeof(areahdr), 1, fp); @@ -537,7 +537,7 @@ void *disk_thread(void) if (T_Shutdown) break; - sprintf(temp, "%s/etc/mareas.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/mareas.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r"))) { Syslog('d', "+ %s", temp); fread(&msgshdr, sizeof(msgshdr), 1, fp); @@ -554,7 +554,7 @@ void *disk_thread(void) if (T_Shutdown) break; - sprintf(temp, "%s/etc/language.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/language.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r"))) { Syslog('d', "+ %s", temp); fread(&langhdr, sizeof(langhdr), 1, fp); @@ -573,7 +573,7 @@ void *disk_thread(void) if (T_Shutdown) break; - sprintf(temp, "%s/etc/nodes.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/nodes.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r"))) { Syslog('d', "+ %s", temp); fread(&nodeshdr, sizeof(nodeshdr), 1, fp); @@ -593,7 +593,7 @@ void *disk_thread(void) if (T_Shutdown) break; - sprintf(temp, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r"))) { Syslog('d', "+ %s", temp); fread(&fgrouphdr, sizeof(fgrouphdr), 1, fp); @@ -609,7 +609,7 @@ void *disk_thread(void) if (T_Shutdown) break; - sprintf(temp, "%s/etc/mgroups.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/mgroups.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r"))) { Syslog('d', "+ %s", temp); fread(&mgrouphdr, sizeof(mgrouphdr), 1, fp); @@ -625,7 +625,7 @@ void *disk_thread(void) if (T_Shutdown) break; - sprintf(temp, "%s/etc/hatch.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/hatch.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r"))) { Syslog('d', "+ %s", temp); fread(&hatchhdr, sizeof(hatchhdr), 1, fp); @@ -641,7 +641,7 @@ void *disk_thread(void) if (T_Shutdown) break; - sprintf(temp, "%s/etc/magic.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/magic.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r"))) { Syslog('d', "+ %s", temp); fread(&magichdr, sizeof(magichdr), 1, fp); diff --git a/mbtask/taskibc.c b/mbtask/taskibc.c index d2b71eb6..fbfa31fd 100644 --- a/mbtask/taskibc.c +++ b/mbtask/taskibc.c @@ -516,7 +516,7 @@ void send_all(const char *format, ...) va_list va_ptr; va_start(va_ptr, format); - vsprintf(buf, format, va_ptr); + vsnprintf(buf, 512, format, va_ptr); va_end(va_ptr); for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { @@ -538,7 +538,7 @@ void broadcast(char *origin, const char *format, ...) char buf[512]; va_start(va_ptr, format); - vsprintf(buf, format, va_ptr); + vsnprintf(buf, 512, format, va_ptr); va_end(va_ptr); for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { @@ -559,7 +559,7 @@ int send_msg(ncs_list *tnsl, const char *format, ...) va_list va_ptr; va_start(va_ptr, format); - vsprintf(buf, format, va_ptr); + vsnprintf(buf, 512, format, va_ptr); va_end(va_ptr); Syslog('r', "> %s: %s", tnsl->server, printable(buf, 0)); @@ -583,7 +583,7 @@ void check_servers(void) struct servent *se; struct hostent *he; - sprintf(scfgfn, "%s/etc/ibcsrv.data", getenv("MBSE_ROOT")); + snprintf(scfgfn, PATH_MAX, "%s/etc/ibcsrv.data", getenv("MBSE_ROOT")); /* * Check if configuration is changed, if so then apply the changes. @@ -1247,7 +1247,7 @@ int command_join(char *hostname, char *parameters) pthread_mutex_unlock(&b_mutex); Syslog('+', "IBC: user %s joined channel %s", nick, channel); usrchg = TRUE; - sprintf(msg, "* %s@%s has joined %s", nick, server, channel); + snprintf(msg, 81, "* %s@%s has joined %s", nick, server, channel); chat_msg(channel, NULL, msg); } } @@ -1306,10 +1306,10 @@ int command_part(char *hostname, char *parameters) pthread_mutex_unlock(&b_mutex); if (message) { Syslog('+', "IBC: user %s left channel %s: %s", nick, channel, message); - sprintf(msg, "* %s@%s has left: %s", nick, server, message); + snprintf(msg, 81, "* %s@%s has left: %s", nick, server, message); } else { Syslog('+', "IBC: user %s left channel %s", nick, channel); - sprintf(msg, "* %s@%s has silently left this channel", nick, server); + snprintf(msg, 81, "* %s@%s has silently left this channel", nick, server); } chat_msg(channel, NULL, msg); usrchg = TRUE; @@ -1350,7 +1350,7 @@ int command_topic(char *hostname, char *parameters) chnchg = TRUE; strncpy(tmp->topic, topic, 54); Syslog('+', "IBC: channel %s topic: %s", channel, topic); - sprintf(msg, "* Channel topic is now: %s", tmp->topic); + snprintf(msg, 81, "* Channel topic is now: %s", tmp->topic); chat_msg(channel, NULL, msg); break; } diff --git a/mbtask/taskinfo.c b/mbtask/taskinfo.c index 231ddb2a..1d9aad76 100644 --- a/mbtask/taskinfo.c +++ b/mbtask/taskinfo.c @@ -4,7 +4,7 @@ * Purpose ...............: Give system information * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -44,9 +44,9 @@ char *get_sysinfo(void) char *temp; time_t startdate; - sprintf(buf, "201:1,16;"); + snprintf(buf, SS_BUFSIZE, "201:1,16;"); temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/etc/sysinfo.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/sysinfo.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { free(temp); @@ -56,7 +56,7 @@ char *get_sysinfo(void) if (fread(&SYSINFO, sizeof(SYSINFO), 1, fp) == 1) { startdate = SYSINFO.StartDate; - sprintf(buf, "100:7,%ld,%ld,%ld,%ld,%ld,%s,%s;", SYSINFO.SystemCalls, + snprintf(buf, SS_BUFSIZE, "100:7,%ld,%ld,%ld,%ld,%ld,%s,%s;", SYSINFO.SystemCalls, SYSINFO.Pots, SYSINFO.ISDN, SYSINFO.Network, SYSINFO.Local, ctime(&startdate), SYSINFO.LastCaller); } @@ -74,17 +74,18 @@ char *get_lastcallercount(void) char *temp; FILE *fp; - sprintf(buf, "201:1,16;"); - temp = calloc(128, sizeof(char)); - sprintf(temp, "%s/etc/lastcall.data", getenv("MBSE_ROOT")); + snprintf(buf, SS_BUFSIZE, "201:1,16;"); + temp = calloc(PATH_MAX, sizeof(char)); + snprintf(temp, PATH_MAX, "%s/etc/lastcall.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { free(temp); return buf; } fread(&LCALLhdr, sizeof(LCALLhdr), 1, fp); fseek(fp, 0, SEEK_END); - sprintf(buf, "100:1,%ld;", ((ftell(fp) - LCALLhdr.hdrsize) / LCALLhdr.recsize)); + snprintf(buf, SS_BUFSIZE, "100:1,%ld;", ((ftell(fp) - LCALLhdr.hdrsize) / LCALLhdr.recsize)); fclose(fp); + free(temp); return buf; } @@ -96,9 +97,9 @@ char *get_lastcallerrec(int Rec) char *temp, action[9]; FILE *fp; - sprintf(buf, "201:1,16;"); - temp = calloc(128, sizeof(char)); - sprintf(temp, "%s/etc/lastcall.data", getenv("MBSE_ROOT")); + snprintf(buf, SS_BUFSIZE, "201:1,16;"); + temp = calloc(PATH_MAX, sizeof(char)); + snprintf(temp, PATH_MAX, "%s/etc/lastcall.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { free(temp); return buf; @@ -127,11 +128,12 @@ char *get_lastcallerrec(int Rec) if (LCALL.Door) action[7] = 'E'; action[8] = '\0'; - sprintf(buf, "100:9,%s,%s,%d,%s,%s,%d,%d,%s,%s;", LCALL.UserName, LCALL.Location, + snprintf(buf, SS_BUFSIZE, "100:9,%s,%s,%d,%s,%s,%d,%d,%s,%s;", LCALL.UserName, LCALL.Location, LCALL.SecLevel, LCALL.Device, LCALL.TimeOn, LCALL.CallTime, LCALL.Calls, LCALL.Speed, action); } + free(temp); fclose(fp); return buf; } diff --git a/mbtask/taskregs.c b/mbtask/taskregs.c index e621c772..622f7561 100644 --- a/mbtask/taskregs.c +++ b/mbtask/taskregs.c @@ -4,7 +4,7 @@ * Purpose ...............: Buffers for registration information. * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -389,7 +389,7 @@ char *reg_ipm(char *data) int rec; buf[0] = '\0'; - sprintf(buf, "100:0;"); + snprintf(buf, 128, "100:0;"); cnt = strtok(data, ","); pid = strtok(NULL, ";"); @@ -401,7 +401,7 @@ char *reg_ipm(char *data) return buf; buf[0] = '\0'; - sprintf(buf, "100:2,%s,%s;", reginfo[rec].fname[reginfo[rec].ptr_out], reginfo[rec].msg[reginfo[rec].ptr_out]); + snprintf(buf, 128, "100:2,%s,%s;", reginfo[rec].fname[reginfo[rec].ptr_out], reginfo[rec].msg[reginfo[rec].ptr_out]); if (reginfo[rec].ptr_out < RB) reginfo[rec].ptr_out++; else @@ -463,7 +463,7 @@ int reg_spm(char *data) if (CFG.iAutoLog && strlen(CFG.chat_log)) { logm = calloc(PATH_MAX, sizeof(char)); - sprintf(logm, "%s/log/%s", getenv("MBSE_ROOT"), CFG.chat_log); + snprintf(logm, PATH_MAX, "%s/log/%s", getenv("MBSE_ROOT"), CFG.chat_log); ulog(logm, (char *)"+", from, (char *)"-1", txt); free(logm); } @@ -507,9 +507,9 @@ char *reg_fre(void) } if (users || utils) - sprintf(buf, "100:1,Running utilities: %02d Active users: %02d;", utils, users); + snprintf(buf, 80, "100:1,Running utilities: %02d Active users: %02d;", utils, users); else - sprintf(buf, "100:0;"); + snprintf(buf, 80, "100:0;"); return buf; } @@ -525,7 +525,7 @@ char *get_reginfo(int first) static char buf[256]; memset(&buf, 0, sizeof(buf)); - sprintf(buf, "100:0;"); + snprintf(buf, 256, "100:0;"); /* * Loop forever until an error occours, eof is reached or @@ -542,7 +542,7 @@ char *get_reginfo(int first) return buf; if ((int)reginfo[entrypos].pid != 0) { - sprintf(buf, "100:7,%d,%s,%s,%s,%s,%s,%d;", + snprintf(buf, 256, "100:7,%d,%s,%s,%s,%s,%s,%d;", reginfo[entrypos].pid, reginfo[entrypos].tty, reginfo[entrypos].uname, reginfo[entrypos].prg, reginfo[entrypos].city, reginfo[entrypos].doing, @@ -633,15 +633,15 @@ char *reg_checkpage(char *data) memset(&buf, 0, sizeof(buf)); for (i = 1; i < MAXCLIENT; i++) { if (reginfo[i].pid && reginfo[i].paging) { - sprintf(buf, "100:3,%d,1,%s;", reginfo[i].pid, reginfo[i].reason); + snprintf(buf, 128, "100:3,%d,1,%s;", reginfo[i].pid, reginfo[i].reason); return buf; } if (reginfo[i].pid && reginfo[i].haspaged) { - sprintf(buf, "100:3,%d,0,%s;", reginfo[i].pid, reginfo[i].reason); + snprintf(buf, 128, "100:3,%d,0,%s;", reginfo[i].pid, reginfo[i].reason); return buf; } } - sprintf(buf, "100:0;"); + snprintf(buf, 128, "100:0;"); return buf; } diff --git a/mbtask/taskstat.c b/mbtask/taskstat.c index b1b79e1e..e6d225dd 100644 --- a/mbtask/taskstat.c +++ b/mbtask/taskstat.c @@ -102,7 +102,7 @@ void status_init() size_t cnt; int stat_fd; - sprintf(stat_fn, "%s/var/status.mbsed", getenv("MBSE_ROOT")); + snprintf(stat_fn, PATH_MAX, "%s/var/status.mbsed", getenv("MBSE_ROOT")); /* * First check if this is the very first time we start the show. @@ -224,7 +224,7 @@ int get_zmh() #else l_date = *gmtime(&Now); #endif - sprintf(sstime, "%02d:%02d", l_date.tm_hour, l_date.tm_min); + snprintf(sstime, 6, "%02d:%02d", l_date.tm_hour, l_date.tm_min); if ((strncmp(sstime, TCFG.zmh_start, 5) >= 0) && (strncmp(sstime, TCFG.zmh_end, 5) < 0)) { if (!ZMH) { @@ -319,7 +319,7 @@ char *stat_status() chncnt++; for (tmpu = users; tmpu; tmpu = tmpu->next) usrcnt++; - sprintf(buf, "100:23,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%d,%d,%d,%d,%d,%2.2f,%lu,%d,%d,%d;", + snprintf(buf, 160, "100:23,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%d,%d,%d,%d,%d,%2.2f,%lu,%d,%d,%d;", (long)status.start, (long)status.laststart, (long)status.daily, status.startups, status.clients, status.total.tot_clt, status.total.peak_clt, @@ -360,7 +360,7 @@ char *getseq(void) buf[0] = '\0'; status.sequence++; status_write(); - sprintf(buf, "100:1,%lu;", status.sequence); + snprintf(buf, 80, "100:1,%lu;", status.sequence); return buf; } @@ -413,7 +413,7 @@ char *sem_status(char *data) int value; buf[0] = '\0'; - sprintf(buf, "200:1,16;"); + snprintf(buf, 40, "200:1,16;"); cnt = strtok(data, ","); sem = strtok(NULL, ";"); @@ -442,7 +442,7 @@ char *sem_status(char *data) return buf; } - sprintf(buf, "100:1,%s;", value ? "1":"0"); + snprintf(buf, 40, "100:1,%s;", value ? "1":"0"); return buf; } @@ -456,10 +456,10 @@ char *sem_create(char *data) cnt = strtok(data, ","); sem = strtok(NULL, ";"); buf[0] = '\0'; - sprintf(buf, "200:1,16;"); + snprintf(buf, 40, "200:1,16;"); if (sem_set(sem, TRUE)) - sprintf(buf, "100:0;"); + snprintf(buf, 40, "100:0;"); return buf; } @@ -474,10 +474,10 @@ char *sem_remove(char *data) cnt = strtok(data, ","); sem = strtok(NULL, ";"); buf[0] = '\0'; - sprintf(buf, "200:1,16;"); + snprintf(buf, 40, "200:1,16;"); if (sem_set(sem, FALSE)) - sprintf(buf, "100:0;"); + snprintf(buf, 40, "100:0;"); return buf; } diff --git a/mbtask/taskutil.c b/mbtask/taskutil.c index 141c58dd..20fdd0b8 100644 --- a/mbtask/taskutil.c +++ b/mbtask/taskutil.c @@ -4,7 +4,7 @@ * Purpose ...............: MBSE BBS Task Manager, utilities * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -75,7 +75,7 @@ char *date(void) #else ptm = *localtime(&now); #endif - sprintf(buf,"%02d-%s-%04d %02d:%02d:%02d", ptm.tm_mday, mon[ptm.tm_mon], ptm.tm_year+1900, + snprintf(buf, 20, "%02d-%s-%04d %02d:%02d:%02d", ptm.tm_mday, mon[ptm.tm_mon], ptm.tm_year+1900, ptm.tm_hour, ptm.tm_min, ptm.tm_sec); return(buf); } @@ -92,7 +92,7 @@ char *rfcdate(time_t now) #else ptm = *localtime(&now); #endif - sprintf(buf,"%02d-%s-%04d %02d:%02d:%02d", ptm.tm_mday, mon[ptm.tm_mon], ptm.tm_year+1900, + snprintf(buf, 20, "%02d-%s-%04d %02d:%02d:%02d", ptm.tm_mday, mon[ptm.tm_mon], ptm.tm_year+1900, ptm.tm_hour, ptm.tm_min, ptm.tm_sec); return(buf); } @@ -106,7 +106,7 @@ void WriteError(const char *format, ...) outputstr = calloc(10240, sizeof(char)); va_start(va_ptr, format); - vsprintf(outputstr, format, va_ptr); + vsnprintf(outputstr, 10240, format, va_ptr); va_end(va_ptr); Syslog('?', outputstr); free(outputstr); @@ -127,7 +127,7 @@ void Syslog(int grade, const char *format, ...) debug = isalpha(grade); va_start(va_ptr, format); - vsprintf(outstr, format, va_ptr); + vsnprintf(outstr, 1024, format, va_ptr); va_end(va_ptr); tcrc = StringCRC32(outstr); @@ -140,7 +140,7 @@ void Syslog(int grade, const char *format, ...) if (!debug) { logname = calloc(PATH_MAX, sizeof(char)); oldmask=umask(066); - sprintf(logname, "%s/log/mbtask.log", getenv("MBSE_ROOT")); + snprintf(logname, PATH_MAX, "%s/log/mbtask.log", getenv("MBSE_ROOT")); logfile = fopen(logname, "a"); umask(oldmask); if (logfile == NULL) { @@ -152,7 +152,7 @@ void Syslog(int grade, const char *format, ...) debugname = calloc(PATH_MAX, sizeof(char)); oldmask=umask(066); - sprintf(debugname, "%s/log/%s", getenv("MBSE_ROOT"), CFG.debuglog); + snprintf(debugname, PATH_MAX, "%s/log/%s", getenv("MBSE_ROOT"), CFG.debuglog); debugfile = fopen(debugname, "a"); umask(oldmask); if (debugfile == NULL) { @@ -287,7 +287,7 @@ void CreateSema(char *sem) FILE *fp; int oldmask; - sprintf(temp, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); + snprintf(temp, PATH_MAX, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); if (access(temp, F_OK) == 0) return; oldmask = umask(002); @@ -306,7 +306,7 @@ void TouchSema(char *sem) FILE *fp; int oldmask; - sprintf(temp, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); + snprintf(temp, PATH_MAX, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); oldmask = umask(002); if ((fp = fopen(temp, "w"))) fclose(fp); @@ -321,7 +321,7 @@ void RemoveSema(char *sem) { char temp[PATH_MAX]; - sprintf(temp, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); + snprintf(temp, PATH_MAX, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); if (access(temp, F_OK)) return; if (unlink(temp) == -1) @@ -334,7 +334,7 @@ int IsSema(char *sem) { char temp[PATH_MAX]; - sprintf(temp, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); + snprintf(temp, PATH_MAX, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); return (access(temp, F_OK) == 0); } @@ -433,15 +433,15 @@ char *ascfnode(faddr *a, int fl) buf[0] = '\0'; if ((fl & 0x08) && (a->zone)) - sprintf(buf+strlen(buf),"%u:",a->zone); + snprintf(buf+strlen(buf), 10, "%u:",a->zone); if (fl & 0x04) - sprintf(buf+strlen(buf),"%u/",a->net); + snprintf(buf+strlen(buf), 10, "%u/",a->net); if (fl & 0x02) - sprintf(buf+strlen(buf),"%u",a->node); + snprintf(buf+strlen(buf), 10, "%u",a->node); if ((fl & 0x01) && (a->point)) - sprintf(buf+strlen(buf),".%u",a->point); + snprintf(buf+strlen(buf), 10, ".%u",a->point); if ((fl & 0x10) && (strlen(a->domain))) - sprintf(buf+strlen(buf),"@%s",a->domain); + snprintf(buf+strlen(buf), 14, "@%s",a->domain); return buf; } @@ -456,15 +456,15 @@ char *fido2str(fidoaddr a, int fl) buf[0] = '\0'; if ((fl & 0x08) && (a.zone)) - sprintf(buf+strlen(buf),"%u:",a.zone); + snprintf(buf+strlen(buf), 10, "%u:",a.zone); if (fl & 0x04) - sprintf(buf+strlen(buf),"%u/",a.net); + snprintf(buf+strlen(buf), 10, "%u/",a.net); if (fl & 0x02) - sprintf(buf+strlen(buf),"%u",a.node); + snprintf(buf+strlen(buf), 10, "%u",a.node); if ((fl & 0x01) && (a.point)) - sprintf(buf+strlen(buf),".%u",a.point); + snprintf(buf+strlen(buf), 10, ".%u",a.point); if ((fl & 0x10) && (strlen(a.domain))) - sprintf(buf+strlen(buf),"@%s",a.domain); + snprintf(buf+strlen(buf), 14, "@%s",a.domain); return buf; } @@ -478,7 +478,7 @@ char *Dos2Unix(char *dosname) memset(&buf, 0, sizeof(buf)); memset(&buf2, 0, sizeof(buf2)); - sprintf(buf, "%s", dosname); + snprintf(buf, PATH_MAX, "%s", dosname); p = buf; if (strlen(CFG.dospath)) { @@ -517,7 +517,7 @@ char *dayname(void) #else ptm = *localtime(&tt); #endif - sprintf(buf, "%s", dow[ptm.tm_wday]); + snprintf(buf, 3, "%s", dow[ptm.tm_wday]); return buf; } @@ -537,7 +537,7 @@ int SearchFidonet(unsigned short zone) char fidonet_fil[PATH_MAX]; int i; - sprintf(fidonet_fil, "%s/etc/fidonet.data", getenv("MBSE_ROOT")); + snprintf(fidonet_fil, PATH_MAX, "%s/etc/fidonet.data", getenv("MBSE_ROOT")); if ((fil = fopen(fidonet_fil, "r")) == NULL) { return FALSE; } @@ -603,7 +603,7 @@ char *printable(char *s, int l) case '\n': *p++='\\'; *p++='n'; break; case '\t': *p++='\\'; *p++='t'; break; case '\b': *p++='\\'; *p++='b'; break; - default: sprintf(p,"\\%02x", (*s & 0xff)); p+=3; break; + default: snprintf(p, 4, "\\%02x", (*s & 0xff)); p+=3; break; } s++; }