summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2003-04-04 20:25:08 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2003-04-04 20:25:08 +0000
commit96eef4873443f17a48dc476e38e0ce7c3dfb7af1 (patch)
treea0074d08345d60f73dbe2cb4389526f43ddf57ee
parent87bb416d9162030904882f8dc0b054ecc84f194c (diff)
strlcpy and snprintf; various people ok
-rw-r--r--usr.sbin/ppp/ppp/alias_ftp.c11
-rw-r--r--usr.sbin/ppp/ppp/alias_proxy.c6
-rw-r--r--usr.sbin/ppp/ppp/alias_smedia.c6
-rw-r--r--usr.sbin/ppp/ppp/bundle.c4
-rw-r--r--usr.sbin/ppp/ppp/chap.c13
-rw-r--r--usr.sbin/ppp/ppp/ether.c4
-rw-r--r--usr.sbin/ppp/ppp/mp.c12
-rw-r--r--usr.sbin/ppp/ppp/prompt.c6
-rw-r--r--usr.sbin/ppp/ppp/radlib.c4
-rw-r--r--usr.sbin/ppp/ppp/route.c12
-rw-r--r--usr.sbin/ppp/ppp/server.c6
-rw-r--r--usr.sbin/ppp/ppp/tty.c8
-rw-r--r--usr.sbin/ppp/ppp/tun.c4
-rw-r--r--usr.sbin/ppp/ppp/vjcomp.c4
-rw-r--r--usr.sbin/ppp/pppctl/pppctl.c16
-rw-r--r--usr.sbin/pppd/auth.c18
-rw-r--r--usr.sbin/pppd/ccp.c17
-rw-r--r--usr.sbin/pppd/chap.c8
-rw-r--r--usr.sbin/pppd/ipcp.c14
-rw-r--r--usr.sbin/pppd/ipxcp.c33
-rw-r--r--usr.sbin/pppd/main.c27
-rw-r--r--usr.sbin/pppd/options.c27
-rw-r--r--usr.sbin/pppd/sys-bsd.c10
23 files changed, 130 insertions, 140 deletions
diff --git a/usr.sbin/ppp/ppp/alias_ftp.c b/usr.sbin/ppp/ppp/alias_ftp.c
index 29fcf017ac0..8b84aa6f8ae 100644
--- a/usr.sbin/ppp/ppp/alias_ftp.c
+++ b/usr.sbin/ppp/ppp/alias_ftp.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: alias_ftp.c,v 1.14 2002/03/31 02:38:49 brian Exp $
+ * $OpenBSD: alias_ftp.c,v 1.15 2003/04/04 20:25:06 deraadt Exp $
*/
/*
@@ -518,23 +518,24 @@ NewFtpMessage(struct ip *pip,
if (ftp_message_type == FTP_PORT_COMMAND) {
/* Generate PORT command string. */
- sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n",
+ snprintf(stemp, sizeof stemp, "PORT %d,%d,%d,%d,%d,%d\r\n",
a1,a2,a3,a4,p1,p2);
} else {
/* Generate 227 reply string. */
- sprintf(stemp,
+ snprintf(stemp, sizeof stemp,
"227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n",
a1,a2,a3,a4,p1,p2);
}
break;
case FTP_EPRT_COMMAND:
/* Generate EPRT command string. */
- sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n",
+ snprintf(stemp, sizeof stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n",
a1,a2,a3,a4,ntohs(alias_port));
break;
case FTP_229_REPLY:
/* Generate 229 reply string. */
- sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n",
+ snprintf(stemp, sizeof stemp,
+ "229 Entering Extended Passive Mode (|||%d|)\r\n",
ntohs(alias_port));
break;
}
diff --git a/usr.sbin/ppp/ppp/alias_proxy.c b/usr.sbin/ppp/ppp/alias_proxy.c
index 0825bf01342..42a0faae310 100644
--- a/usr.sbin/ppp/ppp/alias_proxy.c
+++ b/usr.sbin/ppp/ppp/alias_proxy.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: alias_proxy.c,v 1.11 2002/06/15 08:01:59 brian Exp $
+ * $OpenBSD: alias_proxy.c,v 1.12 2003/04/04 20:25:06 deraadt Exp $
*/
/* file: alias_proxy.c
@@ -563,7 +563,7 @@ PacketAliasProxyRule(const char *cmd)
cmd_len = strlen(cmd);
if (cmd_len > (sizeof(buffer) - 1))
return -1;
- strcpy(buffer, cmd);
+ strlcpy(buffer, cmd, sizeof buffer);
/* Convert to lower case */
len = strlen(buffer);
@@ -639,7 +639,7 @@ PacketAliasProxyRule(const char *cmd)
break;
case STATE_READ_PORT:
- strcpy(str_port, token);
+ strlcpy(str_port, token, sizeof str_port);
state = STATE_READ_KEYWORD;
break;
diff --git a/usr.sbin/ppp/ppp/alias_smedia.c b/usr.sbin/ppp/ppp/alias_smedia.c
index 0004ced4331..5cbfb083194 100644
--- a/usr.sbin/ppp/ppp/alias_smedia.c
+++ b/usr.sbin/ppp/ppp/alias_smedia.c
@@ -62,7 +62,7 @@
* Junichi SATOH <junichi@astec.co.jp>
* <junichi@junichi.org>
*
- * $OpenBSD: alias_smedia.c,v 1.6 2002/06/15 08:02:00 brian Exp $
+ * $OpenBSD: alias_smedia.c,v 1.7 2003/04/04 20:25:06 deraadt Exp $
*/
/*
@@ -259,7 +259,7 @@ alias_rtsp_out(struct ip *pip,
pkt_updated = 1;
/* Copy into IP packet */
- sprintf(stemp, "%d", ntohs(salias));
+ snprintf(stemp, sizeof stemp, "%d", ntohs(salias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
@@ -268,7 +268,7 @@ alias_rtsp_out(struct ip *pip,
port_newdata++;
/* Copy into IP packet */
- sprintf(stemp, "%d", ntohs(ealias));
+ snprintf(stemp, sizeof stemp, "%d", ntohs(ealias));
memcpy(port_newdata, stemp, strlen(stemp));
port_newdata += strlen(stemp);
}
diff --git a/usr.sbin/ppp/ppp/bundle.c b/usr.sbin/ppp/ppp/bundle.c
index 049b547fced..0d3d8307fc8 100644
--- a/usr.sbin/ppp/ppp/bundle.c
+++ b/usr.sbin/ppp/ppp/bundle.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: bundle.c,v 1.66 2002/06/15 08:02:00 brian Exp $
+ * $OpenBSD: bundle.c,v 1.67 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -1544,7 +1544,7 @@ bundle_SendDatalink(struct datalink *dl, int s, struct sockaddr_un *sun)
constlock = physical_LockedDevice(dl->physical);
if (constlock) {
lock = alloca(strlen(constlock) + 1);
- strcpy(lock, constlock);
+ strlcpy(lock, constlock, strlen(constlock) + 1);
} else
lock = NULL;
diff --git a/usr.sbin/ppp/ppp/chap.c b/usr.sbin/ppp/ppp/chap.c
index 7558cdf2440..7d506f3d629 100644
--- a/usr.sbin/ppp/ppp/chap.c
+++ b/usr.sbin/ppp/ppp/chap.c
@@ -25,7 +25,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: chap.c,v 1.36 2002/06/17 01:14:08 brian Exp $
+ * $OpenBSD: chap.c,v 1.37 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -596,15 +596,18 @@ chap_Failure(struct authinfo *authp)
#endif
#ifndef NODES
if (authp->physical->link.lcp.want_authtype == 0x80) {
- sprintf(buf, "E=691 R=1 M=Invalid!");
+ snprintf(buf, sizeof buf, "E=691 R=1 M=Invalid!");
msg = buf;
} else if (authp->physical->link.lcp.want_authtype == 0x81) {
int i;
ptr = buf;
- ptr += sprintf(buf, "E=691 R=0 C=");
- for (i=0; i<16; i++)
- ptr += sprintf(ptr, "%02X", *(auth2chap(authp)->challenge.local+1+i));
+ snprintf(buf, sizeof(buf), "E=691 R=0 C=");
+ ptr += strlen(ptr);
+ for (i=0; i<16; i++) {
+ snprintf(ptr, 3, "%02X", *(auth2chap(authp)->challenge.local+1+i));
+ ptr += strlen(ptr);
+ }
sprintf(ptr, " V=3 M=Invalid!");
msg = buf;
diff --git a/usr.sbin/ppp/ppp/ether.c b/usr.sbin/ppp/ppp/ether.c
index bf1d9702106..4666168998e 100644
--- a/usr.sbin/ppp/ppp/ether.c
+++ b/usr.sbin/ppp/ppp/ether.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: ether.c,v 1.17 2002/07/01 11:14:38 brian Exp $
+ * $OpenBSD: ether.c,v 1.18 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -517,7 +517,7 @@ ether_Create(struct physical *p)
* magically exist as a way of hooking stuff onto an ethernet device
*/
path = (char *)alloca(ifacelen + 2);
- sprintf(path, "%.*s:", ifacelen, iface);
+ snprintf(path, ifacelen + 2, "%.*s:", ifacelen, iface);
if (NgSendMsg(dev->cs, path, NGM_GENERIC_COOKIE, NGM_LISTHOOKS,
NULL, 0) < 0) {
log_Printf(LogWARN, "%s Cannot send a netgraph message: %s\n",
diff --git a/usr.sbin/ppp/ppp/mp.c b/usr.sbin/ppp/ppp/mp.c
index 4b61ab6f70d..df7c0605e6e 100644
--- a/usr.sbin/ppp/ppp/mp.c
+++ b/usr.sbin/ppp/ppp/mp.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: mp.c,v 1.30 2002/05/16 01:13:39 brian Exp $
+ * $OpenBSD: mp.c,v 1.31 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -902,7 +902,7 @@ mp_Enddisc(u_char c, const char *address, int len)
switch (c) {
case ENDDISC_NULL:
- sprintf(result, "Null Class");
+ snprintf(result, sizeof result, "Null Class");
break;
case ENDDISC_LOCAL:
@@ -914,7 +914,7 @@ mp_Enddisc(u_char c, const char *address, int len)
snprintf(result, sizeof result, "IP %s",
inet_ntoa(*(const struct in_addr *)address));
else
- sprintf(result, "IP[%d] ???", len);
+ snprintf(result, sizeof result, "IP[%d] ???", len);
break;
case ENDDISC_MAC:
@@ -923,11 +923,11 @@ mp_Enddisc(u_char c, const char *address, int len)
snprintf(result, sizeof result, "MAC %02x:%02x:%02x:%02x:%02x:%02x",
m[0], m[1], m[2], m[3], m[4], m[5]);
} else
- sprintf(result, "MAC[%d] ???", len);
+ snprintf(result, sizeof result, "MAC[%d] ???", len);
break;
case ENDDISC_MAGIC:
- sprintf(result, "Magic: 0x");
+ snprintf(result, sizeof result, "Magic: 0x");
header = strlen(result);
if (len > sizeof result - header - 1)
len = sizeof result - header - 1;
@@ -940,7 +940,7 @@ mp_Enddisc(u_char c, const char *address, int len)
break;
default:
- sprintf(result, "%d: ", (int)c);
+ snprintf(result, sizeof result, "%d: ", (int)c);
header = strlen(result);
if (len > sizeof result - header - 1)
len = sizeof result - header - 1;
diff --git a/usr.sbin/ppp/ppp/prompt.c b/usr.sbin/ppp/ppp/prompt.c
index e10a9e32e66..c98514c3a3a 100644
--- a/usr.sbin/ppp/ppp/prompt.c
+++ b/usr.sbin/ppp/ppp/prompt.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: prompt.c,v 1.13 2002/06/15 08:02:01 brian Exp $
+ * $OpenBSD: prompt.c,v 1.14 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -114,7 +114,7 @@ prompt_Display(struct prompt *p)
char *dot;
if (gethostname(shostname, sizeof shostname) || *shostname == '\0')
- strcpy(shostname, "localhost");
+ strlcpy(shostname, "localhost", sizeof shostname);
else if ((dot = strchr(shostname, '.')))
*dot = '\0';
}
@@ -393,7 +393,7 @@ prompt_vPrintf(struct prompt *p, const char *fmt, va_list ap)
if (len && len < sizeof nfmt - 1 && fmt[len-1] == '\n' &&
(len == 1 || fmt[len-2] != '\r')) {
- strcpy(nfmt, fmt);
+ strlcpy(nfmt, fmt, sizeof nfmt);
strcpy(nfmt + len - 1, "\r\n");
pfmt = nfmt;
} else
diff --git a/usr.sbin/ppp/ppp/radlib.c b/usr.sbin/ppp/ppp/radlib.c
index dea9e7adb40..681d3fcf5d4 100644
--- a/usr.sbin/ppp/ppp/radlib.c
+++ b/usr.sbin/ppp/ppp/radlib.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: radlib.c,v 1.7 2002/06/15 01:33:23 brian Exp $
+ * $OpenBSD: radlib.c,v 1.8 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/types.h>
@@ -415,7 +415,7 @@ rad_config(struct rad_handle *h, const char *path)
if (rad_add_server(h, host, port, secret, timeout, maxtries) ==
-1) {
- strcpy(msg, h->errmsg);
+ strlcpy(msg, h->errmsg, sizeof msg);
generr(h, "%s:%d: %s", path, linenum, msg);
retval = -1;
break;
diff --git a/usr.sbin/ppp/ppp/route.c b/usr.sbin/ppp/ppp/route.c
index 2a2a8bd951f..ac20c2027b8 100644
--- a/usr.sbin/ppp/ppp/route.c
+++ b/usr.sbin/ppp/ppp/route.c
@@ -25,7 +25,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: route.c,v 1.26 2002/05/16 01:13:39 brian Exp $
+ * $OpenBSD: route.c,v 1.27 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -128,17 +128,17 @@ p_sockaddr(struct prompt *prompt, struct sockaddr *phost,
sprintf(buf+f*3, "%02x:", MAC[f]);
buf[f*3-1] = '\0';
} else
- strcpy(buf, "??:??:??:??:??:??");
+ strlcpy(buf, "??:??:??:??:??:??", sizeof buf);
} else
- sprintf(buf, "<IFT type %d>", dl->sdl_type);
+ snprintf(buf, sizeof buf, "<IFT type %d>", dl->sdl_type);
} else if (dl->sdl_slen)
- sprintf(buf, "<slen %d?>", dl->sdl_slen);
+ snprintf(buf, sizeof buf, "<slen %d?>", dl->sdl_slen);
else
- sprintf(buf, "link#%d", dl->sdl_index);
+ snprintf(buf, sizeof buf, "link#%d", dl->sdl_index);
break;
default:
- sprintf(buf, "<AF type %d>", phost->sa_family);
+ snprintf(buf, sizeof buf, "<AF type %d>", phost->sa_family);
break;
}
diff --git a/usr.sbin/ppp/ppp/server.c b/usr.sbin/ppp/ppp/server.c
index 0b0199074bb..ef88d342c20 100644
--- a/usr.sbin/ppp/ppp/server.c
+++ b/usr.sbin/ppp/ppp/server.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: server.c,v 1.15 2002/05/16 01:13:39 brian Exp $
+ * $OpenBSD: server.c,v 1.16 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -219,7 +219,7 @@ server_Reopen(struct bundle *bundle)
enum server_stat ret;
if (server.cfg.sockname[0] != '\0') {
- strcpy(name, server.cfg.sockname);
+ strlcpy(name, server.cfg.sockname, sizeof name);
mask = server.cfg.mask;
server_Close(bundle);
if (server.cfg.sockname[0] != '\0' && stat(server.cfg.sockname, &st) == 0)
@@ -255,7 +255,7 @@ server_LocalOpen(struct bundle *bundle, const char *name, mode_t mask)
return SERVER_INVALID;
}
ifsun.sun_family = AF_LOCAL;
- strcpy(ifsun.sun_path, name);
+ strlcpy(ifsun.sun_path, name, sizeof ifsun.sun_path);
s = socket(PF_LOCAL, SOCK_STREAM, 0);
if (s < 0) {
diff --git a/usr.sbin/ppp/ppp/tty.c b/usr.sbin/ppp/ppp/tty.c
index 31b044d179c..e0fa6b97d92 100644
--- a/usr.sbin/ppp/ppp/tty.c
+++ b/usr.sbin/ppp/ppp/tty.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: tty.c,v 1.18 2002/05/16 01:13:39 brian Exp $
+ * $OpenBSD: tty.c,v 1.19 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -546,10 +546,10 @@ tty_OpenInfo(struct physical *p)
static char buf[13];
if (Online(dev))
- strcpy(buf, "with");
+ strlcpy(buf, "with", sizeof buf);
else
- strcpy(buf, "no");
- strcat(buf, " carrier");
+ strlcpy(buf, "no", sizeof buf);
+ strlcat(buf, " carrier", sizeof buf);
return buf;
}
diff --git a/usr.sbin/ppp/ppp/tun.c b/usr.sbin/ppp/ppp/tun.c
index e1c1f45a703..6af7a81ccc1 100644
--- a/usr.sbin/ppp/ppp/tun.c
+++ b/usr.sbin/ppp/ppp/tun.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: tun.c,v 1.16 2002/06/15 08:02:01 brian Exp $
+ * $OpenBSD: tun.c,v 1.17 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -94,7 +94,7 @@ tun_configure(struct bundle *bundle)
return;
}
- sprintf(ifr.ifr_name, "tun%d", bundle->unit);
+ snprintf(ifr.ifr_name, sizeof ifr.ifr_name, "tun%d", bundle->unit);
ifr.ifr_mtu = bundle->iface->mtu;
if (ioctl(s, SIOCSIFMTU, &ifr) < 0)
log_Printf(LogERROR, "tun_configure: ioctl(SIOCSIFMTU): %s\n",
diff --git a/usr.sbin/ppp/ppp/vjcomp.c b/usr.sbin/ppp/ppp/vjcomp.c
index 7c8b176d6b4..6c8027b7249 100644
--- a/usr.sbin/ppp/ppp/vjcomp.c
+++ b/usr.sbin/ppp/ppp/vjcomp.c
@@ -25,7 +25,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $OpenBSD: vjcomp.c,v 1.16 2002/05/16 01:13:39 brian Exp $
+ * $OpenBSD: vjcomp.c,v 1.17 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/param.h>
@@ -193,7 +193,7 @@ vj2asc(u_int32_t val)
snprintf(asc, sizeof asc, "%d VJ slots with%s slot compression",
(int)((val>>8)&15)+1, val & 1 ? "" : "out");
else
- strcpy(asc, "VJ disabled");
+ strlcpy(asc, "VJ disabled", sizeof asc);
return asc;
}
diff --git a/usr.sbin/ppp/pppctl/pppctl.c b/usr.sbin/ppp/pppctl/pppctl.c
index e0ce4fc0282..2a6e2282ad0 100644
--- a/usr.sbin/ppp/pppctl/pppctl.c
+++ b/usr.sbin/ppp/pppctl/pppctl.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pppctl.c,v 1.9 2002/07/02 16:09:05 brian Exp $
+ * $Id: pppctl.c,v 1.10 2003/04/04 20:25:06 deraadt Exp $
*/
#include <sys/types.h>
@@ -124,7 +124,7 @@ Receive(int fd, int display)
/* password time */
if (!passwd)
passwd = getpass("Password: ");
- sprintf(Buffer, "passwd %s\n", passwd);
+ snprintf(Buffer, sizeof Buffer, "passwd %s\n", passwd);
memset(passwd, '\0', strlen(passwd));
if (display & REC_VERBOSE)
write(1, Buffer, strlen(Buffer));
@@ -145,7 +145,7 @@ Receive(int fd, int display)
else
flush = last - Buffer + 1;
write(1, Buffer, flush);
- strcpy(Buffer, Buffer + flush);
+ strlcpy(Buffer, Buffer + flush, sizeof Buffer);
len -= flush;
}
}
@@ -286,7 +286,7 @@ main(int argc, char **argv)
return 1;
}
ifsun.sun_family = AF_LOCAL;
- strcpy(ifsun.sun_path, argv[arg]);
+ strlcpy(ifsun.sun_path, argv[arg], sizeof ifsun.sun_path);
if (fd = socket(AF_LOCAL, SOCK_STREAM, 0), fd < 0) {
warnx("cannot create local domain socket");
@@ -379,8 +379,10 @@ main(int argc, char **argv)
len = 0;
Command[sizeof(Command)-1] = '\0';
for (arg++; arg < argc; arg++) {
- if (len && len < sizeof(Command)-1)
- strcpy(Command+len++, " ");
+ if (len && len < sizeof(Command)-1) {
+ strcpy(Command+len, " ");
+ len++;
+ }
strncpy(Command+len, argv[arg], sizeof(Command)-len-1);
len += strlen(Command+len);
}
@@ -448,7 +450,7 @@ main(int argc, char **argv)
start++;
if (next)
*next = '\0';
- strcpy(Buffer, start);
+ strlcpy(Buffer, start, sizeof Buffer);
Buffer[sizeof(Buffer)-2] = '\0';
strcat(Buffer, "\n");
if (verbose)
diff --git a/usr.sbin/pppd/auth.c b/usr.sbin/pppd/auth.c
index c77564659ac..99b0a8c3ac3 100644
--- a/usr.sbin/pppd/auth.c
+++ b/usr.sbin/pppd/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.26 2003/02/18 13:14:43 jmc Exp $ */
+/* $OpenBSD: auth.c,v 1.27 2003/04/04 20:25:07 deraadt Exp $ */
/*
* auth.c - PPP authentication and phase control.
@@ -77,7 +77,7 @@
#if 0
static char rcsid[] = "Id: auth.c,v 1.37 1998/03/26 04:46:03 paulus Exp $";
#else
-static char rcsid[] = "$OpenBSD: auth.c,v 1.26 2003/02/18 13:14:43 jmc Exp $";
+static char rcsid[] = "$OpenBSD: auth.c,v 1.27 2003/04/04 20:25:07 deraadt Exp $";
#endif
#endif
@@ -560,9 +560,9 @@ auth_check_options()
/* Default our_name to hostname, and user to our_name */
if (our_name[0] == 0 || usehostname)
- strcpy(our_name, hostname);
+ strlcpy(our_name, hostname, MAXHOSTNAMELEN);
if (user[0] == 0)
- strcpy(user, our_name);
+ strlcpy(user, our_name, MAXNAMELEN);
/* If authentication is required, ask peer for CHAP or PAP. */
if (auth_required && !wo->neg_chap && !wo->neg_upap) {
@@ -1424,7 +1424,7 @@ scan_authfile(f, client, server, ipaddr, secret, addrs, filename)
* Special syntax: @filename means read secret from file.
*/
if (word[0] == '@') {
- strcpy(atfile, word+1);
+ strlcpy(atfile, word+1, sizeof atfile);
if ((sf = fopen(atfile, "r")) == NULL) {
syslog(LOG_WARNING, "can't open indirect secret file %s",
atfile);
@@ -1440,7 +1440,7 @@ scan_authfile(f, client, server, ipaddr, secret, addrs, filename)
fclose(sf);
}
if (secret != NULL)
- strcpy(lsecret, word);
+ strlcpy(lsecret, word, sizeof lsecret);
/*
* Now read address authorization info and make a wordlist.
@@ -1478,7 +1478,7 @@ scan_authfile(f, client, server, ipaddr, secret, addrs, filename)
free_wordlist(addr_list);
addr_list = alist;
if (secret != NULL)
- strcpy(secret, lsecret);
+ strlcpy(secret, lsecret, MAXWORDLEN);
if (!newline)
break;
@@ -1525,10 +1525,10 @@ auth_script(script)
if ((pw = getpwuid(getuid())) != NULL && pw->pw_name != NULL)
user_name = pw->pw_name;
else {
- sprintf(struid, "%u", getuid());
+ snprintf(struid, sizeof struid, "%u", getuid());
user_name = struid;
}
- sprintf(strspeed, "%d", baud_rate);
+ snprintf(strspeed, sizeof strspeed, "%d", baud_rate);
argv[0] = script;
argv[1] = ifname;
diff --git a/usr.sbin/pppd/ccp.c b/usr.sbin/pppd/ccp.c
index 4dbf91a8603..05526283776 100644
--- a/usr.sbin/pppd/ccp.c
+++ b/usr.sbin/pppd/ccp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ccp.c,v 1.11 2002/09/13 00:12:10 deraadt Exp $ */
+/* $OpenBSD: ccp.c,v 1.12 2003/04/04 20:25:07 deraadt Exp $ */
/*
* ccp.c - PPP Compression Control Protocol.
@@ -39,7 +39,7 @@
#if 0
static char rcsid[] = "Id: ccp.c,v 1.22 1998/03/25 01:25:02 paulus Exp $";
#else
-static char rcsid[] = "$OpenBSD: ccp.c,v 1.11 2002/09/13 00:12:10 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: ccp.c,v 1.12 2003/04/04 20:25:07 deraadt Exp $";
#endif
#endif
@@ -885,27 +885,28 @@ method_name(opt, opt2)
case CI_DEFLATE:
case CI_DEFLATE_DRAFT:
if (opt2 != NULL && opt2->deflate_size != opt->deflate_size)
- sprintf(result, "Deflate%s (%d/%d)",
+ snprintf(result, sizeof result, "Deflate%s (%d/%d)",
(opt->method == CI_DEFLATE_DRAFT? "(old#)": ""),
opt->deflate_size, opt2->deflate_size);
else
- sprintf(result, "Deflate%s (%d)",
+ snprintf(result, sizeof result, "Deflate%s (%d)",
(opt->method == CI_DEFLATE_DRAFT? "(old#)": ""),
opt->deflate_size);
break;
case CI_BSD_COMPRESS:
if (opt2 != NULL && opt2->bsd_bits != opt->bsd_bits)
- sprintf(result, "BSD-Compress (%d/%d)", opt->bsd_bits,
+ snprintf(result, sizeof result,
+ "BSD-Compress (%d/%d)", opt->bsd_bits,
opt2->bsd_bits);
else
- sprintf(result, "BSD-Compress (%d)", opt->bsd_bits);
+ snprintf(result, sizeof result, "BSD-Compress (%d)", opt->bsd_bits);
break;
case CI_PREDICTOR_1:
return "Predictor 1";
case CI_PREDICTOR_2:
return "Predictor 2";
default:
- sprintf(result, "Method %d", opt->method);
+ snprintf(result, sizeof result, "Method %d", opt->method);
}
return result;
}
@@ -928,7 +929,7 @@ ccp_up(f)
syslog(LOG_NOTICE, "%s compression enabled",
method_name(go, ho));
} else {
- strcpy(method1, method_name(go, NULL));
+ strncpy(method1, method_name(go, NULL), sizeof method1);
syslog(LOG_NOTICE, "%s / %s compression enabled",
method1, method_name(ho, NULL));
}
diff --git a/usr.sbin/pppd/chap.c b/usr.sbin/pppd/chap.c
index 43e91198b6b..2eddac898bd 100644
--- a/usr.sbin/pppd/chap.c
+++ b/usr.sbin/pppd/chap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: chap.c,v 1.11 2002/09/13 00:12:10 deraadt Exp $ */
+/* $OpenBSD: chap.c,v 1.12 2003/04/04 20:25:07 deraadt Exp $ */
/*
* chap.c - Challenge Handshake Authentication Protocol.
@@ -55,7 +55,7 @@
#if 0
static char rcsid[] = "Id: chap.c,v 1.15 1997/11/27 06:07:48 paulus Exp $";
#else
-static char rcsid[] = "$OpenBSD: chap.c,v 1.11 2002/09/13 00:12:10 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: chap.c,v 1.12 2003/04/04 20:25:07 deraadt Exp $";
#endif
#endif
@@ -738,9 +738,9 @@ ChapSendStatus(cstate, code)
char msg[256];
if (code == CHAP_SUCCESS)
- sprintf(msg, "Welcome to %s.", hostname);
+ snprintf(msg, sizeof msg, "Welcome to %s.", hostname);
else
- sprintf(msg, "I don't like you. Go 'way.");
+ snprintf(msg, sizeof msg, "I don't like you. Go 'way.");
msglen = strlen(msg);
outlen = CHAP_HEADERLEN + msglen;
diff --git a/usr.sbin/pppd/ipcp.c b/usr.sbin/pppd/ipcp.c
index 93282afddfc..578cb771827 100644
--- a/usr.sbin/pppd/ipcp.c
+++ b/usr.sbin/pppd/ipcp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipcp.c,v 1.9 2002/07/01 19:31:37 deraadt Exp $ */
+/* $OpenBSD: ipcp.c,v 1.10 2003/04/04 20:25:07 deraadt Exp $ */
/*
* ipcp.c - PPP IP Control Protocol.
@@ -46,7 +46,7 @@
#if 0
static char rcsid[] = "Id: ipcp.c,v 1.34 1998/04/28 23:38:09 paulus Exp $";
#else
-static char rcsid[] = "$OpenBSD: ipcp.c,v 1.9 2002/07/01 19:31:37 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: ipcp.c,v 1.10 2003/04/04 20:25:07 deraadt Exp $";
#endif
#endif
@@ -174,7 +174,7 @@ u_int32_t ipaddr;
ipaddr = ntohl(ipaddr);
- sprintf(b, "%d.%d.%d.%d",
+ snprintf(b, sizeof b, "%d.%d.%d.%d",
(u_char)(ipaddr >> 24),
(u_char)(ipaddr >> 16),
(u_char)(ipaddr >> 8),
@@ -1368,9 +1368,11 @@ ipcp_script(f, script)
char strspeed[32], strlocal[32], strremote[32];
char *argv[8];
- sprintf(strspeed, "%d", baud_rate);
- strcpy(strlocal, ip_ntoa(ipcp_gotoptions[f->unit].ouraddr));
- strcpy(strremote, ip_ntoa(ipcp_hisoptions[f->unit].hisaddr));
+ snprintf(strspeed, sizeof strspeed, "%d", baud_rate);
+ strlcpy(strlocal, ip_ntoa(ipcp_gotoptions[f->unit].ouraddr),
+ sizeof strlocal);
+ strlcpy(strremote, ip_ntoa(ipcp_hisoptions[f->unit].hisaddr),
+ sizeof strremote);
argv[0] = script;
argv[1] = ifname;
diff --git a/usr.sbin/pppd/ipxcp.c b/usr.sbin/pppd/ipxcp.c
index aa057618dfd..dad33181be8 100644
--- a/usr.sbin/pppd/ipxcp.c
+++ b/usr.sbin/pppd/ipxcp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipxcp.c,v 1.10 2002/07/01 19:31:37 deraadt Exp $ */
+/* $OpenBSD: ipxcp.c,v 1.11 2003/04/04 20:25:07 deraadt Exp $ */
/*
* ipxcp.c - PPP IPX Control Protocol.
@@ -47,7 +47,7 @@
#if 0
static char rcsid[] = "Id: ipxcp.c,v 1.6 1998/03/25 03:08:16 paulus Exp $";
#else
-static char rcsid[] = "$OpenBSD: ipxcp.c,v 1.10 2002/07/01 19:31:37 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: ipxcp.c,v 1.11 2003/04/04 20:25:07 deraadt Exp $";
#endif
#endif
@@ -194,7 +194,8 @@ ipx_ntoa(ipxaddr)
u_int32_t ipxaddr;
{
static char b[64];
- sprintf(b, "%x", ipxaddr);
+
+ snprintf(b, sizeof b, "%x", ipxaddr);
return b;
}
@@ -1239,42 +1240,38 @@ ipxcp_script(f, script)
char strnetwork[32], strpid[32];
char *argv[14], strproto_lcl[32], strproto_rmt[32];
- sprintf (strpid, "%ld", (long)getpid());
- sprintf (strspeed, "%d", baud_rate);
+ snprintf(strpid, sizeof strpid, "%ld", (long)getpid());
+ snprintf(strspeed, sizeof strspeed, "%d", baud_rate);
strproto_lcl[0] = '\0';
if (go->neg_router && ((go->router & BIT(IPX_NONE)) == 0)) {
if (go->router & BIT(RIP_SAP))
- strcpy (strproto_lcl, "RIP ");
+ strlcpy (strproto_lcl, "RIP ", sizeof strproto_lcl);
if (go->router & BIT(NLSP))
- strcat (strproto_lcl, "NLSP ");
+ strlcat (strproto_lcl, "NLSP ", sizeof strproto_lcl);
}
if (strproto_lcl[0] == '\0')
- strcpy (strproto_lcl, "NONE ");
-
- strproto_lcl[strlen (strproto_lcl)-1] = '\0';
+ strlcpy (strproto_lcl, "NONE ", sizeof strproto_lcl);
strproto_rmt[0] = '\0';
if (ho->neg_router && ((ho->router & BIT(IPX_NONE)) == 0)) {
if (ho->router & BIT(RIP_SAP))
- strcpy (strproto_rmt, "RIP ");
+ strlcpy (strproto_rmt, "RIP ", sizeof strproto_rmt);
if (ho->router & BIT(NLSP))
- strcat (strproto_rmt, "NLSP ");
+ strlcat (strproto_rmt, "NLSP ", sizeof strproto_rmt);
}
if (strproto_rmt[0] == '\0')
- strcpy (strproto_rmt, "NONE ");
-
- strproto_rmt[strlen (strproto_rmt)-1] = '\0';
+ strlcpy (strproto_rmt, "NONE ", sizeof strproto_rmt);
- strcpy (strnetwork, ipx_ntoa (go->network));
+ strlcpy (strnetwork, ipx_ntoa (go->network), sizeof strnetwork);
- sprintf (strlocal,
+ snprintf (strlocal, sizeof strlocal,
"%02X%02X%02X%02X%02X%02X",
NODE(go->our_node));
- sprintf (strremote,
+ snprintf (strremote, sizeof strremote,
"%02X%02X%02X%02X%02X%02X",
NODE(ho->his_node));
diff --git a/usr.sbin/pppd/main.c b/usr.sbin/pppd/main.c
index 22ce837206d..4c65b55580e 100644
--- a/usr.sbin/pppd/main.c
+++ b/usr.sbin/pppd/main.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: main.c,v 1.39 2002/07/29 22:02:38 millert Exp $ */
+/* $OpenBSD: main.c,v 1.40 2003/04/04 20:25:07 deraadt Exp $ */
/*
* main.c - Point-to-Point Protocol main module
@@ -46,7 +46,7 @@
#if 0
static char rcsid[] = "Id: main.c,v 1.49 1998/05/05 05:24:17 paulus Exp $";
#else
-static char rcsid[] = "$OpenBSD: main.c,v 1.39 2002/07/29 22:02:38 millert Exp $";
+static char rcsid[] = "$OpenBSD: main.c,v 1.40 2003/04/04 20:25:07 deraadt Exp $";
#endif
#endif
@@ -208,8 +208,8 @@ main(argc, argv)
phase = PHASE_INITIALIZE;
p = ttyname(0);
if (p)
- strcpy(devnam, p);
- strcpy(default_devnam, devnam);
+ strlcpy(devnam, p, MAXPATHLEN);
+ strlcpy(default_devnam, devnam, sizeof default_devnam);
script_env = NULL;
@@ -228,7 +228,7 @@ main(argc, argv)
uid = getuid();
privileged = uid == 0;
- sprintf(numbuf, "%u", uid);
+ snprintf(numbuf, sizeof numbuf, "%u", uid);
script_setenv("UID", numbuf);
/*
@@ -277,7 +277,7 @@ main(argc, argv)
}
script_setenv("DEVICE", devnam);
- sprintf(numbuf, "%d", baud_rate);
+ snprintf(numbuf, sizeof numbuf, "%d", baud_rate);
script_setenv("SPEED", numbuf);
/*
@@ -402,7 +402,7 @@ main(argc, argv)
open_ppp_loopback();
syslog(LOG_INFO, "Using interface ppp%d", ifunit);
- (void) sprintf(ifname, "ppp%d", ifunit);
+ (void) snprintf(ifname, sizeof ifname, "ppp%d", ifunit);
script_setenv("IFNAME", ifname);
create_pidfile(); /* write pid to file */
@@ -541,7 +541,7 @@ main(argc, argv)
if (!demand) {
syslog(LOG_INFO, "Using interface ppp%d", ifunit);
- (void) sprintf(ifname, "ppp%d", ifunit);
+ (void) snprintf(ifname, sizeof ifname, "ppp%d", ifunit);
script_setenv("IFNAME", ifname);
create_pidfile(); /* write pid to file */
@@ -661,7 +661,8 @@ create_pidfile()
{
FILE *pidfile;
- (void) sprintf(pidfilename, "%s%s.pid", _PATH_VARRUN, ifname);
+ (void) snprintf(pidfilename, sizeof pidfilename,
+ "%s%s.pid", _PATH_VARRUN, ifname);
if ((pidfile = fopen(pidfilename, "w")) != NULL) {
fprintf(pidfile, "%ld\n", (long)pid);
(void) fclose(pidfile);
@@ -1277,7 +1278,7 @@ log_packet(p, len, prefix, level)
char *prefix;
int level;
{
- strcpy(line, prefix);
+ strlcpy(line, prefix, sizeof line);
linep = line + strlen(line);
format_packet(p, len, pr_log, NULL);
if (linep != line)
@@ -1645,12 +1646,8 @@ script_setenv(var, value)
int i;
char *p, *newstring;
- newstring = (char *) malloc(vl + strlen(value) + 2);
- if (newstring == 0)
+ if (asprintf(&newstring, "%s=%s", var, value) == -1)
novm("script_setenv");
- strcpy(newstring, var);
- newstring[vl] = '=';
- strcpy(newstring+vl+1, value);
/* check if this variable is already set */
if (script_env != 0) {
diff --git a/usr.sbin/pppd/options.c b/usr.sbin/pppd/options.c
index 7928f388b37..6a110ad958e 100644
--- a/usr.sbin/pppd/options.c
+++ b/usr.sbin/pppd/options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: options.c,v 1.18 2002/12/23 21:07:43 mickey Exp $ */
+/* $OpenBSD: options.c,v 1.19 2003/04/04 20:25:07 deraadt Exp $ */
/*
* options.c - handles option processing for PPP.
@@ -46,7 +46,7 @@
#if 0
static char rcsid[] = "Id: options.c,v 1.42 1998/03/26 04:46:06 paulus Exp $";
#else
-static char rcsid[] = "$OpenBSD: options.c,v 1.18 2002/12/23 21:07:43 mickey Exp $";
+static char rcsid[] = "$OpenBSD: options.c,v 1.19 2003/04/04 20:25:07 deraadt Exp $";
#endif
#endif
@@ -700,12 +700,8 @@ options_from_user()
if (pw == NULL || (user = pw->pw_dir) == NULL || user[0] == 0)
return 1;
file = _PATH_USEROPT;
- path = malloc(strlen(user) + strlen(file) + 2);
- if (path == NULL)
+ if (asprintf(&path, "%s/%s", user, file) == -1)
novm("init file name");
- strcpy(path, user);
- strcat(path, "/");
- strcat(path, file);
ret = options_from_file(path, 0, 1, privileged);
free(path);
return ret;
@@ -726,14 +722,8 @@ options_for_tty()
dev += 5;
if (strcmp(dev, "tty") == 0)
return 1; /* don't look for /etc/ppp/options.tty */
- path = malloc(strlen(_PATH_TTYOPT) + strlen(dev) + 1);
- if (path == NULL)
+ if (asprintf(&path, "%s%s", _PATH_TTYOPT, dev) == -1)
novm("tty init file name");
- strcpy(path, _PATH_TTYOPT);
- /* Turn slashes into dots, for Solaris case (e.g. /dev/term/a) */
- for (p = path + strlen(path); *dev != 0; ++dev)
- *p++ = (*dev == '/'? '.': *dev);
- *p = 0;
ret = options_from_file(path, 0, 0, 1);
free(path);
return ret;
@@ -1121,8 +1111,8 @@ callfile(argv)
l = strlen(arg) + strlen(_PATH_PEERFILES) + 1;
if ((fname = (char *) malloc(l)) == NULL)
novm("call file name");
- strcpy(fname, _PATH_PEERFILES);
- strcat(fname, arg);
+ strlcpy(fname, _PATH_PEERFILES, l);
+ strlcat(fname, arg, l);
ok = options_from_file(fname, 1, 1, 1);
@@ -1687,9 +1677,8 @@ setdevname(cp, quiet)
return 0;
if (strncmp("/dev/", cp, 5) != 0) {
- strcpy(dev, "/dev/");
- strncat(dev, cp, MAXPATHLEN - 5);
- dev[MAXPATHLEN-1] = 0;
+ strlcpy(dev, "/dev/", sizeof dev);
+ strlcat(dev, cp, sizeof dev);
cp = dev;
}
diff --git a/usr.sbin/pppd/sys-bsd.c b/usr.sbin/pppd/sys-bsd.c
index bbed485884d..b527d115b2e 100644
--- a/usr.sbin/pppd/sys-bsd.c
+++ b/usr.sbin/pppd/sys-bsd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sys-bsd.c,v 1.19 2002/09/13 00:12:10 deraadt Exp $ */
+/* $OpenBSD: sys-bsd.c,v 1.20 2003/04/04 20:25:07 deraadt Exp $ */
/*
* sys-bsd.c - System-dependent procedures for setting up
@@ -78,7 +78,7 @@
#if 0
static char rcsid[] = "Id: sys-bsd.c,v 1.31 1998/04/02 12:04:19 paulus Exp $";
#else
-static char rcsid[] = "$OpenBSD: sys-bsd.c,v 1.19 2002/09/13 00:12:10 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: sys-bsd.c,v 1.20 2003/04/04 20:25:07 deraadt Exp $";
#endif
#endif
@@ -1593,10 +1593,8 @@ lock(dev)
if ((p = strrchr(dev, '/')) != NULL)
dev = p + 1;
- lock_file = malloc(strlen(LOCK_PREFIX) + strlen(dev) + 1);
- if (lock_file == NULL)
+ if (asprintf(&lock_file, "%s%s", LOCK_PREFIX, dev) == -1)
novm("lock file name");
- strcat(strcpy(lock_file, LOCK_PREFIX), dev);
while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) {
if (errno == EEXIST
@@ -1631,7 +1629,7 @@ lock(dev)
return -1;
}
- sprintf(hdb_lock_buffer, "%10ld\n", (long)getpid());
+ snprintf(hdb_lock_buffer, sizeof hdb_lock_buffer, "%10ld\n", (long)getpid());
write(fd, hdb_lock_buffer, 11);
close(fd);