bbs/deb-mbse
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Secured sprintf with snprintf

Browse Source
This commit is contained in:
Michiel Broek 2005-08-28 13:34:43 +00:00
parent c515cbcd24
commit e04af3ed02
21 changed files with 110 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lib/clcomm.c
View File

@ -156,7 +156,7 @@ void SockS(const char *format, ...)
out = calloc(SS_BUFSIZE, sizeof(char)); out = calloc(SS_BUFSIZE, sizeof(char));
va_start(va_ptr, format); va_start(va_ptr, format);
vsnprintf(out, SS_BUFSIZE -1, format, va_ptr); vsnprintf(out, SS_BUFSIZE, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
if (socket_send(out) == 0) if (socket_send(out) == 0)
@ -177,11 +177,11 @@ char *SockR(const char *format, ...)
out = calloc(SS_BUFSIZE, sizeof(char)); out = calloc(SS_BUFSIZE, sizeof(char));
va_start(va_ptr, format); va_start(va_ptr, format);
vsnprintf(out, SS_BUFSIZE -1, format, va_ptr); vsnprintf(out, SS_BUFSIZE, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
if (socket_send(out) == 0) if (socket_send(out) == 0)
snprintf(buf, SS_BUFSIZE -1, "%s", socket_receive()); snprintf(buf, SS_BUFSIZE, "%s", socket_receive());
free(out); free(out);
return buf; return buf;
@ -198,7 +198,7 @@ void WriteError(const char *format, ...)
outputstr = calloc(10240, sizeof(char)); outputstr = calloc(10240, sizeof(char));
va_start(va_ptr, format); va_start(va_ptr, format);
vsnprintf(outputstr, 10239, format, va_ptr); vsnprintf(outputstr, 10240, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
@ -207,7 +207,7 @@ void WriteError(const char *format, ...)
outputstr[i] = ' '; outputstr[i] = ' ';
if (*outputstr == '$') if (*outputstr == '$')
snprintf(outputstr+strlen(outputstr), 10239, ": %s", strerror(errno)); snprintf(outputstr+strlen(outputstr), 10240, ": %s", strerror(errno));
if (strlen(outputstr) > (SS_BUFSIZE - 64)) { if (strlen(outputstr) > (SS_BUFSIZE - 64)) {
outputstr[SS_BUFSIZE - 65] = ';'; outputstr[SS_BUFSIZE - 65] = ';';
@ -248,7 +248,7 @@ void Syslog(int level, const char *format, ...)
outstr = calloc(10240, sizeof(char)); outstr = calloc(10240, sizeof(char));
va_start(va_ptr, format); va_start(va_ptr, format);
vsnprintf(outstr, 10239, format, va_ptr); vsnprintf(outstr, 10240, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
Syslogp(level, outstr); Syslogp(level, outstr);
free(outstr); free(outstr);
@ -348,7 +348,7 @@ void Mgrlog(const char *format, ...)
outstr = calloc(10240, sizeof(char)); outstr = calloc(10240, sizeof(char));
va_start(va_ptr, format); va_start(va_ptr, format);
vsnprintf(outstr, 10239, format, va_ptr); vsnprintf(outstr, 10240, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
for (i = 0; i < strlen(outstr); i++) for (i = 0; i < strlen(outstr); i++)
@ -372,7 +372,7 @@ void IsDoing(const char *format, ...)
outputstr = calloc(SS_BUFSIZE, sizeof(char)); outputstr = calloc(SS_BUFSIZE, sizeof(char));
va_start(va_ptr, format); va_start(va_ptr, format);
vsnprintf(outputstr, SS_BUFSIZE -1, format, va_ptr); vsnprintf(outputstr, SS_BUFSIZE, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
SockS("ADOI:2,%d,%s;", mypid, outputstr); SockS("ADOI:2,%d,%s;", mypid, outputstr);
@ -451,7 +451,7 @@ unsigned long sequencer()
unsigned long seq = 0; unsigned long seq = 0;
buf = calloc(SS_BUFSIZE, sizeof(char)); buf = calloc(SS_BUFSIZE, sizeof(char));
snprintf(buf, SS_BUFSIZE -1, "SSEQ:0;"); snprintf(buf, SS_BUFSIZE, "SSEQ:0;");
if (socket_send(buf) == 0) { if (socket_send(buf) == 0) {
free(buf); free(buf);
@ -477,10 +477,10 @@ int enoughspace(unsigned long needed)
unsigned long avail = 0L; unsigned long avail = 0L;
buf = calloc(SS_BUFSIZE, sizeof(char)); buf = calloc(SS_BUFSIZE, sizeof(char));
snprintf(buf, SS_BUFSIZE -1, "DSPC:1,%ld;", needed); snprintf(buf, SS_BUFSIZE, "DSPC:1,%ld;", needed);
if (socket_send(buf) == 0) { if (socket_send(buf) == 0) {
snprintf(buf, SS_BUFSIZE -1, "%s", socket_receive()); snprintf(buf, SS_BUFSIZE, "%s", socket_receive());
res = strtok(buf, ":"); res = strtok(buf, ":");
cnt = atoi(strtok(NULL, ",")); cnt = atoi(strtok(NULL, ","));
if (cnt == 1) { if (cnt == 1) {

4
lib/client.c
View File

@ -117,7 +117,7 @@ int socket_connect(char *user, char *prg, char *city)
/* /*
* Send the information to the server. * Send the information to the server.
*/ */
snprintf(buf, SS_BUFSIZE -1, "AINI:5,%d,%s,%s,%s,%s;", getpid(), tty, user, prg, city); snprintf(buf, SS_BUFSIZE, "AINI:5,%d,%s,%s,%s,%s;", getpid(), tty, user, prg, city);
if (socket_send(buf) != 0) { if (socket_send(buf) != 0) {
sock = -1; sock = -1;
return -1; return -1;
@ -198,7 +198,7 @@ int socket_shutdown(pid_t pid)
if (sock == -1) if (sock == -1)
return 0; return 0;
snprintf(buf, SS_BUFSIZE -1, "ACLO:1,%d;", pid); snprintf(buf, SS_BUFSIZE, "ACLO:1,%d;", pid);
if (socket_send(buf) == 0) { if (socket_send(buf) == 0) {
strcpy(buf, socket_receive()); strcpy(buf, socket_receive());
if (strncmp(buf, "107:0;", 6) != 0) { if (strncmp(buf, "107:0;", 6) != 0) {

14
lib/diesel.c
View File

@ -441,7 +441,7 @@ static void mledreal(double r, char *edbuf)
{ {
int sprec; int sprec;
V snprintf(edbuf, MAXSTR -1, "%.12f", r); V snprintf(edbuf, MAXSTR, "%.12f", r);
if ((!strchr(edbuf, 'E')) && strchr(edbuf, '.')) { if ((!strchr(edbuf, 'E')) && strchr(edbuf, '.')) {
/* Trim redundant trailing zeroes off the number. */ /* Trim redundant trailing zeroes off the number. */
for (sprec = strlen(edbuf) - 1; sprec > 0; sprec--) { for (sprec = strlen(edbuf) - 1; sprec > 0; sprec--) {
@ -495,7 +495,7 @@ static int rarg(char *argstr, double *realres)
#define Dsarg(s) char s[MAXSTR] /* Declare string argument */ #define Dsarg(s) char s[MAXSTR] /* Declare string argument */
#define Sarg(v,n) if (diesel(argv[(n)], (v)) != 0) return FALSE #define Sarg(v,n) if (diesel(argv[(n)], (v)) != 0) return FALSE
#define Rint(n) V snprintf(output, MAXSTR -1, "%d", (n)); return TRUE/* Return int */ #define Rint(n) V snprintf(output, MAXSTR, "%d", (n)); return TRUE/* Return int */
#define Rreal(n) mledreal((n), output); return TRUE /* Return double */ #define Rreal(n) mledreal((n), output); return TRUE /* Return double */
#define Rstr(s) V strcpy(output, (s)); return TRUE /* Return str */ #define Rstr(s) V strcpy(output, (s)); return TRUE /* Return str */
@ -910,7 +910,7 @@ Mfunc(f_edtime)
for (i = 0; i < ELEMENTS(pictab); i++) { for (i = 0; i < ELEMENTS(pictab); i++) {
if (strncasecmp(pp, pictab[i].pname, if (strncasecmp(pp, pictab[i].pname,
strlen(pictab[i].pname)) == 0) { strlen(pictab[i].pname)) == 0) {
V snprintf(output + strlen(output), MAXSTR -1, pictab[i].pfmt, V snprintf(output + strlen(output), MAXSTR, pictab[i].pfmt,
*pictab[i].pitem); *pictab[i].pitem);
pp += strlen(pictab[i].pname); pp += strlen(pictab[i].pname);
foundit = TRUE; foundit = TRUE;
@ -1321,7 +1321,7 @@ Mfunc(f_time)
{ {
ArgCount(0, 0); ArgCount(0, 0);
V snprintf(output, MAXSTR -1, "%ld", (long) time((time_t *) NULL)); V snprintf(output, MAXSTR, "%ld", (long) time((time_t *) NULL));
return TRUE; return TRUE;
} }
#endif /* UNIXTENSIONS */ #endif /* UNIXTENSIONS */
@ -1627,7 +1627,7 @@ static int macrovalue(int nargs, char *args, char *output)
message, make up a general-purpose message here. */ message, make up a general-purpose message here. */
if (mstat == FALSE) { if (mstat == FALSE) {
V snprintf(output, MAXSTR -1, " @(%s,%c%c) ", macname, '?', '?'); V snprintf(output, MAXSTR, " @(%s,%c%c) ", macname, '?', '?');
} }
if (mstat != TRUE) { if (mstat != TRUE) {
#ifdef DIESEL_TRACE #ifdef DIESEL_TRACE
@ -1645,7 +1645,7 @@ static int macrovalue(int nargs, char *args, char *output)
return TRUE; return TRUE;
} }
} }
V snprintf(output, MAXSTR -1, " @(%s)?? ", macname); V snprintf(output, MAXSTR, " @(%s)?? ", macname);
#ifdef DIESEL_TRACE #ifdef DIESEL_TRACE
if (tracing) { if (tracing) {
V printf("Err: %s\n", output); V printf("Err: %s\n", output);
@ -1673,7 +1673,7 @@ static int macroeval(char **in, char **out)
#ifdef ECHOMAC #ifdef ECHOMAC
*op++ = ' '; *op++ = ' ';
*op++ = '<'; *op++ = '<';
V snprintf(op, MAXSTR -1, "(%d)", mstat); V snprintf(op, MAXSTR, "(%d)", mstat);
op += strlen(op); op += strlen(op);
ma = margs; ma = margs;
while (mstat-- > 0) { while (mstat-- > 0) {

10
lib/faddr.c
View File

@ -48,14 +48,14 @@ char *aka2str(fidoaddr aka)
result[0] = '\0'; result[0] = '\0';
if (strlen(aka.domain)) { if (strlen(aka.domain)) {
if (aka.point == 0) if (aka.point == 0)
snprintf(result, 42, "%d:%d/%d@%s", aka.zone, aka.net, aka.node, aka.domain); snprintf(result, 43, "%d:%d/%d@%s", aka.zone, aka.net, aka.node, aka.domain);
else else
snprintf(result, 42, "%d:%d/%d.%d@%s", aka.zone, aka.net, aka.node, aka.point, aka.domain); snprintf(result, 43, "%d:%d/%d.%d@%s", aka.zone, aka.net, aka.node, aka.point, aka.domain);
} else { } else {
if (aka.point == 0) if (aka.point == 0)
snprintf(result, 42, "%d:%d/%d", aka.zone, aka.net, aka.node); snprintf(result, 43, "%d:%d/%d", aka.zone, aka.net, aka.node);
else else
snprintf(result, 42, "%d:%d/%d.%d", aka.zone, aka.net, aka.node, aka.point); snprintf(result, 43, "%d:%d/%d.%d", aka.zone, aka.net, aka.node, aka.point);
} }
return result; return result;
} }
@ -84,7 +84,7 @@ fidoaddr str2aka(char *addr)
if (strlen(addr) > 42) if (strlen(addr) > 42)
return n; return n;
snprintf(b, 42, "%s~", addr); snprintf(b, 43, "%s~", addr);
if ((strchr(b, ':') == NULL) || (strchr(b, '/') == NULL)) if ((strchr(b, ':') == NULL) || (strchr(b, '/') == NULL))
return n; return n;

40
lib/ftn.c
View File

@ -399,9 +399,9 @@ char *ascinode(faddr *a, int fl)
if ((strchr(a->name,'.')) || (strchr(a->name,'@')) || if ((strchr(a->name,'.')) || (strchr(a->name,'@')) ||
(strchr(a->name,'\'')) || (strchr(a->name,',')) || (strchr(a->name,'\'')) || (strchr(a->name,',')) ||
(strchr(a->name,'<')) || (strchr(a->name,'>'))) (strchr(a->name,'<')) || (strchr(a->name,'>')))
snprintf(buf+strlen(buf), 127, "\"%s\" <", a->name); snprintf(buf+strlen(buf), 128, "\"%s\" <", a->name);
else else
snprintf(buf+strlen(buf), 127, "%s <", a->name); snprintf(buf+strlen(buf), 128, "%s <", a->name);
} }
if ((fl & 0x40) && (a->name)) { if ((fl & 0x40) && (a->name)) {
@ -466,33 +466,33 @@ char *ascinode(faddr *a, int fl)
} }
if ((fl & 0x01) && (a->point)) if ((fl & 0x01) && (a->point))
snprintf(buf+strlen(buf), 127, "p%u.", a->point); snprintf(buf+strlen(buf), 128, "p%u.", a->point);
if (fl & 0x02) if (fl & 0x02)
snprintf(buf+strlen(buf), 127, "f%u.", a->node); snprintf(buf+strlen(buf), 128, "f%u.", a->node);
if (fl & 0x04) if (fl & 0x04)
snprintf(buf+strlen(buf), 127, "n%u.", a->net); snprintf(buf+strlen(buf), 128, "n%u.", a->net);
if ((fl & 0x08) && (a->zone)) if ((fl & 0x08) && (a->zone))
snprintf(buf+strlen(buf), 127, "z%u.", a->zone); snprintf(buf+strlen(buf), 128, "z%u.", a->zone);
buf[strlen(buf)-1]='\0'; buf[strlen(buf)-1]='\0';
if (fl & 0x10) { if (fl & 0x10) {
if (a->domain) if (a->domain)
snprintf(buf+strlen(buf), 127, ".%s", a->domain); snprintf(buf+strlen(buf), 128, ".%s", a->domain);
} }
if (fl & 0x20) { if (fl & 0x20) {
if (a->domain) { if (a->domain) {
if ((fl & 0x10) == 0) if ((fl & 0x10) == 0)
snprintf(buf+strlen(buf), 127, ".%s", a->domain); snprintf(buf+strlen(buf), 128, ".%s", a->domain);
} else { } else {
if (SearchFidonet(a->zone)) if (SearchFidonet(a->zone))
snprintf(buf+strlen(buf), 127, ".%s", fidonet.domain); snprintf(buf+strlen(buf), 128, ".%s", fidonet.domain);
else else
snprintf(buf+strlen(buf), 127, ".fidonet"); snprintf(buf+strlen(buf), 128, ".fidonet");
} }
p = calloc(128, sizeof(char)); p = calloc(128, sizeof(char));
snprintf(p, 127, "%s/etc/domain.data", getenv("MBSE_ROOT")); snprintf(p, 128, "%s/etc/domain.data", getenv("MBSE_ROOT"));
if ((fp = fopen(p, "r")) == NULL) { if ((fp = fopen(p, "r")) == NULL) {
WriteError("$Can't open %s", p); WriteError("$Can't open %s", p);
} else { } else {
@ -509,11 +509,11 @@ char *ascinode(faddr *a, int fl)
} }
free(p); free(p);
if (!found) if (!found)
snprintf(buf + strlen(buf), 127, ".ftn"); snprintf(buf + strlen(buf), 128, ".ftn");
} }
if ((fl & 0x80) && (a->name)) if ((fl & 0x80) && (a->name))
snprintf(buf+strlen(buf), 127, ">"); snprintf(buf+strlen(buf), 128, ">");
return buf; return buf;
} }
@ -535,17 +535,17 @@ char *ascfnode(faddr *a, int fl)
buf[0] = '\0'; buf[0] = '\0';
if ((fl & 0x40) && (a->name)) if ((fl & 0x40) && (a->name))
snprintf(buf+strlen(buf),127,"%s of ",a->name); snprintf(buf+strlen(buf),128,"%s of ",a->name);
if ((fl & 0x08) && (a->zone)) if ((fl & 0x08) && (a->zone))
snprintf(buf+strlen(buf),127,"%u:",a->zone); snprintf(buf+strlen(buf),128,"%u:",a->zone);
if (fl & 0x04) if (fl & 0x04)
snprintf(buf+strlen(buf),127,"%u/",a->net); snprintf(buf+strlen(buf),128,"%u/",a->net);
if (fl & 0x02) if (fl & 0x02)
snprintf(buf+strlen(buf),127,"%u",a->node); snprintf(buf+strlen(buf),128,"%u",a->node);
if ((fl & 0x01) && (a->point)) if ((fl & 0x01) && (a->point))
snprintf(buf+strlen(buf),127,".%u",a->point); snprintf(buf+strlen(buf),128,".%u",a->point);
if ((fl & 0x10) && (a->domain)) if ((fl & 0x10) && (a->domain))
snprintf(buf+strlen(buf),127,"@%s",a->domain); snprintf(buf+strlen(buf),128,"@%s",a->domain);
return buf; return buf;
} }
@ -600,7 +600,7 @@ fidoaddr *faddr2fido(faddr *aka)
Sys->node = aka->node; Sys->node = aka->node;
Sys->point = aka->point; Sys->point = aka->point;
if (aka->domain != NULL) if (aka->domain != NULL)
snprintf(Sys->domain, 12, "%s", aka->domain); snprintf(Sys->domain, 13, "%s", aka->domain);
return Sys; return Sys;
} }

2
lib/ftnmsg.c
View File

@ -51,7 +51,7 @@ char *ftndate(time_t t)
if (ptm->tm_sec > 59) if (ptm->tm_sec > 59)
ptm->tm_sec = 59; ptm->tm_sec = 59;
snprintf(buf, 31, "%02d %s %02d %02d:%02d:%02d",ptm->tm_mday, snprintf(buf, 32, "%02d %s %02d %02d:%02d:%02d",ptm->tm_mday,
months[ptm->tm_mon], ptm->tm_year%100, months[ptm->tm_mon], ptm->tm_year%100,
ptm->tm_hour, ptm->tm_min, ptm->tm_sec); ptm->tm_hour, ptm->tm_min, ptm->tm_sec);
return buf; return buf;

2
lib/getheader.c
View File

@ -143,7 +143,7 @@ int getheader(faddr *f, faddr *t, FILE *pkt, char *pname, int session)
/* /*
* Fill in a default product code in case it doesn't exist * Fill in a default product code in case it doesn't exist
*/ */
snprintf(buf, 4, "%04x", prodx); snprintf(buf, 5, "%04x", prodx);
prodn = xstrcpy((char *)"Unknown 0x"); prodn = xstrcpy((char *)"Unknown 0x");
prodn = xstrcat(prodn, buf); prodn = xstrcat(prodn, buf);
for (i = 0; ftscprod[i].name; i++) for (i = 0; ftscprod[i].name; i++)

14
lib/gmtoffset.c
View File

@ -99,9 +99,9 @@ char *gmtoffset(time_t now)
min = offset % 60L; min = offset % 60L;
if (sign == '-') if (sign == '-')
snprintf(buf, 5, "%c%02d%02d", sign, hr, min); snprintf(buf, 6, "%c%02d%02d", sign, hr, min);
else else
snprintf(buf, 5, "%02d%02d", hr, min); snprintf(buf, 6, "%02d%02d", hr, min);
return(buf); return(buf);
} }
@ -119,7 +119,7 @@ char *str_time(time_t total)
* 0 .. 59 seconds * 0 .. 59 seconds
*/ */
if (total < (time_t)60) { if (total < (time_t)60) {
snprintf(buf, 9, "%2d.00s", (int)total); snprintf(buf, 10, "%2d.00s", (int)total);
return buf; return buf;
} }
@ -129,7 +129,7 @@ char *str_time(time_t total)
if (total < (time_t)3600) { if (total < (time_t)3600) {
h = total / 60; h = total / 60;
m = total % 60; m = total % 60;
snprintf(buf, 9, "%2d:%02d ", h, m); snprintf(buf, 10, "%2d:%02d ", h, m);
return buf; return buf;
} }
@ -139,7 +139,7 @@ char *str_time(time_t total)
if (total < (time_t)86400) { if (total < (time_t)86400) {
h = (total / 60) / 60; h = (total / 60) / 60;
m = (total / 60) % 60; m = (total / 60) % 60;
snprintf(buf, 9, "%2d:%02dm", h, m); snprintf(buf, 10, "%2d:%02dm", h, m);
return buf; return buf;
} }
@ -149,11 +149,11 @@ char *str_time(time_t total)
if (total < (time_t)2592000) { if (total < (time_t)2592000) {
h = (total / 3600) / 24; h = (total / 3600) / 24;
m = (total / 3600) % 24; m = (total / 3600) % 24;
snprintf(buf, 9, "%2d/%02dh", h, m); snprintf(buf, 10, "%2d/%02dh", h, m);
return buf; return buf;
} }
snprintf(buf, 9, "N/A "); snprintf(buf, 10, "N/A ");
return buf; return buf;
} }

2
lib/mangle.c
View File

@ -427,7 +427,7 @@ void mangle_name_83(char *s)
if (crc16 > (MANGLE_BASE * MANGLE_BASE * MANGLE_BASE)) if (crc16 > (MANGLE_BASE * MANGLE_BASE * MANGLE_BASE))
Syslog('!', "WARNING: mangle_name_83() crc16 overflow"); Syslog('!', "WARNING: mangle_name_83() crc16 overflow");
crc16 = crc16 % (MANGLE_BASE * MANGLE_BASE * MANGLE_BASE); crc16 = crc16 % (MANGLE_BASE * MANGLE_BASE * MANGLE_BASE);
snprintf(s, 8, "%s%c%c%c%c", base, magic_char, snprintf(s, 9, "%s%c%c%c%c", base, magic_char,
mangle(crc16 / (MANGLE_BASE * MANGLE_BASE)), mangle(crc16 / MANGLE_BASE), mangle(crc16)); mangle(crc16 / (MANGLE_BASE * MANGLE_BASE)), mangle(crc16 / MANGLE_BASE), mangle(crc16));
if ( *extension ) { if ( *extension ) {
(void)strcat(s, "."); (void)strcat(s, ".");

36
lib/mbdiesel.c
View File

@ -129,16 +129,16 @@ char *ParseMacro( const char *line, int *dieselrc)
i++; i++;
} }
i--; i--;
snprintf(tmp2, MAXSTR -1, "@(GETVAR,%c)",code); snprintf(tmp2, MAXSTR, "@(GETVAR,%c)",code);
if (!diesel(tmp2,tmp3)==0){ if (!diesel(tmp2,tmp3)==0){
snprintf(tmp3, MAXSTR -1, "%c%c",'@',code); snprintf(tmp3, MAXSTR, "%c%c",'@',code);
} }
if (l>2){ if (l>2){
if ( *i != '>') if ( *i != '>')
l=-l; l=-l;
snprintf(&tmp1[strlen(tmp1)], MAXSTR -1, "%*.*s", l, l, tmp3); snprintf(&tmp1[strlen(tmp1)], MAXSTR, "%*.*s", l, l, tmp3);
}else{ }else{
snprintf(&tmp1[strlen(tmp1)], MAXSTR -1, "%s", tmp3); snprintf(&tmp1[strlen(tmp1)], MAXSTR, "%s", tmp3);
} }
}else{ }else{
tmp1[(j=strlen(tmp1))]='@'; tmp1[(j=strlen(tmp1))]='@';
@ -151,7 +151,7 @@ char *ParseMacro( const char *line, int *dieselrc)
} }
i = tmp1; i = tmp1;
snprintf(tmp2, MAXSTR -1, "%s", tmp1); snprintf(tmp2, MAXSTR, "%s", tmp1);
if ((tmp1[0]=='@') && (tmp1[1]=='{')){ if ((tmp1[0]=='@') && (tmp1[1]=='{')){
i++; i++;
@ -163,11 +163,11 @@ char *ParseMacro( const char *line, int *dieselrc)
i++; i++;
res[0]='\0'; res[0]='\0';
if (j>2) if (j>2)
snprintf(res, MAXSTR -1, "%.*s",j-2, &tmp1[2]); snprintf(res, MAXSTR, "%.*s",j-2, &tmp1[2]);
if ((diesel(res,tmp3)!=0) || (atoi(tmp3)==0)) if ((diesel(res,tmp3)!=0) || (atoi(tmp3)==0))
snprintf(tmp2, MAXSTR -1, "@!%s",i); snprintf(tmp2, MAXSTR, "@!%s",i);
else else
snprintf(tmp2, MAXSTR -1, "%s",i); snprintf(tmp2, MAXSTR, "%s",i);
} }
} }
*dieselrc=diesel(tmp2, res); *dieselrc=diesel(tmp2, res);
@ -418,20 +418,20 @@ FILE *OpenMacro(const char *filename, int Language, int htmlmode)
if (htmlmode) { if (htmlmode) {
MacroVars("O", "s", temp); MacroVars("O", "s", temp);
snprintf(linebuf, 1023, "%s", CFG.sysop); snprintf(linebuf, 1024, "%s", CFG.sysop);
html_massage(linebuf, outbuf, 1023); html_massage(linebuf, outbuf, 1024);
MacroVars("U", "s", outbuf); MacroVars("U", "s", outbuf);
snprintf(linebuf, 1023, "%s", CFG.location); snprintf(linebuf, 1024, "%s", CFG.location);
html_massage(linebuf, outbuf, 1023); html_massage(linebuf, outbuf, 1024);
MacroVars("L", "s", outbuf); MacroVars("L", "s", outbuf);
snprintf(linebuf, 1023, "%s", CFG.bbs_name); snprintf(linebuf, 1024, "%s", CFG.bbs_name);
html_massage(linebuf, outbuf, 1023); html_massage(linebuf, outbuf, 1024);
MacroVars("N", "s", outbuf); MacroVars("N", "s", outbuf);
snprintf(linebuf, 1023, "%s", CFG.sysop_name); snprintf(linebuf, 1024, "%s", CFG.sysop_name);
html_massage(linebuf, outbuf, 1023); html_massage(linebuf, outbuf, 1024);
MacroVars("S", "s", outbuf); MacroVars("S", "s", outbuf);
snprintf(linebuf, 1023, "%s", CFG.comment); snprintf(linebuf, 1024, "%s", CFG.comment);
html_massage(linebuf, outbuf, 1023); html_massage(linebuf, outbuf, 1024);
MacroVars("T", "s", outbuf); MacroVars("T", "s", outbuf);
} else { } else {
MacroVars("L", "s", CFG.location); MacroVars("L", "s", CFG.location);

6
lib/nntp.c
View File

@ -230,7 +230,7 @@ int nntp_cmd(char *cmd, int resp)
if (nntp_send(cmd) == -1) if (nntp_send(cmd) == -1)
return -1; return -1;
snprintf(rsp, 5, "%d", resp); snprintf(rsp, 6, "%d", resp);
p = nntp_receive(); p = nntp_receive();
if (strncmp(p, "480", 3) == 0) { if (strncmp(p, "480", 3) == 0) {
@ -273,11 +273,11 @@ int nntp_auth(void)
} }
cmd = calloc(128, sizeof(char)); cmd = calloc(128, sizeof(char));
snprintf(cmd, 127, "AUTHINFO USER %s\r\n", CFG.nntpuser); snprintf(cmd, 128, "AUTHINFO USER %s\r\n", CFG.nntpuser);
if (nntp_cmd(cmd, 381)) if (nntp_cmd(cmd, 381))
return FALSE; return FALSE;
snprintf(cmd, 127, "AUTHINFO PASS %s\r\n", CFG.nntppass); snprintf(cmd, 128, "AUTHINFO PASS %s\r\n", CFG.nntppass);
if (nntp_cmd(cmd, 281) == 0) { if (nntp_cmd(cmd, 281) == 0) {
free(cmd); free(cmd);
Syslog('+', "NNTP: logged in"); Syslog('+', "NNTP: logged in");

22
lib/nodelist.c
View File

@ -468,7 +468,7 @@ int initnl(void)
* Read all our TCP/IP capabilities and set the global flag. * Read all our TCP/IP capabilities and set the global flag.
*/ */
if (TCFG.max_tcp) { if (TCFG.max_tcp) {
snprintf(buf, 255, "%s", CFG.IP_Flags); snprintf(buf, 256, "%s", CFG.IP_Flags);
q = buf; q = buf;
for (p = q; p; p = q) { for (p = q; p; p = q) {
if ((q = strchr(p, ','))) if ((q = strchr(p, ',')))
@ -491,7 +491,7 @@ int initnl(void)
while (fread(&ttyinfo, ttyinfohdr.recsize, 1, fp) == 1) { while (fread(&ttyinfo, ttyinfohdr.recsize, 1, fp) == 1) {
if (((ttyinfo.type == POTS) || (ttyinfo.type == ISDN)) && (ttyinfo.available) && (ttyinfo.callout)) { if (((ttyinfo.type == POTS) || (ttyinfo.type == ISDN)) && (ttyinfo.available) && (ttyinfo.callout)) {
snprintf(buf, 255, "%s", ttyinfo.flags); snprintf(buf, 256, "%s", ttyinfo.flags);
q = buf; q = buf;
for (p = q; p; p = q) { for (p = q; p; p = q) {
if ((q = strchr(p, ','))) if ((q = strchr(p, ',')))
@ -929,7 +929,7 @@ node *getnlent(faddr *addr)
if ((*tmpm)->mask & nodebuf.iflags) { if ((*tmpm)->mask & nodebuf.iflags) {
for (tmps = &nl_service; *tmps; tmps=&((*tmps)->next)) { for (tmps = &nl_service; *tmps; tmps=&((*tmps)->next)) {
if (strcmp((*tmps)->flag, (*tmpm)->name) == 0) { if (strcmp((*tmps)->flag, (*tmpm)->name) == 0) {
snprintf(tbuf, 255, "%s", (*tmps)->service); snprintf(tbuf, 256, "%s", (*tmps)->service);
tport = (*tmps)->tmpport; tport = (*tmps)->tmpport;
} }
} }
@ -949,13 +949,13 @@ node *getnlent(faddr *addr)
memset(&tbuf, 0, sizeof(tbuf)); memset(&tbuf, 0, sizeof(tbuf));
if (ndrecord && strlen(nd.Nl_hostname)) { if (ndrecord && strlen(nd.Nl_hostname)) {
Syslog('n', "getnlent: using override %s for FQDN", nd.Nl_hostname); Syslog('n', "getnlent: using override %s for FQDN", nd.Nl_hostname);
snprintf(tbuf, 255, nodebuf.name); snprintf(tbuf, 256, nodebuf.name);
nodebuf.url = xstrcat(nodebuf.url, tbuf); nodebuf.url = xstrcat(nodebuf.url, tbuf);
} else { } else {
for (tmpa = &nl_search; *tmpa; tmpa=&((*tmpa)->next)) { for (tmpa = &nl_search; *tmpa; tmpa=&((*tmpa)->next)) {
Syslog('n', "getnlent: search FQDN method %s", (*tmpa)->name); Syslog('n', "getnlent: search FQDN method %s", (*tmpa)->name);
if (strcasecmp((*tmpa)->name, "field3") == 0) { if (strcasecmp((*tmpa)->name, "field3") == 0) {
snprintf(tbuf, 255, nodebuf.name); snprintf(tbuf, 256, nodebuf.name);
if (strchr(tbuf, '.')) { if (strchr(tbuf, '.')) {
/* /*
* Okay, there are dots, this can be a FQDN or IP address. * Okay, there are dots, this can be a FQDN or IP address.
@ -971,7 +971,7 @@ node *getnlent(faddr *addr)
for (tmpaa = &nl_ipprefix; *tmpaa; tmpaa=&((*tmpaa)->next)) { for (tmpaa = &nl_ipprefix; *tmpaa; tmpaa=&((*tmpaa)->next)) {
if (nodebuf.phone && strncmp(nodebuf.phone, (*tmpaa)->name, strlen((*tmpaa)->name)) == 0) { if (nodebuf.phone && strncmp(nodebuf.phone, (*tmpaa)->name, strlen((*tmpaa)->name)) == 0) {
Syslog('n', "getnlent: found %s prefix", (*tmpaa)->name); Syslog('n', "getnlent: found %s prefix", (*tmpaa)->name);
snprintf(tbuf, 255, "%s", nodebuf.phone+strlen((*tmpaa)->name)); snprintf(tbuf, 256, "%s", nodebuf.phone+strlen((*tmpaa)->name));
for (i = 0; i < strlen(tbuf); i++) for (i = 0; i < strlen(tbuf); i++)
if (tbuf[i] == '-') if (tbuf[i] == '-')
tbuf[i] = '.'; tbuf[i] = '.';
@ -1032,10 +1032,10 @@ node *getnlent(faddr *addr)
for (tmpd = &nl_domsuffix; *tmpd; tmpd=&((*tmpd)->next)) { for (tmpd = &nl_domsuffix; *tmpd; tmpd=&((*tmpd)->next)) {
if ((*tmpd)->zone == nodebuf.addr.zone) { if ((*tmpd)->zone == nodebuf.addr.zone) {
if (*r++ == '\0') if (*r++ == '\0')
snprintf(tbuf, 255, "f%d.n%d.z%d.%s.%s", nodebuf.addr.node, nodebuf.addr.net, snprintf(tbuf, 256, "f%d.n%d.z%d.%s.%s", nodebuf.addr.node, nodebuf.addr.net,
nodebuf.addr.zone, nodebuf.addr.domain, (*tmpd)->name); nodebuf.addr.zone, nodebuf.addr.domain, (*tmpd)->name);
else else
snprintf(tbuf, 255, "f%d.n%d.z%d.%s.%s%s", nodebuf.addr.node, nodebuf.addr.net, snprintf(tbuf, 256, "f%d.n%d.z%d.%s.%s%s", nodebuf.addr.node, nodebuf.addr.net,
nodebuf.addr.zone, nodebuf.addr.domain, (*tmpd)->name, r); nodebuf.addr.zone, nodebuf.addr.domain, (*tmpd)->name, r);
Syslog('n', "getnlent: will try default domain \"%s\"", tbuf); Syslog('n', "getnlent: will try default domain \"%s\"", tbuf);
nodebuf.url = xstrcat(nodebuf.url, tbuf); nodebuf.url = xstrcat(nodebuf.url, tbuf);
@ -1048,7 +1048,7 @@ node *getnlent(faddr *addr)
} }
if (strchr(r, '.')) { if (strchr(r, '.')) {
Syslog('n', "getnlent: found a FQDN \"%s\"", MBSE_SS(r)); Syslog('n', "getnlent: found a FQDN \"%s\"", MBSE_SS(r));
snprintf(tbuf, 255, "%s", r); snprintf(tbuf, 256, "%s", r);
nodebuf.url = xstrcat(nodebuf.url, tbuf); nodebuf.url = xstrcat(nodebuf.url, tbuf);
break; break;
} }
@ -1062,7 +1062,7 @@ node *getnlent(faddr *addr)
if (nodebuf.addr.domain) { if (nodebuf.addr.domain) {
for (tmpd = &nl_domsuffix; *tmpd; tmpd=&((*tmpd)->next)) { for (tmpd = &nl_domsuffix; *tmpd; tmpd=&((*tmpd)->next)) {
if ((*tmpd)->zone == nodebuf.addr.zone) { if ((*tmpd)->zone == nodebuf.addr.zone) {
snprintf(tbuf, 255, "f%d.n%d.z%d.%s.%s", nodebuf.addr.node, nodebuf.addr.net, snprintf(tbuf, 256, "f%d.n%d.z%d.%s.%s", nodebuf.addr.node, nodebuf.addr.net,
nodebuf.addr.zone, nodebuf.addr.domain, (*tmpd)->name); nodebuf.addr.zone, nodebuf.addr.domain, (*tmpd)->name);
Syslog('n', "getnlent: will try default domain \"%s\"", tbuf); Syslog('n', "getnlent: will try default domain \"%s\"", tbuf);
nodebuf.url = xstrcat(nodebuf.url, tbuf); nodebuf.url = xstrcat(nodebuf.url, tbuf);
@ -1090,7 +1090,7 @@ node *getnlent(faddr *addr)
* No optional port number, add one from the default * No optional port number, add one from the default
* for this protocol. * for this protocol.
*/ */
snprintf(tbuf, 255, ":%lu", tport); snprintf(tbuf, 256, ":%lu", tport);
nodebuf.url = xstrcat(nodebuf.url, tbuf); nodebuf.url = xstrcat(nodebuf.url, tbuf);
} }

2
lib/nodelock.c
View File

@ -45,7 +45,7 @@ int nodelock(faddr *addr, pid_t mypid)
tfn = xstrcpy(fn); tfn = xstrcpy(fn);
if ((p=strrchr(tfn,'/'))) if ((p=strrchr(tfn,'/')))
*++p='\0'; *++p='\0';
snprintf(tmp, 15, "aa%d", mypid); snprintf(tmp, 16, "aa%d", mypid);
tfn = xstrcat(tfn, tmp); tfn = xstrcat(tfn, tmp);
mkdirs(tfn, 0770); mkdirs(tfn, 0770);

4
lib/packet.c
View File

@ -133,10 +133,10 @@ FILE *openpkt(FILE *pkt, faddr *addr, char flavor, int session)
memset(&str, 0, 8); memset(&str, 0, 8);
if (session) { if (session) {
if (noderecord(addr) && strlen(nodes.Spasswd)) if (noderecord(addr) && strlen(nodes.Spasswd))
snprintf(str, 8, "%s", nodes.Spasswd); snprintf(str, 9, "%s", nodes.Spasswd);
} else { } else {
if (noderecord(addr) && strlen(nodes.Epasswd)) if (noderecord(addr) && strlen(nodes.Epasswd))
snprintf(str, 8, "%s", nodes.Epasswd); snprintf(str, 9, "%s", nodes.Epasswd);
} }
for (i = 0; i < 8; i++) for (i = 0; i < 8; i++)
buffer[0x1a + i] = toupper(str[i]); /* FSC-0039 only talks about A-Z, 0-9, so force uppercase */ buffer[0x1a + i] = toupper(str[i]); /* FSC-0039 only talks about A-Z, 0-9, so force uppercase */

8
lib/pktname.c
View File

@ -64,7 +64,7 @@ char *prepbuf(faddr *addr)
if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone)) if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone))
zpref[0] = '\0'; zpref[0] = '\0';
else else
snprintf(zpref, 7, ".%03x", addr->zone); snprintf(zpref, 8, ".%03x", addr->zone);
} else { } else {
/* /*
* If we got a 5d address we use the given domain, if * If we got a 5d address we use the given domain, if
@ -96,7 +96,7 @@ char *prepbuf(faddr *addr)
if (CFG.aka[i].zone == addr->zone) if (CFG.aka[i].zone == addr->zone)
zpref[0] = '\0'; zpref[0] = '\0';
else else
snprintf(zpref, 7, ".%03x", addr->zone); snprintf(zpref, 8, ".%03x", addr->zone);
} else { } else {
/* /*
* this is our primary domain * this is our primary domain
@ -104,7 +104,7 @@ char *prepbuf(faddr *addr)
if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone)) if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone))
zpref[0]='\0'; zpref[0]='\0';
else else
snprintf(zpref, 7, ".%03x",addr->zone); snprintf(zpref, 8, ".%03x",addr->zone);
} }
} }
@ -227,7 +227,7 @@ char *dayname(void)
tt = time(NULL); tt = time(NULL);
ptm = localtime(&tt); ptm = localtime(&tt);
snprintf(buf, 2, "%s", dow[ptm->tm_wday]); snprintf(buf, 3, "%s", dow[ptm->tm_wday]);
return buf; return buf;
} }

2
lib/rearc.c
View File

@ -113,7 +113,7 @@ int rearc(char *filename, char *arctype, int do_quiet)
return -1; return -1;
} }
snprintf(p, 5, "%s", archiver.name); snprintf(p, 6, "%s", archiver.name);
Syslog('f', "new filename %s", newname); Syslog('f', "new filename %s", newname);
arccmd = xstrcpy(archiver.farc); arccmd = xstrcpy(archiver.farc);

2
lib/rfcdate.c
View File

@ -180,7 +180,7 @@ char *rfcdate(time_t now)
hr = offset / 60L; hr = offset / 60L;
min = offset % 60L; min = offset % 60L;
snprintf(buf, 39, "%s, %02d %s %04d %02d:%02d:%02d %c%02d%02d", wdays[ptm.tm_wday], ptm.tm_mday, months[ptm.tm_mon], snprintf(buf, 40, "%s, %02d %s %04d %02d:%02d:%02d %c%02d%02d", wdays[ptm.tm_wday], ptm.tm_mday, months[ptm.tm_mon],
ptm.tm_year + 1900, ptm.tm_hour, ptm.tm_min, ptm.tm_sec, sign, hr, min); ptm.tm_year + 1900, ptm.tm_hour, ptm.tm_min, ptm.tm_sec, sign, hr, min);
return(buf); return(buf);
} }

6
lib/semafore.c
View File

@ -36,7 +36,7 @@ void CreateSema(char *sem)
{ {
char temp[40]; char temp[40];
snprintf(temp, 39, "%s", SockR("SECR:1,%s;", sem)); snprintf(temp, 40, "%s", SockR("SECR:1,%s;", sem));
if (strncmp(temp, "200", 3) == 0) if (strncmp(temp, "200", 3) == 0)
WriteError("Can't create semafore %s", sem); WriteError("Can't create semafore %s", sem);
} }
@ -47,7 +47,7 @@ void RemoveSema(char *sem)
{ {
char temp[40]; char temp[40];
snprintf(temp, 39, "%s", SockR("SERM:1,%s;", sem)); snprintf(temp, 40, "%s", SockR("SERM:1,%s;", sem));
if (strncmp(temp, "200", 3) == 0) if (strncmp(temp, "200", 3) == 0)
WriteError("Can't remove semafore %s", sem); WriteError("Can't remove semafore %s", sem);
} }
@ -58,7 +58,7 @@ int IsSema(char *sem)
{ {
char temp[40]; char temp[40];
snprintf(temp, 39, "%s", SockR("SEST:1,%s;", sem)); snprintf(temp, 40, "%s", SockR("SEST:1,%s;", sem));
if (strncmp(temp, "200", 3) == 0) { if (strncmp(temp, "200", 3) == 0) {
WriteError("Can't read semafore %s", sem); WriteError("Can't read semafore %s", sem);
return FALSE; return FALSE;

4
lib/smtp.c
View File

@ -105,7 +105,7 @@ int smtp_connect(void)
Syslog('+', "SMTP: %s", p); Syslog('+', "SMTP: %s", p);
snprintf(temp, 39, "HELO %s\r\n", CFG.sysdomain); snprintf(temp, 40, "HELO %s\r\n", CFG.sysdomain);
if (smtp_cmd(temp, 250)) { if (smtp_cmd(temp, 250)) {
smtp_close(); smtp_close();
return -1; return -1;
@ -193,7 +193,7 @@ int smtp_cmd(char *cmd, int resp)
if (smtp_send(cmd) == -1) if (smtp_send(cmd) == -1)
return -1; return -1;
snprintf(rsp, 5, "%d", resp); snprintf(rsp, 6, "%d", resp);
p = smtp_receive(); p = smtp_receive();
if (strncmp(p, rsp, strlen(rsp))) { if (strncmp(p, rsp, strlen(rsp))) {

16
lib/strutil.c
View File

@ -262,7 +262,7 @@ char *StrTimeHM(time_t date)
struct tm *l_d; struct tm *l_d;
l_d = localtime(&date); l_d = localtime(&date);
snprintf(ttime, 5, "%02d:%02d", l_d->tm_hour, l_d->tm_min); snprintf(ttime, 6, "%02d:%02d", l_d->tm_hour, l_d->tm_min);
return ttime; return ttime;
} }
@ -277,7 +277,7 @@ char *StrTimeHMS(time_t date)
struct tm *l_d; struct tm *l_d;
l_d = localtime(&date); l_d = localtime(&date);
snprintf(ttime, 8, "%02d:%02d:%02d", l_d->tm_hour, l_d->tm_min, l_d->tm_sec); snprintf(ttime, 9, "%02d:%02d:%02d", l_d->tm_hour, l_d->tm_min, l_d->tm_sec);
return ttime; return ttime;
} }
@ -292,7 +292,7 @@ char *GetLocalHM()
time_t T_Now; time_t T_Now;
T_Now = time(NULL); T_Now = time(NULL);
snprintf(gettime, 14, "%s", StrTimeHM(T_Now)); snprintf(gettime, 15, "%s", StrTimeHM(T_Now));
return(gettime); return(gettime);
} }
@ -308,7 +308,7 @@ char *GetLocalHMS()
time_t T_Now; time_t T_Now;
T_Now = time(NULL); T_Now = time(NULL);
snprintf(gettime, 14, "%s", StrTimeHMS(T_Now)); snprintf(gettime, 15, "%s", StrTimeHMS(T_Now));
return(gettime); return(gettime);
} }
@ -323,7 +323,7 @@ char *StrDateMDY(time_t *Clock)
static char cdate[12]; static char cdate[12];
tm = localtime(Clock); tm = localtime(Clock);
snprintf(cdate, 11, "%02d-%02d-%04d", tm->tm_mon+1, tm->tm_mday, tm->tm_year+1900); snprintf(cdate, 12, "%02d-%02d-%04d", tm->tm_mon+1, tm->tm_mday, tm->tm_year+1900);
return(cdate); return(cdate);
} }
@ -338,7 +338,7 @@ char *StrDateDMY(time_t date)
struct tm *l_d; struct tm *l_d;
l_d = localtime(&date); l_d = localtime(&date);
snprintf(tdate, 14, "%02d-%02d-%04d", l_d->tm_mday, l_d->tm_mon+1, l_d->tm_year+1900); snprintf(tdate, 15, "%02d-%02d-%04d", l_d->tm_mday, l_d->tm_mon+1, l_d->tm_year+1900);
return tdate; return tdate;
} }
@ -357,7 +357,7 @@ char *GetDateDMY()
T_Now = time(NULL); T_Now = time(NULL);
l_d = localtime(&T_Now); l_d = localtime(&T_Now);
snprintf(tdate, 14, "%02d-%02d-%04d", l_d->tm_mday,l_d->tm_mon+1,l_d->tm_year+1900); snprintf(tdate, 15, "%02d-%02d-%04d", l_d->tm_mday,l_d->tm_mon+1,l_d->tm_year+1900);
return(tdate); return(tdate);
} }
@ -408,7 +408,7 @@ char *TearLine()
{ {
static char tearline[41]; static char tearline[41];
snprintf(tearline, 40, "--- MBSE BBS v%s (%s-%s)", VERSION, OsName(), OsCPU()); snprintf(tearline, 41, "--- MBSE BBS v%s (%s-%s)", VERSION, OsName(), OsCPU());
return tearline; return tearline;
} }

2
lib/term.c
View File

@ -141,7 +141,7 @@ void mbse_mvprintw(int y, int x, const char *format, ...)
outputstr = calloc(2048, sizeof(char)); outputstr = calloc(2048, sizeof(char));
va_start(va_ptr, format); va_start(va_ptr, format);
vsnprintf(outputstr, 2047, format, va_ptr); vsnprintf(outputstr, 2048, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
mbse_locate(y, x); mbse_locate(y, x);