diff --git a/ChangeLog b/ChangeLog index a03b7a79..03b2f877 100644 --- a/ChangeLog +++ b/ChangeLog @@ -27,12 +27,18 @@ v0.83.14 23-Feb-2006 - If available each message now has a msgid in the header. - Added a .info file with control information. + mbmon: + Better user input checking in chat. + mbsetup: Added archiver selection for nodes in node setup. In archiver select added checks for valid archivers and allowed escape without selecting an archiver. Added selection of archiver select menu. + mbtask: + Safer code for chat. + lang: New prompts 86, 87, 88 and 89. diff --git a/mbmon/mbmon.c b/mbmon/mbmon.c index fc1aa016..4d299064 100644 --- a/mbmon/mbmon.c +++ b/mbmon/mbmon.c @@ -556,7 +556,7 @@ void Chat(int sysop) { int curpos = 0, width, stop = FALSE, data, rc; unsigned char ch = 0; - char sbuf[81], resp[128], *sysop_name, *name; + char *p, sbuf[81], resp[128], *sysop_name, *name; static char buf[200]; clr_index(); @@ -667,7 +667,14 @@ void Chat(int sysop) putchar(7); } } else if ((ch == '\r') && curpos) { - snprintf(buf, 200, "CPUT:2,%d,%s;", mypid, clencode(sbuf)); + snprintf(buf, 12, "%d", mypid); + p = xstrcpy((char *)"CPUT:2,"); + p = xstrcat(p, buf); + p = xstrcat(p, (char *)","); + p = xstrcat(p, clencode(sbuf)); + p = xstrcat(p, (char *)";"); + strncpy(buf, p, 200); + free(p); if (socket_send(buf) == 0) { strcpy(buf, socket_receive()); if (strncmp(buf, "100:2,", 6) == 0) { diff --git a/mbtask/taskchat.c b/mbtask/taskchat.c index 1e97ae28..8b744441 100644 --- a/mbtask/taskchat.c +++ b/mbtask/taskchat.c @@ -134,7 +134,7 @@ void system_msg(pid_t pid, char *msg) memset(&chat_messages[buffer_head], 0, sizeof(_chat_messages)); chat_messages[buffer_head].topid = pid; - snprintf(chat_messages[buffer_head].fromname, 36, "Server"); + strncpy(chat_messages[buffer_head].fromname, "Server", 36); strncpy(chat_messages[buffer_head].message, msg, 80); chat_messages[buffer_head].posted = time(NULL); } @@ -281,7 +281,7 @@ int join(pid_t pid, char *channel, int sysop) */ int part(pid_t pid, char *reason) { - char buf[81]; + char buf[81], *p; chn_list *tmp; usr_list *tmpu; @@ -303,12 +303,13 @@ int part(pid_t pid, char *reason) snprintf(buf, 81, "%s has left channel %s, %d users left", tmpu->nick, tmp->name, tmp->users -1); chat_msg(tmpu->channel, NULL, buf); if (strcasecmp(tmp->name, (char *)"#sysop")) { + p = xstrcpy(tmp->name); if (reason && strlen(reason)) { - snprintf(buf, 81, "%s %s", tmp->name, reason); - send_at((char *)"PART", tmpu->nick, buf); - } else { - send_at((char *)"PART", tmpu->nick, tmp->name); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, reason); } + send_at((char *)"PART", tmpu->nick, p); + free(p); } /* @@ -366,20 +367,26 @@ void chat_cleanuser(pid_t pid) */ void chat_msg(char *channel, char *nick, char *msg) { - char buf[81]; + char *p; usr_list *tmpu; if (nick == NULL) - snprintf(buf, 81, "%s", msg); - else - snprintf(buf, 81, "<%s> %s", nick, msg); - Chatlog((char *)"+", channel, buf); + p = xstrcpy(msg); + else { + p = xstrcpy((char *)"<"); + p = xstrcat(p, nick); + p = xstrcat(p, (char *)"> "); + p = xstrcat(p, msg); + } + Chatlog((char *)"+", channel, p); for (tmpu = users; tmpu; tmpu = tmpu->next) { if (strlen(tmpu->channel) && (strcmp(tmpu->channel, channel) == 0)) { - system_msg(tmpu->pid, buf); + system_msg(tmpu->pid, p); } } + + free(p); } @@ -502,7 +509,7 @@ void chat_close_r(char *data, char *buf) void chat_put_r(char *data, char *buf) { - char *pid, *msg, *cmd, *mbuf, *flags, temp[81]; + char *p, *pid, *msg, *cmd, *mbuf, *flags, temp[81]; int first, count, owner = FALSE, found; usr_list *tmpu, *tmp; chn_list *tmpc; @@ -681,7 +688,13 @@ void chat_put_r(char *data, char *buf) } else { strncpy(tmpc->topic, cmd, 54); snprintf(mbuf, 200, "Topic set to \"%s\"", cmd); - send_all("TOPIC %s %s\r\n", tmpc->name, tmpc->topic); + p = xstrcpy((char *)"TOPIC "); + p = xstrcat(p, tmpc->name); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, tmpc->topic); + p = xstrcat(p, (char *)"\r\n"); + send_all(p); + free(p); } } else { snprintf(mbuf, 200, "** You are not the channel owner"); @@ -717,8 +730,17 @@ void chat_put_r(char *data, char *buf) /* * Send message to all links but not the #sysop channel */ - if (strcmp(tmpu->channel, "#sysop")) - send_all("PRIVMSG %s <%s> %s\r\n", tmpu->channel, tmpu->nick, msg); + if (strcmp(tmpu->channel, "#sysop")) { + p = xstrcpy((char *)"PRIVMSG "); + p = xstrcat(p, tmpu->channel); + p = xstrcat(p, (char *)" <"); + p = xstrcat(p, tmpu->nick); + p = xstrcat(p, (char *)"> "); + p = xstrcat(p, msg); + p = xstrcat(p, (char *)"\r\n"); + send_all(p); + free(p); + } } goto ack; } @@ -751,7 +773,7 @@ hangup: */ void chat_get_r(char *data, char *buf) { - char *pid; + char *pid, *p; usr_list *tmpu; if (IsSema((char *)"upsalarm")) { @@ -778,7 +800,12 @@ void chat_get_r(char *data, char *buf) /* * Message is for us */ - snprintf(buf, 200, "100:2,0,%s;", clencode(chat_messages[tmpu->pointer].message)); +// snprintf(buf, 200, "100:2,0,%s;", clencode(chat_messages[tmpu->pointer].message)); + p = xstrcpy((char *)"100:2,0,"); + p = xstrcat(p, clencode(chat_messages[tmpu->pointer].message)); + p = xstrcat(p, (char *)";"); + strncpy(buf, p, 200); + free(p); return; } } diff --git a/mbtask/taskcomm.c b/mbtask/taskcomm.c index 3341b341..dedcb9c8 100644 --- a/mbtask/taskcomm.c +++ b/mbtask/taskcomm.c @@ -374,7 +374,7 @@ char *exe_cmd(char *in) if (strncmp(cmd, "CPUT", 4) == 0) { buf = calloc(SS_BUFSIZE, sizeof(char)); chat_put_r(token, buf); - snprintf(obuf, SS_BUFSIZE, "%s", buf); + strncpy(obuf, buf, SS_BUFSIZE); free(buf); return obuf; } @@ -390,7 +390,7 @@ char *exe_cmd(char *in) if (strncmp(cmd, "CGET", 4) == 0) { buf = calloc(SS_BUFSIZE, sizeof(char)); chat_get_r(token, buf); - snprintf(obuf, SS_BUFSIZE, "%s", buf); + strncpy(obuf, buf, SS_BUFSIZE); free(buf); return obuf; } diff --git a/mbtask/taskibc.c b/mbtask/taskibc.c index 043c12f2..74c2eaa4 100644 --- a/mbtask/taskibc.c +++ b/mbtask/taskibc.c @@ -89,7 +89,7 @@ int add_server(srv_list **, char *, int, char *, char *, char *, char *); void del_server(srv_list **, char *); void del_router(srv_list **, char *); int send_msg(ncs_list *, const char *, ...); -void broadcast(char *, const char *, ...); +void broadcast(char *, char *); void check_servers(void); int command_pass(char *, char *); int command_server(char *, char *); @@ -538,19 +538,13 @@ void del_router(srv_list **fap, char *name) /* * Send a message to all servers */ -void send_all(const char *format, ...) +void send_all(char *msg) { ncs_list *tnsl; - char buf[512]; - va_list va_ptr; - - va_start(va_ptr, format); - vsnprintf(buf, 512, format, va_ptr); - va_end(va_ptr); for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if (tnsl->state == NCS_CONNECT) { - send_msg(tnsl, buf); + send_msg(tnsl, msg); } } } @@ -563,12 +557,20 @@ void send_all(const char *format, ...) void send_at(char *cmd, char *nick, char *param) { ncs_list *tnsl; - char buf[512]; + char *p; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if (tnsl->state == NCS_CONNECT) { - snprintf(buf, 512, "%s %s@%s %s\r\n", cmd, nick, tnsl->myname, param); - send_msg(tnsl, buf); + p = xstrcpy(cmd); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, nick); + p = xstrcat(p, (char *)"@"); + p = xstrcat(p, tnsl->myname); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, param); + p = xstrcat(p, (char *)"\r\n"); + send_msg(tnsl, p); + free(p); } } } @@ -578,12 +580,21 @@ void send_at(char *cmd, char *nick, char *param) void send_nick(char *nick, char *name, char *realname) { ncs_list *tnsl; - char buf[512]; + char *p; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if (tnsl->state == NCS_CONNECT) { - snprintf(buf, 512, "NICK %s %s %s %s\r\n", nick, name, tnsl->myname, realname); - send_msg(tnsl, buf); + p = xstrcpy((char *)"NICK "); + p = xstrcat(p, nick); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, name); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, tnsl->myname); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, realname); + p = xstrcat(p, (char *)"\r\n"); + send_msg(tnsl, p); + free(p); } } } @@ -593,19 +604,13 @@ void send_nick(char *nick, char *name, char *realname) /* * Broadcast a message to all servers except the originating server */ -void broadcast(char *origin, const char *format, ...) +void broadcast(char *origin, char *msg) { ncs_list *tnsl; - va_list va_ptr; - char buf[512]; - va_start(va_ptr, format); - vsnprintf(buf, 512, format, va_ptr); - va_end(va_ptr); - for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if ((tnsl->state == NCS_CONNECT) && (strcmp(origin, tnsl->server))) { - send_msg(tnsl, buf); + send_msg(tnsl, msg); } } } @@ -640,7 +645,7 @@ int send_msg(ncs_list *tnsl, const char *format, ...) void check_servers(void) { - char *errmsg, scfgfn[PATH_MAX]; + char *errmsg, *p, scfgfn[PATH_MAX]; FILE *fp; ncs_list *tnsl, **tmp; srv_list *srv; @@ -736,13 +741,19 @@ void check_servers(void) Remove = TRUE; Syslog('r', "IBC: Remove server %s", tnsl->server); if (tnsl->state == NCS_CONNECT) { + p = calloc(512, sizeof(char)); if (local_reset) { - broadcast(tnsl->server, "SQUIT %s Reset connection\r\n", tnsl->server); - send_msg(tnsl, "SQUIT %s Your system connection is reset\r\n", tnsl->myname); + snprintf(p, 512, "SQUIT %s Reset connection\r\n", tnsl->server); + broadcast(tnsl->server, p); + snprintf(p, 512, "SQUIT %s Your system connection is reset\r\n", tnsl->myname); + send_msg(tnsl, p); } else { - broadcast(tnsl->server, "SQUIT %s Removed from configuration\r\n", tnsl->server); - send_msg(tnsl, "SQUIT %s Your system is removed from configuration\r\n", tnsl->myname); + snprintf(p, 512, "SQUIT %s Removed from configuration\r\n", tnsl->server); + broadcast(tnsl->server, p); + snprintf(p, 512, "SQUIT %s Your system is removed from configuration\r\n", tnsl->myname); + send_msg(tnsl, p); } + free(p); del_router(&servers, tnsl->server); } if (tnsl->socket != -1) { @@ -941,7 +952,10 @@ void check_servers(void) tnsl->gotserver = FALSE; tnsl->token = 0; tnsl->halfdead = 0; - broadcast(tnsl->server, "SQUIT %s Connection died\r\n", tnsl->server); + p = calloc(81, sizeof(char)); + snprintf(p, 81, "SQUIT %s Connection died\r\n", tnsl->server); + broadcast(tnsl->server, p); + free(p); callchg = TRUE; srvchg = TRUE; system_shout("*** NETWORK SPLIT, lost connection with server %s", tnsl->server); @@ -959,7 +973,10 @@ void check_servers(void) tnsl->gotserver = FALSE; tnsl->token = 0; tnsl->halfdead = 0; - broadcast(tnsl->server, "SQUIT %s Connection died\r\n", tnsl->server); + p = calloc(81, sizeof(char)); + snprintf(p, 81, "SQUIT %s Connection died\r\n", tnsl->server); + broadcast(tnsl->server, p); + free(p); callchg = TRUE; srvchg = TRUE; system_shout("*** NETWORK SPLIT, lost connection with server %s", tnsl->server); @@ -1063,7 +1080,7 @@ int command_server(char *hostname, char *parameters) srv_list *ta; usr_list *tmp; chn_list *tmpc; - char *name, *hops, *id, *prod, *vers, *fullname; + char *p, *name, *hops, *id, *prod, *vers, *fullname; unsigned int token; int ihops, found = FALSE; @@ -1096,7 +1113,10 @@ int command_server(char *hostname, char *parameters) * In that case, the session is authorized. */ if (tnsl->token == token) { - broadcast(tnsl->server, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname); + p = calloc(512, sizeof(char)); + snprintf(p, 512, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname); + broadcast(tnsl->server, p); + free(p); system_shout("* New server: %s, %s", name, fullname); tnsl->gotserver = TRUE; callchg = TRUE; @@ -1145,7 +1165,10 @@ int command_server(char *hostname, char *parameters) if (found && tnsl->gotpass) { send_msg(tnsl, "PASS %s 0100 %s\r\n", tnsl->passwd, tnsl->compress ? "Z":""); send_msg(tnsl, "SERVER %s 0 %ld mbsebbs %s %s\r\n", tnsl->myname, token, VERSION, CFG.bbs_name); - broadcast(tnsl->server, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname); + p = calloc(512, sizeof(char)); + snprintf(p, 512, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname); + broadcast(tnsl->server, p); + free(p); system_shout("* New server: %s, %s", name, fullname); tnsl->gotserver = TRUE; tnsl->state = NCS_CONNECT; @@ -1185,7 +1208,10 @@ int command_server(char *hostname, char *parameters) * Got a message about a server that is not our neighbour, could be a relayed server. */ if (add_server(&servers, name, ihops, prod, vers, fullname, hostname)) { - broadcast(hostname, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname); + p = calloc(512, sizeof(char)); + snprintf(p, 512, "SERVER %s %d %s %s %s %s\r\n", name, ihops, id, prod, vers, fullname); + broadcast(hostname, p); + free(p); srvchg = TRUE; Syslog('+', "IBC: new relay server %s: %s", name, fullname); system_shout("* New server: %s, %s", name, fullname); @@ -1202,7 +1228,7 @@ int command_server(char *hostname, char *parameters) int command_squit(char *hostname, char *parameters) { ncs_list *tnsl; - char *name, *message; + char *p, *name, *message; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if (strcmp(tnsl->server, hostname) == 0) { @@ -1227,7 +1253,10 @@ int command_squit(char *hostname, char *parameters) } system_shout("* Server %s disconnected: %s", name, message); - broadcast(hostname, "SQUIT %s %s\r\n", name, message); + p = calloc(512, sizeof(char)); + snprintf(p, 512, "SQUIT %s %s\r\n", name, message); + broadcast(hostname, p); + free(p); srvchg = TRUE; return 0; } @@ -1237,7 +1266,7 @@ int command_squit(char *hostname, char *parameters) int command_user(char *hostname, char *parameters) { ncs_list *tnsl; - char *name, *server, *realname; + char *p, *name, *server, *realname; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if (strcmp(tnsl->server, hostname) == 0) { @@ -1255,7 +1284,10 @@ int command_user(char *hostname, char *parameters) } if (add_user(&users, server, name, realname) == 0) { - broadcast(hostname, "USER %s@%s %s\r\n", name, server, realname); + p = calloc(512, sizeof(char)); + snprintf(p, 512, "USER %s@%s %s\r\n", name, server, realname); + broadcast(hostname, p); + free(p); system_shout("* New user %s@%s (%s)", name, server, realname); } return 0; @@ -1266,7 +1298,7 @@ int command_user(char *hostname, char *parameters) int command_quit(char *hostname, char *parameters) { ncs_list *tnsl; - char *name, *server, *message; + char *p, *name, *server, *message; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if (strcmp(tnsl->server, hostname) == 0) { @@ -1289,7 +1321,10 @@ int command_quit(char *hostname, char *parameters) system_shout("* User %s is leaving", name); } del_user(&users, server, name); - broadcast(hostname, "QUIT %s@%s %s\r\n", name, server, parameters); + p = calloc(512, sizeof(char)); + snprintf(p, 512, "QUIT %s@%s %s\r\n", name, server, parameters); + broadcast(hostname, p); + free(p); return 0; } @@ -1299,7 +1334,7 @@ int command_nick(char *hostname, char *parameters) { ncs_list *tnsl; usr_list *tmp; - char *nick, *name, *server, *realname; + char *p, *nick, *name, *server, *realname; int found; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { @@ -1350,7 +1385,10 @@ int command_nick(char *hostname, char *parameters) return 404; } - broadcast(hostname, "NICK %s %s %s %s\r\n", nick, name, server, realname); + p = calloc(512, sizeof(char)); + snprintf(p, 512, "NICK %s %s %s %s\r\n", nick, name, server, realname); + broadcast(hostname, p); + free(p); return 0; } @@ -1361,7 +1399,7 @@ int command_join(char *hostname, char *parameters) ncs_list *tnsl; chn_list *tmp; usr_list *tmpu; - char *nick, *server, *channel, msg[81]; + char *p, *nick, *server, *channel, msg[81]; int found; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { @@ -1413,7 +1451,10 @@ int command_join(char *hostname, char *parameters) } } - broadcast(hostname, "JOIN %s@%s %s\r\n", nick, server, channel); + p = calloc(512, sizeof(char)); + snprintf(p, 512, "JOIN %s@%s %s\r\n", nick, server, channel); + broadcast(hostname, p); + free(p); chnchg = TRUE; return 0; } @@ -1425,7 +1466,7 @@ int command_part(char *hostname, char *parameters) ncs_list *tnsl; chn_list *tmp; usr_list *tmpu; - char *nick, *server, *channel, *message, msg[81]; + char *p, *nick, *server, *channel, *message, msg[81]; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if (strcmp(tnsl->server, hostname) == 0) { @@ -1475,10 +1516,19 @@ int command_part(char *hostname, char *parameters) } } - if (message) - broadcast(hostname, "PART %s@%s %s %s\r\n", nick, server, channel, message); - else - broadcast(hostname, "PART %s@%s %s\r\n", nick, server, channel); + p = xstrcpy((char *)"PART "); + p = xstrcat(p, nick); + p = xstrcat(p, (char *)"@"); + p = xstrcat(p, server); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, channel); + if (message) { + p = xstrcat(p, (char *)" "); + p = xstrcat(p, message); + } + p = xstrcat(p, (char *)"\r\n"); + broadcast(hostname, p); + free(p); return 0; } @@ -1488,7 +1538,7 @@ int command_topic(char *hostname, char *parameters) { ncs_list *tnsl; chn_list *tmp; - char *channel, *topic, msg[81]; + char *p, *channel, *topic, msg[81]; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if (strcmp(tnsl->server, hostname) == 0) { @@ -1515,7 +1565,13 @@ int command_topic(char *hostname, char *parameters) } } - broadcast(hostname, "TOPIC %s %s\r\n", channel, topic); + p = xstrcpy((char *)"TOPIC "); + p = xstrcat(p, channel); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, topic); + p = xstrcat(p, (char *)"\r\n"); + broadcast(hostname, p); + free(p); return 0; } @@ -1525,7 +1581,7 @@ int command_privmsg(char *hostname, char *parameters) { ncs_list *tnsl; chn_list *tmp; - char *channel, *msg; + char *p, *channel, *msg; for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { if (strcmp(tnsl->server, hostname) == 0) { @@ -1550,7 +1606,13 @@ int command_privmsg(char *hostname, char *parameters) if (strcmp(tmp->name, channel) == 0) { tmp->lastmsg = now; chat_msg(channel, NULL, msg); - broadcast(hostname, "PRIVMSG %s %s\r\n", channel, msg); + p = xstrcpy((char *)"PRIVMSG "); + p = xstrcat(p, channel); + p = xstrcat(p, (char *)" "); + p = xstrcat(p, msg); + p = xstrcat(p, (char *)"\r\n"); + broadcast(hostname, p); + free(p); return 0; } } @@ -1743,6 +1805,7 @@ void ibc_shutdown(void) { ncs_list *tnsl; usr_list *usrp; + char *p; Syslog('r', "IBC: start shutdown connections"); @@ -1751,13 +1814,17 @@ void ibc_shutdown(void) /* * Our user, still connected */ + p = calloc(512, sizeof(char)); if (strlen(usrp->channel) && strcmp(usrp->channel, "#sysop")) { /* * In a channel */ - broadcast((char *)"foobar", "PART %s@%s %s System shutdown\r\n", usrp->nick, usrp->server, usrp->channel); + snprintf(p, 512, "PART %s@%s %s System shutdown\r\n", usrp->nick, usrp->server, usrp->channel); + broadcast((char *)"foobar", p); } - broadcast((char *)"foobar", "QUIT %s@%s System shutdown\r\n", usrp->nick, usrp->server); + snprintf(p, 512, "QUIT %s@%s System shutdown\r\n", usrp->nick, usrp->server); + broadcast((char *)"foobar", p); + free(p); } } diff --git a/mbtask/taskibc.h b/mbtask/taskibc.h index f345e3ce..d399f559 100644 --- a/mbtask/taskibc.h +++ b/mbtask/taskibc.h @@ -112,7 +112,7 @@ int add_channel(chn_list **, char *, char *, char *); void del_channel(chn_list **, char *); int do_command(char *, char *, char *); -void send_all(const char *, ...); +void send_all(char *); void send_at(char *, char *, char *); void send_nick(char *, char *, char *); void check_servers(void);