Secured sprintf with snprintf

This commit is contained in:
Michiel Broek 2005-08-29 14:37:51 +00:00
parent 1b0a440ed4
commit aa738f3abe
3 changed files with 93 additions and 93 deletions

View File

@ -4,7 +4,7 @@
* Purpose ...............: Setup Ttyinfo structure. * Purpose ...............: Setup Ttyinfo structure.
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -53,7 +53,7 @@ int CountTtyinfo(void)
char ffile[PATH_MAX]; char ffile[PATH_MAX];
int count = 0, i; int count = 0, i;
sprintf(ffile, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT")); snprintf(ffile, PATH_MAX, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
if ((fil = fopen(ffile, "r")) == NULL) { if ((fil = fopen(ffile, "r")) == NULL) {
if ((fil = fopen(ffile, "a+")) != NULL) { if ((fil = fopen(ffile, "a+")) != NULL) {
ttyinfohdr.hdrsize = sizeof(ttyinfohdr); ttyinfohdr.hdrsize = sizeof(ttyinfohdr);
@ -67,13 +67,13 @@ int CountTtyinfo(void)
for (i = 0; i < 16; i++) { for (i = 0; i < 16; i++) {
count++; count++;
memset(&ttyinfo, 0, sizeof(ttyinfo)); memset(&ttyinfo, 0, sizeof(ttyinfo));
sprintf(ttyinfo.comment, "Network port %d", count); snprintf(ttyinfo.comment, 41, "Network port %d", count);
sprintf(ttyinfo.tty, "pts/%d", i); snprintf(ttyinfo.tty, 7, "pts/%d", i);
sprintf(ttyinfo.speed, "10 mbit"); snprintf(ttyinfo.speed, 21, "10 mbit");
sprintf(ttyinfo.flags, "IBN,IFC,XX"); snprintf(ttyinfo.flags, 31, "IBN,IFC,XX");
ttyinfo.type = NETWORK; ttyinfo.type = NETWORK;
ttyinfo.available = TRUE; ttyinfo.available = TRUE;
sprintf(ttyinfo.name, "Network port #%d", count); snprintf(ttyinfo.name, 36, "Network port #%d", count);
fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil); fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil);
} }
#endif #endif
@ -81,13 +81,13 @@ int CountTtyinfo(void)
for (i = 0; i < 16; i++) { for (i = 0; i < 16; i++) {
count++; count++;
memset(&ttyinfo, 0, sizeof(ttyinfo)); memset(&ttyinfo, 0, sizeof(ttyinfo));
sprintf(ttyinfo.comment, "Network port %d", count); snprintf(ttyinfo.comment, 41, "Network port %d", count);
sprintf(ttyinfo.tty, "ttyp%x", i); snprintf(ttyinfo.tty, 7, "ttyp%x", i);
sprintf(ttyinfo.speed, "10 mbit"); snprintf(ttyinfo.speed, 21, "10 mbit");
sprintf(ttyinfo.flags, "IBN,IFC,XX"); snprintf(ttyinfo.flags, 31, "IBN,IFC,XX");
ttyinfo.type = NETWORK; ttyinfo.type = NETWORK;
ttyinfo.available = TRUE; ttyinfo.available = TRUE;
sprintf(ttyinfo.name, "Network port #%d", count); snprintf(ttyinfo.name, 36, "Network port #%d", count);
fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil); fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil);
} }
@ -97,9 +97,9 @@ int CountTtyinfo(void)
*/ */
for (i = 0; i < 6; i++) { for (i = 0; i < 6; i++) {
memset(&ttyinfo, 0, sizeof(ttyinfo)); memset(&ttyinfo, 0, sizeof(ttyinfo));
sprintf(ttyinfo.comment, "Console port %d", i+1); snprintf(ttyinfo.comment, 41, "Console port %d", i+1);
sprintf(ttyinfo.tty, "tty%d", i); snprintf(ttyinfo.tty, 7, "tty%d", i);
sprintf(ttyinfo.speed, "10 mbit"); snprintf(ttyinfo.speed, 21, "10 mbit");
ttyinfo.type = LOCAL; ttyinfo.type = LOCAL;
ttyinfo.available = TRUE; ttyinfo.available = TRUE;
fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil); fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil);
@ -113,9 +113,9 @@ int CountTtyinfo(void)
*/ */
for (i = 0; i < 8; i++) { for (i = 0; i < 8; i++) {
memset(&ttyinfo, 0, sizeof(ttyinfo)); memset(&ttyinfo, 0, sizeof(ttyinfo));
sprintf(ttyinfo.comment, "Console port %d", i+1); snprintf(ttyinfo.comment, 41, "Console port %d", i+1);
sprintf(ttyinfo.tty, "ttyv%d", i); snprintf(ttyinfo.tty, 7, "ttyv%d", i);
sprintf(ttyinfo.speed, "10 mbit"); snprintf(ttyinfo.speed, 21, "10 mbit");
ttyinfo.type = LOCAL; ttyinfo.type = LOCAL;
ttyinfo.available = TRUE; ttyinfo.available = TRUE;
fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil); fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil);
@ -128,9 +128,9 @@ int CountTtyinfo(void)
* By default, xxxBSD systems have only one console * By default, xxxBSD systems have only one console
*/ */
memset(&ttyinfo, 0, sizeof(ttyinfo)); memset(&ttyinfo, 0, sizeof(ttyinfo));
sprintf(ttyinfo.comment, "Console port 1"); snprintf(ttyinfo.comment, 41, "Console port 1");
sprintf(ttyinfo.tty, "console"); snprintf(ttyinfo.tty, 7, "console");
sprintf(ttyinfo.speed, "10 mbit"); snprintf(ttyinfo.speed, 21, "10 mbit");
ttyinfo.type = LOCAL; ttyinfo.type = LOCAL;
ttyinfo.available = TRUE; ttyinfo.available = TRUE;
fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil); fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil);
@ -139,45 +139,45 @@ int CountTtyinfo(void)
for (i = 0; i < 4; i++) { for (i = 0; i < 4; i++) {
memset(&ttyinfo, 0, sizeof(ttyinfo)); memset(&ttyinfo, 0, sizeof(ttyinfo));
sprintf(ttyinfo.comment, "ISDN line %d", i+1); snprintf(ttyinfo.comment, 41, "ISDN line %d", i+1);
#if defined(__linux__) #if defined(__linux__)
sprintf(ttyinfo.tty, "ttyI%d", i); snprintf(ttyinfo.tty, 7, "ttyI%d", i);
#elif defined(__FreeBSD__) #elif defined(__FreeBSD__)
sprintf(ttyinfo.tty, "cuaia%d", i); snprintf(ttyinfo.tty, 7, "cuaia%d", i);
#elif defined(__NetBSD__) #elif defined(__NetBSD__)
sprintf(ttyinfo.tty, "ttyi%c", i + 'a'); // NetBSD on a Sparc, how about PC's? snprintf(ttyinfo.tty, 7, "ttyi%c", i + 'a'); // NetBSD on a Sparc, how about PC's?
#elif defined(__OpenBSD__) #elif defined(__OpenBSD__)
sprintf(ttyinfo.tty, "cuaia%d", i); // I think this is wrong! snprintf(ttyinfo.tty, 7, "cuaia%d", i); // I think this is wrong!
#else #else
#error "Don't know the tty name for ISDN on this OS" #error "Don't know the tty name for ISDN on this OS"
#endif #endif
sprintf(ttyinfo.speed, "64 kbits"); snprintf(ttyinfo.speed, 21, "64 kbits");
sprintf(ttyinfo.flags, "XA,X75,CM"); snprintf(ttyinfo.flags, 31, "XA,X75,CM");
ttyinfo.type = ISDN; ttyinfo.type = ISDN;
ttyinfo.available = FALSE; ttyinfo.available = FALSE;
ttyinfo.callout = TRUE; ttyinfo.callout = TRUE;
ttyinfo.honor_zmh = TRUE; ttyinfo.honor_zmh = TRUE;
sprintf(ttyinfo.name, "ISDN line #%d", i+1); snprintf(ttyinfo.name, 36, "ISDN line #%d", i+1);
fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil); fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil);
count++; count++;
} }
for (i = 0; i < 4; i++) { for (i = 0; i < 4; i++) {
memset(&ttyinfo, 0, sizeof(ttyinfo)); memset(&ttyinfo, 0, sizeof(ttyinfo));
sprintf(ttyinfo.comment, "Modem line %d", i+1); snprintf(ttyinfo.comment, 41, "Modem line %d", i+1);
#if defined(__linux__) #if defined(__linux__)
sprintf(ttyinfo.tty, "ttyS%d", i); snprintf(ttyinfo.tty, 7, "ttyS%d", i);
#elif defined(__FreeBSD__) #elif defined(__FreeBSD__)
sprintf(ttyinfo.tty, "cuaa%d", i); snprintf(ttyinfo.tty, 7, "cuaa%d", i);
#elif defined(__NetBSD__) #elif defined(__NetBSD__)
sprintf(ttyinfo.tty, "tty%c", i + 'a'); // NetBSD on a Sparc, how about PC's? snprintf(ttyinfo.tty, 7, "tty%c", i + 'a'); // NetBSD on a Sparc, how about PC's?
#elif defined(__OpenBSD__) #elif defined(__OpenBSD__)
sprintf(ttyinfo.tty, "tty0%d", i); snprintf(ttyinfo.tty, 7, "tty0%d", i);
#else #else
#error "Don't know the tty name of the serial ports on this OS" #error "Don't know the tty name of the serial ports on this OS"
#endif #endif
sprintf(ttyinfo.speed, "33.6 kbits"); snprintf(ttyinfo.speed, 21, "33.6 kbits");
sprintf(ttyinfo.flags, "CM,XA,V32B,V42B,V34"); snprintf(ttyinfo.flags, 31, "CM,XA,V32B,V42B,V34");
ttyinfo.type = POTS; ttyinfo.type = POTS;
ttyinfo.available = FALSE; ttyinfo.available = FALSE;
ttyinfo.callout = TRUE; ttyinfo.callout = TRUE;
@ -187,7 +187,7 @@ int CountTtyinfo(void)
#else #else
ttyinfo.portspeed = 57600; ttyinfo.portspeed = 57600;
#endif #endif
sprintf(ttyinfo.name, "Modem line #%d", i+1); snprintf(ttyinfo.name, 36, "Modem line #%d", i+1);
fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil); fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil);
count++; count++;
} }
@ -222,8 +222,8 @@ int OpenTtyinfo(void)
char fnin[PATH_MAX], fnout[PATH_MAX]; char fnin[PATH_MAX], fnout[PATH_MAX];
long oldsize; long oldsize;
sprintf(fnin, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT")); snprintf(fnin, PATH_MAX, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
sprintf(fnout, "%s/etc/ttyinfo.temp", getenv("MBSE_ROOT")); snprintf(fnout, PATH_MAX, "%s/etc/ttyinfo.temp", getenv("MBSE_ROOT"));
if ((fin = fopen(fnin, "r")) != NULL) { if ((fin = fopen(fnin, "r")) != NULL) {
if ((fout = fopen(fnout, "w")) != NULL) { if ((fout = fopen(fnout, "w")) != NULL) {
fread(&ttyinfohdr, sizeof(ttyinfohdr), 1, fin); fread(&ttyinfohdr, sizeof(ttyinfohdr), 1, fin);
@ -271,8 +271,8 @@ void CloseTtyinfo(int force)
FILE *fi, *fo; FILE *fi, *fo;
st_list *tty = NULL, *tmp; st_list *tty = NULL, *tmp;
sprintf(fin, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT")); snprintf(fin, PATH_MAX, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
sprintf(fout,"%s/etc/ttyinfo.temp", getenv("MBSE_ROOT")); snprintf(fout, PATH_MAX, "%s/etc/ttyinfo.temp", getenv("MBSE_ROOT"));
if (TtyUpdated == 1) { if (TtyUpdated == 1) {
if (force || (yes_no((char *)"Database is changed, save changes") == 1)) { if (force || (yes_no((char *)"Database is changed, save changes") == 1)) {
@ -316,7 +316,7 @@ int AppendTtyinfo(void)
FILE *fil; FILE *fil;
char ffile[PATH_MAX]; char ffile[PATH_MAX];
sprintf(ffile, "%s/etc/ttyinfo.temp", getenv("MBSE_ROOT")); snprintf(ffile, PATH_MAX, "%s/etc/ttyinfo.temp", getenv("MBSE_ROOT"));
if ((fil = fopen(ffile, "a")) != NULL) { if ((fil = fopen(ffile, "a")) != NULL) {
memset(&ttyinfo, 0, sizeof(ttyinfo)); memset(&ttyinfo, 0, sizeof(ttyinfo));
fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil); fwrite(&ttyinfo, sizeof(ttyinfo), 1, fil);
@ -368,7 +368,7 @@ int EditTtyRec(int Area)
working(1, 0, 0); working(1, 0, 0);
IsDoing("Edit Ttyinfo"); IsDoing("Edit Ttyinfo");
sprintf(mfile, "%s/etc/ttyinfo.temp", getenv("MBSE_ROOT")); snprintf(mfile, PATH_MAX, "%s/etc/ttyinfo.temp", getenv("MBSE_ROOT"));
if ((fil = fopen(mfile, "r")) == NULL) { if ((fil = fopen(mfile, "r")) == NULL) {
working(2, 0, 0); working(2, 0, 0);
return -1; return -1;
@ -501,7 +501,7 @@ void EditTtyinfo(void)
mbse_mvprintw( 5, 4, "6. TTY LINES SETUP"); mbse_mvprintw( 5, 4, "6. TTY LINES SETUP");
set_color(CYAN, BLACK); set_color(CYAN, BLACK);
if (records != 0) { if (records != 0) {
sprintf(temp, "%s/etc/ttyinfo.temp", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/ttyinfo.temp", getenv("MBSE_ROOT"));
if ((fil = fopen(temp, "r")) != NULL) { if ((fil = fopen(temp, "r")) != NULL) {
fread(&ttyinfohdr, sizeof(ttyinfohdr), 1, fil); fread(&ttyinfohdr, sizeof(ttyinfohdr), 1, fil);
x = 2; x = 2;
@ -520,7 +520,7 @@ void EditTtyinfo(void)
set_color(CYAN, BLACK); set_color(CYAN, BLACK);
else else
set_color(LIGHTBLUE, BLACK); set_color(LIGHTBLUE, BLACK);
sprintf(temp, "%3d. %-6s %-25s", o+i, ttyinfo.tty, ttyinfo.comment); snprintf(temp, 81, "%3d. %-6s %-25s", o+i, ttyinfo.tty, ttyinfo.comment);
temp[37] = 0; temp[37] = 0;
mbse_mvprintw(y, x, temp); mbse_mvprintw(y, x, temp);
y++; y++;
@ -577,7 +577,7 @@ int tty_doc(FILE *fp, FILE *toc, int page)
FILE *wp, *ip, *tty; FILE *wp, *ip, *tty;
int j; int j;
sprintf(temp, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
if ((tty = fopen(temp, "r")) == NULL) if ((tty = fopen(temp, "r")) == NULL)
return page; return page;
@ -602,7 +602,7 @@ int tty_doc(FILE *fp, FILE *toc, int page)
j = 0; j = 0;
} }
sprintf(temp, "ttyinfo_%s.html", ttyinfo.tty); snprintf(temp, 81, "ttyinfo_%s.html", ttyinfo.tty);
fprintf(ip, "<TR><TD><A HREF=\"%s\">%s</A></TD><TD>%s</TD><TD>%s</TD></TR>\n", fprintf(ip, "<TR><TD><A HREF=\"%s\">%s</A></TD><TD>%s</TD><TD>%s</TD></TR>\n",
temp, ttyinfo.tty, ttyinfo.comment, getboolean(ttyinfo.available)); temp, ttyinfo.tty, ttyinfo.comment, getboolean(ttyinfo.available));
if ((wp = open_webdoc(temp, (char *)"TTY Line", ttyinfo.comment))) { if ((wp = open_webdoc(temp, (char *)"TTY Line", ttyinfo.comment))) {

View File

@ -55,7 +55,7 @@ int CountUsers(void)
char ffile[PATH_MAX]; char ffile[PATH_MAX];
int count; int count;
sprintf(ffile, "%s/etc/users.data", getenv("MBSE_ROOT")); snprintf(ffile, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT"));
if ((fil = fopen(ffile, "r")) == NULL) { if ((fil = fopen(ffile, "r")) == NULL) {
if ((fil = fopen(ffile, "a+")) != NULL) { if ((fil = fopen(ffile, "a+")) != NULL) {
Syslog('+', "Created new %s", ffile); Syslog('+', "Created new %s", ffile);
@ -94,8 +94,8 @@ int OpenUsers(void)
char fnin[PATH_MAX], fnout[PATH_MAX]; char fnin[PATH_MAX], fnout[PATH_MAX];
long oldsize; long oldsize;
sprintf(fnin, "%s/etc/users.data", getenv("MBSE_ROOT")); snprintf(fnin, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT"));
sprintf(fnout, "%s/etc/users.temp", getenv("MBSE_ROOT")); snprintf(fnout, PATH_MAX, "%s/etc/users.temp", getenv("MBSE_ROOT"));
if ((fin = fopen(fnin, "r")) != NULL) { if ((fin = fopen(fnin, "r")) != NULL) {
if ((fout = fopen(fnout, "w")) != NULL) { if ((fout = fopen(fnout, "w")) != NULL) {
fread(&usrconfighdr, sizeof(usrconfighdr), 1, fin); fread(&usrconfighdr, sizeof(usrconfighdr), 1, fin);
@ -150,8 +150,8 @@ void CloseUsers(int force)
{ {
char fin[PATH_MAX], fout[PATH_MAX]; char fin[PATH_MAX], fout[PATH_MAX];
sprintf(fin, "%s/etc/users.data", getenv("MBSE_ROOT")); snprintf(fin, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT"));
sprintf(fout,"%s/etc/users.temp", getenv("MBSE_ROOT")); snprintf(fout, PATH_MAX, "%s/etc/users.temp", getenv("MBSE_ROOT"));
if (UsrUpdated == 1) { if (UsrUpdated == 1) {
if (force || (yes_no((char *)"Database is changed, save changes") == 1)) { if (force || (yes_no((char *)"Database is changed, save changes") == 1)) {
@ -176,7 +176,7 @@ int AppendUsers(void)
FILE *fil; FILE *fil;
char ffile[PATH_MAX]; char ffile[PATH_MAX];
sprintf(ffile, "%s/etc/users.temp", getenv("MBSE_ROOT")); snprintf(ffile, PATH_MAX, "%s/etc/users.temp", getenv("MBSE_ROOT"));
if ((fil = fopen(ffile, "a")) != NULL) { if ((fil = fopen(ffile, "a")) != NULL) {
memset(&usrconfig, 0, sizeof(usrconfig)); memset(&usrconfig, 0, sizeof(usrconfig));
usrconfig.MailScan = TRUE; usrconfig.MailScan = TRUE;
@ -242,17 +242,17 @@ void Fields1(void)
now = usrconfig.tFirstLoginDate; now = usrconfig.tFirstLoginDate;
ld = localtime(&now); ld = localtime(&now);
sprintf(Date, "%02d-%02d-%04d %02d:%02d:%02d", ld->tm_mday, snprintf(Date, 30, "%02d-%02d-%04d %02d:%02d:%02d", ld->tm_mday,
ld->tm_mon+1, ld->tm_year + 1900, ld->tm_hour, ld->tm_min, ld->tm_sec); ld->tm_mon+1, ld->tm_year + 1900, ld->tm_hour, ld->tm_min, ld->tm_sec);
show_str(11,17,19, Date); show_str(11,17,19, Date);
now = usrconfig.tLastLoginDate; now = usrconfig.tLastLoginDate;
ld = localtime(&now); ld = localtime(&now);
sprintf(Date, "%02d-%02d-%04d %02d:%02d:%02d", ld->tm_mday, snprintf(Date, 30, "%02d-%02d-%04d %02d:%02d:%02d", ld->tm_mday,
ld->tm_mon+1, ld->tm_year + 1900, ld->tm_hour, ld->tm_min, ld->tm_sec); ld->tm_mon+1, ld->tm_year + 1900, ld->tm_hour, ld->tm_min, ld->tm_sec);
show_str(12,17,19, Date); show_str(12,17,19, Date);
now = usrconfig.tLastPwdChange; now = usrconfig.tLastPwdChange;
ld = localtime(&now); ld = localtime(&now);
sprintf(Date, "%02d-%02d-%04d %02d:%02d:%02d", ld->tm_mday, snprintf(Date, 30, "%02d-%02d-%04d %02d:%02d:%02d", ld->tm_mday,
ld->tm_mon+1, ld->tm_year + 1900, ld->tm_hour, ld->tm_min, ld->tm_sec); ld->tm_mon+1, ld->tm_year + 1900, ld->tm_hour, ld->tm_min, ld->tm_sec);
show_str(13,17,19, Date); show_str(13,17,19, Date);
@ -333,7 +333,7 @@ void Fields2(void)
show_charset(18,17,usrconfig.Charset); show_charset(18,17,usrconfig.Charset);
show_int( 7,76, usrconfig.iScreenLen); show_int( 7,76, usrconfig.iScreenLen);
sprintf(temp, "%c",usrconfig.iLanguage); snprintf(temp, 4, "%c",usrconfig.iLanguage);
show_str( 8,76,1, temp); show_str( 8,76,1, temp);
show_bool( 9,76, usrconfig.HotKeys); show_bool( 9,76, usrconfig.HotKeys);
show_bool(10,76, usrconfig.GraphMode); show_bool(10,76, usrconfig.GraphMode);
@ -379,7 +379,7 @@ int EditUsrRec2(void)
strcpy(usrconfig.Password, temp); strcpy(usrconfig.Password, temp);
usrconfig.tLastPwdChange = time(NULL); usrconfig.tLastPwdChange = time(NULL);
Syslog('+', "%s/bin/mbpasswd %s ******", getenv("MBSE_ROOT"), usrconfig.Name); Syslog('+', "%s/bin/mbpasswd %s ******", getenv("MBSE_ROOT"), usrconfig.Name);
sprintf(temp, "%s/bin/mbpasswd", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/bin/mbpasswd", getenv("MBSE_ROOT"));
memset(args, 0, sizeof(args)); memset(args, 0, sizeof(args));
args[0] = temp; args[0] = temp;
args[1] = usrconfig.Name; args[1] = usrconfig.Name;
@ -454,7 +454,7 @@ void Reset_Time(void)
FILE *pLimits; FILE *pLimits;
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/limits.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/limits.data", getenv("MBSE_ROOT"));
if ((pLimits = fopen(temp,"r")) == NULL) { if ((pLimits = fopen(temp,"r")) == NULL) {
WriteError("$Can't open %s", temp); WriteError("$Can't open %s", temp);
} else { } else {
@ -491,7 +491,7 @@ int EditUsrRec(int Area)
working(1, 0, 0); working(1, 0, 0);
IsDoing("Edit Users"); IsDoing("Edit Users");
sprintf(mfile, "%s/etc/users.temp", getenv("MBSE_ROOT")); snprintf(mfile, PATH_MAX, "%s/etc/users.temp", getenv("MBSE_ROOT"));
if ((fil = fopen(mfile, "r")) == NULL) { if ((fil = fopen(mfile, "r")) == NULL) {
working(2, 0, 0); working(2, 0, 0);
return -1; return -1;
@ -607,7 +607,7 @@ void EditUsers(void)
mbse_mvprintw( 5, 3, "15. USERS EDITOR"); mbse_mvprintw( 5, 3, "15. USERS EDITOR");
set_color(CYAN, BLACK); set_color(CYAN, BLACK);
if (records != 0) { if (records != 0) {
sprintf(temp, "%s/etc/users.temp", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/users.temp", getenv("MBSE_ROOT"));
working(1, 0, 0); working(1, 0, 0);
if ((fil = fopen(temp, "r")) != NULL) { if ((fil = fopen(temp, "r")) != NULL) {
fread(&usrconfighdr, sizeof(usrconfighdr), 1, fil); fread(&usrconfighdr, sizeof(usrconfighdr), 1, fil);
@ -627,7 +627,7 @@ void EditUsers(void)
set_color(CYAN, BLACK); set_color(CYAN, BLACK);
else else
set_color(LIGHTBLUE, BLACK); set_color(LIGHTBLUE, BLACK);
sprintf(temp, "%3d. %-32s", o + i, usrconfig.sUserName); snprintf(temp, 81, "%3d. %-32s", o + i, usrconfig.sUserName);
temp[37] = 0; temp[37] = 0;
mbse_mvprintw(y, x, temp); mbse_mvprintw(y, x, temp);
y++; y++;
@ -685,7 +685,7 @@ void users_doc(void)
FILE *wp, *ip, *fp; FILE *wp, *ip, *fp;
int nr = 0; int nr = 0;
sprintf(temp, "%s/etc/users.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) == NULL) if ((fp = fopen(temp, "r")) == NULL)
return; return;
@ -697,7 +697,7 @@ void users_doc(void)
while (fread(&usrconfig, usrconfighdr.recsize, 1, fp) == 1) { while (fread(&usrconfig, usrconfighdr.recsize, 1, fp) == 1) {
nr++; nr++;
sprintf(temp, "user_%d.html", nr); snprintf(temp, 81, "user_%d.html", nr);
fprintf(ip, "<LI><A HREF=\"%s\">%s</A></LI>\n", temp, usrconfig.sUserName); fprintf(ip, "<LI><A HREF=\"%s\">%s</A></LI>\n", temp, usrconfig.sUserName);
if ((wp = open_webdoc(temp, (char *)"BBS User", usrconfig.sUserName))) { if ((wp = open_webdoc(temp, (char *)"BBS User", usrconfig.sUserName))) {
fprintf(wp, "<A HREF=\"index.html\">Main</A>&nbsp;<A HREF=\"users.html\">Back</A>\n"); fprintf(wp, "<A HREF=\"index.html\">Main</A>&nbsp;<A HREF=\"users.html\">Back</A>\n");
@ -748,7 +748,7 @@ void users_doc(void)
add_webtable(wp, (char *)"Archiver", usrconfig.Archiver); add_webtable(wp, (char *)"Archiver", usrconfig.Archiver);
add_webtable(wp, (char *)"Character set", getftnchrs(usrconfig.Charset)); add_webtable(wp, (char *)"Character set", getftnchrs(usrconfig.Charset));
add_webdigit(wp, (char *)"Screen length", usrconfig.iScreenLen); add_webdigit(wp, (char *)"Screen length", usrconfig.iScreenLen);
sprintf(temp, "%c", usrconfig.iLanguage); snprintf(temp, 4, "%c", usrconfig.iLanguage);
add_webtable(wp, (char *)"Language", temp); add_webtable(wp, (char *)"Language", temp);
add_webtable(wp, (char *)"Use hotkeys", getboolean(usrconfig.HotKeys)); add_webtable(wp, (char *)"Use hotkeys", getboolean(usrconfig.HotKeys));
add_webtable(wp, (char *)"ANSI mode", getboolean(usrconfig.GraphMode)); add_webtable(wp, (char *)"ANSI mode", getboolean(usrconfig.GraphMode));

View File

@ -4,7 +4,7 @@
* Purpose ...............: Setup Virus structure. * Purpose ...............: Setup Virus structure.
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -53,7 +53,7 @@ int CountVirus(void)
char ffile[PATH_MAX]; char ffile[PATH_MAX];
int count; int count;
sprintf(ffile, "%s/etc/virscan.data", getenv("MBSE_ROOT")); snprintf(ffile, PATH_MAX, "%s/etc/virscan.data", getenv("MBSE_ROOT"));
if ((fil = fopen(ffile, "r")) == NULL) { if ((fil = fopen(ffile, "r")) == NULL) {
if ((fil = fopen(ffile, "a+")) != NULL) { if ((fil = fopen(ffile, "a+")) != NULL) {
Syslog('+', "Created new %s", ffile); Syslog('+', "Created new %s", ffile);
@ -65,51 +65,51 @@ int CountVirus(void)
* Create some default records but don't enable them. * Create some default records but don't enable them.
*/ */
memset(&virscan, 0, sizeof(virscan)); memset(&virscan, 0, sizeof(virscan));
sprintf(virscan.comment, "AntiVir/Linux Scanner"); snprintf(virscan.comment, 41, "AntiVir/Linux Scanner");
if (strlen(_PATH_ANTIVIR)) { if (strlen(_PATH_ANTIVIR)) {
sprintf(virscan.scanner, "%s", _PATH_ANTIVIR); snprintf(virscan.scanner, 65, "%s", _PATH_ANTIVIR);
virscan.available = TRUE; virscan.available = TRUE;
} else { } else {
sprintf(virscan.scanner, "/usr/bin/antivir"); snprintf(virscan.scanner, 65, "/usr/bin/antivir");
virscan.available = FALSE; virscan.available = FALSE;
} }
sprintf(virscan.options, "-allfiles -s -q"); snprintf(virscan.options, 65, "-allfiles -s -q");
fwrite(&virscan, sizeof(virscan), 1, fil); fwrite(&virscan, sizeof(virscan), 1, fil);
memset(&virscan, 0, sizeof(virscan)); memset(&virscan, 0, sizeof(virscan));
sprintf(virscan.comment, "F-Prot scanner"); snprintf(virscan.comment, 41, "F-Prot scanner");
if (strlen(_PATH_FPROT)) { if (strlen(_PATH_FPROT)) {
sprintf(virscan.scanner, "%s .", _PATH_FPROT); snprintf(virscan.scanner, 65, "%s .", _PATH_FPROT);
virscan.available = TRUE; virscan.available = TRUE;
} else { } else {
sprintf(virscan.scanner, "/usr/local/bin/f-prot ."); snprintf(virscan.scanner, 65, "/usr/local/bin/f-prot .");
virscan.available = FALSE; virscan.available = FALSE;
} }
sprintf(virscan.options, "-archive -silent"); snprintf(virscan.options, 65, "-archive -silent");
fwrite(&virscan, sizeof(virscan), 1, fil); fwrite(&virscan, sizeof(virscan), 1, fil);
memset(&virscan, 0, sizeof(virscan)); memset(&virscan, 0, sizeof(virscan));
sprintf(virscan.comment, "McAfee VirusScan for Linux"); snprintf(virscan.comment, 41, "McAfee VirusScan for Linux");
if (strlen(_PATH_UVSCAN)) { if (strlen(_PATH_UVSCAN)) {
sprintf(virscan.scanner, "%s", _PATH_UVSCAN); snprintf(virscan.scanner, 65, "%s", _PATH_UVSCAN);
virscan.available = TRUE; virscan.available = TRUE;
} else { } else {
sprintf(virscan.scanner, "/usr/local/bin/uvscan"); snprintf(virscan.scanner, 65, "/usr/local/bin/uvscan");
virscan.available = FALSE; virscan.available = FALSE;
} }
sprintf(virscan.options, "--noboot --noexpire -r --secure -"); snprintf(virscan.options, 65, "--noboot --noexpire -r --secure -");
fwrite(&virscan, sizeof(virscan), 1, fil); fwrite(&virscan, sizeof(virscan), 1, fil);
memset(&virscan, 0, sizeof(virscan)); memset(&virscan, 0, sizeof(virscan));
sprintf(virscan.comment, "Clam AntiVirus"); snprintf(virscan.comment, 41, "Clam AntiVirus");
if (strlen(_PATH_CLAMAV)) { if (strlen(_PATH_CLAMAV)) {
sprintf(virscan.scanner, "%s", _PATH_CLAMAV); snprintf(virscan.scanner, 65, "%s", _PATH_CLAMAV);
virscan.available = TRUE; virscan.available = TRUE;
} else { } else {
sprintf(virscan.scanner, "/usr/local/bin/clamscan"); snprintf(virscan.scanner, 65, "/usr/local/bin/clamscan");
virscan.available = FALSE; virscan.available = FALSE;
} }
sprintf(virscan.options, "--quiet --recursive"); snprintf(virscan.options, 65, "--quiet --recursive");
fwrite(&virscan, sizeof(virscan), 1, fil); fwrite(&virscan, sizeof(virscan), 1, fil);
fclose(fil); fclose(fil);
@ -141,8 +141,8 @@ int OpenVirus(void)
char fnin[PATH_MAX], fnout[PATH_MAX]; char fnin[PATH_MAX], fnout[PATH_MAX];
long oldsize; long oldsize;
sprintf(fnin, "%s/etc/virscan.data", getenv("MBSE_ROOT")); snprintf(fnin, PATH_MAX, "%s/etc/virscan.data", getenv("MBSE_ROOT"));
sprintf(fnout, "%s/etc/virscan.temp", getenv("MBSE_ROOT")); snprintf(fnout, PATH_MAX, "%s/etc/virscan.temp", getenv("MBSE_ROOT"));
if ((fin = fopen(fnin, "r")) != NULL) { if ((fin = fopen(fnin, "r")) != NULL) {
if ((fout = fopen(fnout, "w")) != NULL) { if ((fout = fopen(fnout, "w")) != NULL) {
fread(&virscanhdr, sizeof(virscanhdr), 1, fin); fread(&virscanhdr, sizeof(virscanhdr), 1, fin);
@ -190,8 +190,8 @@ void CloseVirus(int force)
FILE *fi, *fo; FILE *fi, *fo;
st_list *vir = NULL, *tmp; st_list *vir = NULL, *tmp;
sprintf(fin, "%s/etc/virscan.data", getenv("MBSE_ROOT")); snprintf(fin, PATH_MAX, "%s/etc/virscan.data", getenv("MBSE_ROOT"));
sprintf(fout,"%s/etc/virscan.temp", getenv("MBSE_ROOT")); snprintf(fout, PATH_MAX, "%s/etc/virscan.temp", getenv("MBSE_ROOT"));
if (VirUpdated == 1) { if (VirUpdated == 1) {
if (force || (yes_no((char *)"Database is changed, save changes") == 1)) { if (force || (yes_no((char *)"Database is changed, save changes") == 1)) {
@ -234,7 +234,7 @@ int AppendVirus(void)
FILE *fil; FILE *fil;
char ffile[PATH_MAX]; char ffile[PATH_MAX];
sprintf(ffile, "%s/etc/virscan.temp", getenv("MBSE_ROOT")); snprintf(ffile, PATH_MAX, "%s/etc/virscan.temp", getenv("MBSE_ROOT"));
if ((fil = fopen(ffile, "a")) != NULL) { if ((fil = fopen(ffile, "a")) != NULL) {
memset(&virscan, 0, sizeof(virscan)); memset(&virscan, 0, sizeof(virscan));
fwrite(&virscan, sizeof(virscan), 1, fil); fwrite(&virscan, sizeof(virscan), 1, fil);
@ -262,7 +262,7 @@ int EditVirRec(int Area)
working(1, 0, 0); working(1, 0, 0);
IsDoing("Edit VirScan"); IsDoing("Edit VirScan");
sprintf(mfile, "%s/etc/virscan.temp", getenv("MBSE_ROOT")); snprintf(mfile, PATH_MAX, "%s/etc/virscan.temp", getenv("MBSE_ROOT"));
if ((fil = fopen(mfile, "r")) == NULL) { if ((fil = fopen(mfile, "r")) == NULL) {
working(2, 0, 0); working(2, 0, 0);
return -1; return -1;
@ -365,7 +365,7 @@ void EditVirus(void)
mbse_mvprintw( 5, 4, "4. VIRUS SCANNERS SETUP"); mbse_mvprintw( 5, 4, "4. VIRUS SCANNERS SETUP");
set_color(CYAN, BLACK); set_color(CYAN, BLACK);
if (records != 0) { if (records != 0) {
sprintf(temp, "%s/etc/virscan.temp", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/virscan.temp", getenv("MBSE_ROOT"));
if ((fil = fopen(temp, "r")) != NULL) { if ((fil = fopen(temp, "r")) != NULL) {
fread(&virscanhdr, sizeof(virscanhdr), 1, fil); fread(&virscanhdr, sizeof(virscanhdr), 1, fil);
x = 2; x = 2;
@ -383,7 +383,7 @@ void EditVirus(void)
set_color(CYAN, BLACK); set_color(CYAN, BLACK);
else else
set_color(LIGHTBLUE, BLACK); set_color(LIGHTBLUE, BLACK);
sprintf(temp, "%3d. %-32s", i, virscan.comment); snprintf(temp, 81, "%3d. %-32s", i, virscan.comment);
temp[37] = 0; temp[37] = 0;
mbse_mvprintw(y, x, temp); mbse_mvprintw(y, x, temp);
y++; y++;
@ -429,7 +429,7 @@ int virus_doc(FILE *fp, FILE *toc, int page)
FILE *wp, *ip, *vir; FILE *wp, *ip, *vir;
int nr = 0, j; int nr = 0, j;
sprintf(temp, "%s/etc/virscan.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/virscan.data", getenv("MBSE_ROOT"));
if ((vir = fopen(temp, "r")) == NULL) if ((vir = fopen(temp, "r")) == NULL)
return page; return page;
@ -455,7 +455,7 @@ int virus_doc(FILE *fp, FILE *toc, int page)
} }
nr++; nr++;
sprintf(temp, "virscan_%d.html", nr); snprintf(temp, 81, "virscan_%d.html", nr);
fprintf(ip, "<TR><TD><A HREF=\"%s\">%d</A></TD><TD>%s</TD><TD>%s</TD></TR>\n", fprintf(ip, "<TR><TD><A HREF=\"%s\">%d</A></TD><TD>%s</TD><TD>%s</TD></TR>\n",
temp, nr, virscan.comment, getboolean(virscan.available)); temp, nr, virscan.comment, getboolean(virscan.available));
if ((wp = open_webdoc(temp, (char *)"Virus Scanner", virscan.comment))) { if ((wp = open_webdoc(temp, (char *)"Virus Scanner", virscan.comment))) {