diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2003-04-04 20:25:08 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2003-04-04 20:25:08 +0000 |
commit | 96eef4873443f17a48dc476e38e0ce7c3dfb7af1 (patch) | |
tree | a0074d08345d60f73dbe2cb4389526f43ddf57ee | |
parent | 87bb416d9162030904882f8dc0b054ecc84f194c (diff) |
strlcpy and snprintf; various people ok
-rw-r--r-- | usr.sbin/ppp/ppp/alias_ftp.c | 11 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/alias_proxy.c | 6 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/alias_smedia.c | 6 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/bundle.c | 4 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/chap.c | 13 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/ether.c | 4 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/mp.c | 12 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/prompt.c | 6 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/radlib.c | 4 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/route.c | 12 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/server.c | 6 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/tty.c | 8 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/tun.c | 4 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp/vjcomp.c | 4 | ||||
-rw-r--r-- | usr.sbin/ppp/pppctl/pppctl.c | 16 | ||||
-rw-r--r-- | usr.sbin/pppd/auth.c | 18 | ||||
-rw-r--r-- | usr.sbin/pppd/ccp.c | 17 | ||||
-rw-r--r-- | usr.sbin/pppd/chap.c | 8 | ||||
-rw-r--r-- | usr.sbin/pppd/ipcp.c | 14 | ||||
-rw-r--r-- | usr.sbin/pppd/ipxcp.c | 33 | ||||
-rw-r--r-- | usr.sbin/pppd/main.c | 27 | ||||
-rw-r--r-- | usr.sbin/pppd/options.c | 27 | ||||
-rw-r--r-- | usr.sbin/pppd/sys-bsd.c | 10 |
23 files changed, 130 insertions, 140 deletions
diff --git a/usr.sbin/ppp/ppp/alias_ftp.c b/usr.sbin/ppp/ppp/alias_ftp.c index 29fcf017ac0..8b84aa6f8ae 100644 --- a/usr.sbin/ppp/ppp/alias_ftp.c +++ b/usr.sbin/ppp/ppp/alias_ftp.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: alias_ftp.c,v 1.14 2002/03/31 02:38:49 brian Exp $ + * $OpenBSD: alias_ftp.c,v 1.15 2003/04/04 20:25:06 deraadt Exp $ */ /* @@ -518,23 +518,24 @@ NewFtpMessage(struct ip *pip, if (ftp_message_type == FTP_PORT_COMMAND) { /* Generate PORT command string. */ - sprintf(stemp, "PORT %d,%d,%d,%d,%d,%d\r\n", + snprintf(stemp, sizeof stemp, "PORT %d,%d,%d,%d,%d,%d\r\n", a1,a2,a3,a4,p1,p2); } else { /* Generate 227 reply string. */ - sprintf(stemp, + snprintf(stemp, sizeof stemp, "227 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n", a1,a2,a3,a4,p1,p2); } break; case FTP_EPRT_COMMAND: /* Generate EPRT command string. */ - sprintf(stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n", + snprintf(stemp, sizeof stemp, "EPRT |1|%d.%d.%d.%d|%d|\r\n", a1,a2,a3,a4,ntohs(alias_port)); break; case FTP_229_REPLY: /* Generate 229 reply string. */ - sprintf(stemp, "229 Entering Extended Passive Mode (|||%d|)\r\n", + snprintf(stemp, sizeof stemp, + "229 Entering Extended Passive Mode (|||%d|)\r\n", ntohs(alias_port)); break; } diff --git a/usr.sbin/ppp/ppp/alias_proxy.c b/usr.sbin/ppp/ppp/alias_proxy.c index 0825bf01342..42a0faae310 100644 --- a/usr.sbin/ppp/ppp/alias_proxy.c +++ b/usr.sbin/ppp/ppp/alias_proxy.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: alias_proxy.c,v 1.11 2002/06/15 08:01:59 brian Exp $ + * $OpenBSD: alias_proxy.c,v 1.12 2003/04/04 20:25:06 deraadt Exp $ */ /* file: alias_proxy.c @@ -563,7 +563,7 @@ PacketAliasProxyRule(const char *cmd) cmd_len = strlen(cmd); if (cmd_len > (sizeof(buffer) - 1)) return -1; - strcpy(buffer, cmd); + strlcpy(buffer, cmd, sizeof buffer); /* Convert to lower case */ len = strlen(buffer); @@ -639,7 +639,7 @@ PacketAliasProxyRule(const char *cmd) break; case STATE_READ_PORT: - strcpy(str_port, token); + strlcpy(str_port, token, sizeof str_port); state = STATE_READ_KEYWORD; break; diff --git a/usr.sbin/ppp/ppp/alias_smedia.c b/usr.sbin/ppp/ppp/alias_smedia.c index 0004ced4331..5cbfb083194 100644 --- a/usr.sbin/ppp/ppp/alias_smedia.c +++ b/usr.sbin/ppp/ppp/alias_smedia.c @@ -62,7 +62,7 @@ * Junichi SATOH <junichi@astec.co.jp> * <junichi@junichi.org> * - * $OpenBSD: alias_smedia.c,v 1.6 2002/06/15 08:02:00 brian Exp $ + * $OpenBSD: alias_smedia.c,v 1.7 2003/04/04 20:25:06 deraadt Exp $ */ /* @@ -259,7 +259,7 @@ alias_rtsp_out(struct ip *pip, pkt_updated = 1; /* Copy into IP packet */ - sprintf(stemp, "%d", ntohs(salias)); + snprintf(stemp, sizeof stemp, "%d", ntohs(salias)); memcpy(port_newdata, stemp, strlen(stemp)); port_newdata += strlen(stemp); @@ -268,7 +268,7 @@ alias_rtsp_out(struct ip *pip, port_newdata++; /* Copy into IP packet */ - sprintf(stemp, "%d", ntohs(ealias)); + snprintf(stemp, sizeof stemp, "%d", ntohs(ealias)); memcpy(port_newdata, stemp, strlen(stemp)); port_newdata += strlen(stemp); } diff --git a/usr.sbin/ppp/ppp/bundle.c b/usr.sbin/ppp/ppp/bundle.c index 049b547fced..0d3d8307fc8 100644 --- a/usr.sbin/ppp/ppp/bundle.c +++ b/usr.sbin/ppp/ppp/bundle.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: bundle.c,v 1.66 2002/06/15 08:02:00 brian Exp $ + * $OpenBSD: bundle.c,v 1.67 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -1544,7 +1544,7 @@ bundle_SendDatalink(struct datalink *dl, int s, struct sockaddr_un *sun) constlock = physical_LockedDevice(dl->physical); if (constlock) { lock = alloca(strlen(constlock) + 1); - strcpy(lock, constlock); + strlcpy(lock, constlock, strlen(constlock) + 1); } else lock = NULL; diff --git a/usr.sbin/ppp/ppp/chap.c b/usr.sbin/ppp/ppp/chap.c index 7558cdf2440..7d506f3d629 100644 --- a/usr.sbin/ppp/ppp/chap.c +++ b/usr.sbin/ppp/ppp/chap.c @@ -25,7 +25,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: chap.c,v 1.36 2002/06/17 01:14:08 brian Exp $ + * $OpenBSD: chap.c,v 1.37 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -596,15 +596,18 @@ chap_Failure(struct authinfo *authp) #endif #ifndef NODES if (authp->physical->link.lcp.want_authtype == 0x80) { - sprintf(buf, "E=691 R=1 M=Invalid!"); + snprintf(buf, sizeof buf, "E=691 R=1 M=Invalid!"); msg = buf; } else if (authp->physical->link.lcp.want_authtype == 0x81) { int i; ptr = buf; - ptr += sprintf(buf, "E=691 R=0 C="); - for (i=0; i<16; i++) - ptr += sprintf(ptr, "%02X", *(auth2chap(authp)->challenge.local+1+i)); + snprintf(buf, sizeof(buf), "E=691 R=0 C="); + ptr += strlen(ptr); + for (i=0; i<16; i++) { + snprintf(ptr, 3, "%02X", *(auth2chap(authp)->challenge.local+1+i)); + ptr += strlen(ptr); + } sprintf(ptr, " V=3 M=Invalid!"); msg = buf; diff --git a/usr.sbin/ppp/ppp/ether.c b/usr.sbin/ppp/ppp/ether.c index bf1d9702106..4666168998e 100644 --- a/usr.sbin/ppp/ppp/ether.c +++ b/usr.sbin/ppp/ppp/ether.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: ether.c,v 1.17 2002/07/01 11:14:38 brian Exp $ + * $OpenBSD: ether.c,v 1.18 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -517,7 +517,7 @@ ether_Create(struct physical *p) * magically exist as a way of hooking stuff onto an ethernet device */ path = (char *)alloca(ifacelen + 2); - sprintf(path, "%.*s:", ifacelen, iface); + snprintf(path, ifacelen + 2, "%.*s:", ifacelen, iface); if (NgSendMsg(dev->cs, path, NGM_GENERIC_COOKIE, NGM_LISTHOOKS, NULL, 0) < 0) { log_Printf(LogWARN, "%s Cannot send a netgraph message: %s\n", diff --git a/usr.sbin/ppp/ppp/mp.c b/usr.sbin/ppp/ppp/mp.c index 4b61ab6f70d..df7c0605e6e 100644 --- a/usr.sbin/ppp/ppp/mp.c +++ b/usr.sbin/ppp/ppp/mp.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: mp.c,v 1.30 2002/05/16 01:13:39 brian Exp $ + * $OpenBSD: mp.c,v 1.31 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -902,7 +902,7 @@ mp_Enddisc(u_char c, const char *address, int len) switch (c) { case ENDDISC_NULL: - sprintf(result, "Null Class"); + snprintf(result, sizeof result, "Null Class"); break; case ENDDISC_LOCAL: @@ -914,7 +914,7 @@ mp_Enddisc(u_char c, const char *address, int len) snprintf(result, sizeof result, "IP %s", inet_ntoa(*(const struct in_addr *)address)); else - sprintf(result, "IP[%d] ???", len); + snprintf(result, sizeof result, "IP[%d] ???", len); break; case ENDDISC_MAC: @@ -923,11 +923,11 @@ mp_Enddisc(u_char c, const char *address, int len) snprintf(result, sizeof result, "MAC %02x:%02x:%02x:%02x:%02x:%02x", m[0], m[1], m[2], m[3], m[4], m[5]); } else - sprintf(result, "MAC[%d] ???", len); + snprintf(result, sizeof result, "MAC[%d] ???", len); break; case ENDDISC_MAGIC: - sprintf(result, "Magic: 0x"); + snprintf(result, sizeof result, "Magic: 0x"); header = strlen(result); if (len > sizeof result - header - 1) len = sizeof result - header - 1; @@ -940,7 +940,7 @@ mp_Enddisc(u_char c, const char *address, int len) break; default: - sprintf(result, "%d: ", (int)c); + snprintf(result, sizeof result, "%d: ", (int)c); header = strlen(result); if (len > sizeof result - header - 1) len = sizeof result - header - 1; diff --git a/usr.sbin/ppp/ppp/prompt.c b/usr.sbin/ppp/ppp/prompt.c index e10a9e32e66..c98514c3a3a 100644 --- a/usr.sbin/ppp/ppp/prompt.c +++ b/usr.sbin/ppp/ppp/prompt.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: prompt.c,v 1.13 2002/06/15 08:02:01 brian Exp $ + * $OpenBSD: prompt.c,v 1.14 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -114,7 +114,7 @@ prompt_Display(struct prompt *p) char *dot; if (gethostname(shostname, sizeof shostname) || *shostname == '\0') - strcpy(shostname, "localhost"); + strlcpy(shostname, "localhost", sizeof shostname); else if ((dot = strchr(shostname, '.'))) *dot = '\0'; } @@ -393,7 +393,7 @@ prompt_vPrintf(struct prompt *p, const char *fmt, va_list ap) if (len && len < sizeof nfmt - 1 && fmt[len-1] == '\n' && (len == 1 || fmt[len-2] != '\r')) { - strcpy(nfmt, fmt); + strlcpy(nfmt, fmt, sizeof nfmt); strcpy(nfmt + len - 1, "\r\n"); pfmt = nfmt; } else diff --git a/usr.sbin/ppp/ppp/radlib.c b/usr.sbin/ppp/ppp/radlib.c index dea9e7adb40..681d3fcf5d4 100644 --- a/usr.sbin/ppp/ppp/radlib.c +++ b/usr.sbin/ppp/ppp/radlib.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: radlib.c,v 1.7 2002/06/15 01:33:23 brian Exp $ + * $OpenBSD: radlib.c,v 1.8 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/types.h> @@ -415,7 +415,7 @@ rad_config(struct rad_handle *h, const char *path) if (rad_add_server(h, host, port, secret, timeout, maxtries) == -1) { - strcpy(msg, h->errmsg); + strlcpy(msg, h->errmsg, sizeof msg); generr(h, "%s:%d: %s", path, linenum, msg); retval = -1; break; diff --git a/usr.sbin/ppp/ppp/route.c b/usr.sbin/ppp/ppp/route.c index 2a2a8bd951f..ac20c2027b8 100644 --- a/usr.sbin/ppp/ppp/route.c +++ b/usr.sbin/ppp/ppp/route.c @@ -25,7 +25,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: route.c,v 1.26 2002/05/16 01:13:39 brian Exp $ + * $OpenBSD: route.c,v 1.27 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -128,17 +128,17 @@ p_sockaddr(struct prompt *prompt, struct sockaddr *phost, sprintf(buf+f*3, "%02x:", MAC[f]); buf[f*3-1] = '\0'; } else - strcpy(buf, "??:??:??:??:??:??"); + strlcpy(buf, "??:??:??:??:??:??", sizeof buf); } else - sprintf(buf, "<IFT type %d>", dl->sdl_type); + snprintf(buf, sizeof buf, "<IFT type %d>", dl->sdl_type); } else if (dl->sdl_slen) - sprintf(buf, "<slen %d?>", dl->sdl_slen); + snprintf(buf, sizeof buf, "<slen %d?>", dl->sdl_slen); else - sprintf(buf, "link#%d", dl->sdl_index); + snprintf(buf, sizeof buf, "link#%d", dl->sdl_index); break; default: - sprintf(buf, "<AF type %d>", phost->sa_family); + snprintf(buf, sizeof buf, "<AF type %d>", phost->sa_family); break; } diff --git a/usr.sbin/ppp/ppp/server.c b/usr.sbin/ppp/ppp/server.c index 0b0199074bb..ef88d342c20 100644 --- a/usr.sbin/ppp/ppp/server.c +++ b/usr.sbin/ppp/ppp/server.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: server.c,v 1.15 2002/05/16 01:13:39 brian Exp $ + * $OpenBSD: server.c,v 1.16 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -219,7 +219,7 @@ server_Reopen(struct bundle *bundle) enum server_stat ret; if (server.cfg.sockname[0] != '\0') { - strcpy(name, server.cfg.sockname); + strlcpy(name, server.cfg.sockname, sizeof name); mask = server.cfg.mask; server_Close(bundle); if (server.cfg.sockname[0] != '\0' && stat(server.cfg.sockname, &st) == 0) @@ -255,7 +255,7 @@ server_LocalOpen(struct bundle *bundle, const char *name, mode_t mask) return SERVER_INVALID; } ifsun.sun_family = AF_LOCAL; - strcpy(ifsun.sun_path, name); + strlcpy(ifsun.sun_path, name, sizeof ifsun.sun_path); s = socket(PF_LOCAL, SOCK_STREAM, 0); if (s < 0) { diff --git a/usr.sbin/ppp/ppp/tty.c b/usr.sbin/ppp/ppp/tty.c index 31b044d179c..e0fa6b97d92 100644 --- a/usr.sbin/ppp/ppp/tty.c +++ b/usr.sbin/ppp/ppp/tty.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: tty.c,v 1.18 2002/05/16 01:13:39 brian Exp $ + * $OpenBSD: tty.c,v 1.19 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -546,10 +546,10 @@ tty_OpenInfo(struct physical *p) static char buf[13]; if (Online(dev)) - strcpy(buf, "with"); + strlcpy(buf, "with", sizeof buf); else - strcpy(buf, "no"); - strcat(buf, " carrier"); + strlcpy(buf, "no", sizeof buf); + strlcat(buf, " carrier", sizeof buf); return buf; } diff --git a/usr.sbin/ppp/ppp/tun.c b/usr.sbin/ppp/ppp/tun.c index e1c1f45a703..6af7a81ccc1 100644 --- a/usr.sbin/ppp/ppp/tun.c +++ b/usr.sbin/ppp/ppp/tun.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: tun.c,v 1.16 2002/06/15 08:02:01 brian Exp $ + * $OpenBSD: tun.c,v 1.17 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -94,7 +94,7 @@ tun_configure(struct bundle *bundle) return; } - sprintf(ifr.ifr_name, "tun%d", bundle->unit); + snprintf(ifr.ifr_name, sizeof ifr.ifr_name, "tun%d", bundle->unit); ifr.ifr_mtu = bundle->iface->mtu; if (ioctl(s, SIOCSIFMTU, &ifr) < 0) log_Printf(LogERROR, "tun_configure: ioctl(SIOCSIFMTU): %s\n", diff --git a/usr.sbin/ppp/ppp/vjcomp.c b/usr.sbin/ppp/ppp/vjcomp.c index 7c8b176d6b4..6c8027b7249 100644 --- a/usr.sbin/ppp/ppp/vjcomp.c +++ b/usr.sbin/ppp/ppp/vjcomp.c @@ -25,7 +25,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: vjcomp.c,v 1.16 2002/05/16 01:13:39 brian Exp $ + * $OpenBSD: vjcomp.c,v 1.17 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/param.h> @@ -193,7 +193,7 @@ vj2asc(u_int32_t val) snprintf(asc, sizeof asc, "%d VJ slots with%s slot compression", (int)((val>>8)&15)+1, val & 1 ? "" : "out"); else - strcpy(asc, "VJ disabled"); + strlcpy(asc, "VJ disabled", sizeof asc); return asc; } diff --git a/usr.sbin/ppp/pppctl/pppctl.c b/usr.sbin/ppp/pppctl/pppctl.c index e0ce4fc0282..2a6e2282ad0 100644 --- a/usr.sbin/ppp/pppctl/pppctl.c +++ b/usr.sbin/ppp/pppctl/pppctl.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pppctl.c,v 1.9 2002/07/02 16:09:05 brian Exp $ + * $Id: pppctl.c,v 1.10 2003/04/04 20:25:06 deraadt Exp $ */ #include <sys/types.h> @@ -124,7 +124,7 @@ Receive(int fd, int display) /* password time */ if (!passwd) passwd = getpass("Password: "); - sprintf(Buffer, "passwd %s\n", passwd); + snprintf(Buffer, sizeof Buffer, "passwd %s\n", passwd); memset(passwd, '\0', strlen(passwd)); if (display & REC_VERBOSE) write(1, Buffer, strlen(Buffer)); @@ -145,7 +145,7 @@ Receive(int fd, int display) else flush = last - Buffer + 1; write(1, Buffer, flush); - strcpy(Buffer, Buffer + flush); + strlcpy(Buffer, Buffer + flush, sizeof Buffer); len -= flush; } } @@ -286,7 +286,7 @@ main(int argc, char **argv) return 1; } ifsun.sun_family = AF_LOCAL; - strcpy(ifsun.sun_path, argv[arg]); + strlcpy(ifsun.sun_path, argv[arg], sizeof ifsun.sun_path); if (fd = socket(AF_LOCAL, SOCK_STREAM, 0), fd < 0) { warnx("cannot create local domain socket"); @@ -379,8 +379,10 @@ main(int argc, char **argv) len = 0; Command[sizeof(Command)-1] = '\0'; for (arg++; arg < argc; arg++) { - if (len && len < sizeof(Command)-1) - strcpy(Command+len++, " "); + if (len && len < sizeof(Command)-1) { + strcpy(Command+len, " "); + len++; + } strncpy(Command+len, argv[arg], sizeof(Command)-len-1); len += strlen(Command+len); } @@ -448,7 +450,7 @@ main(int argc, char **argv) start++; if (next) *next = '\0'; - strcpy(Buffer, start); + strlcpy(Buffer, start, sizeof Buffer); Buffer[sizeof(Buffer)-2] = '\0'; strcat(Buffer, "\n"); if (verbose) diff --git a/usr.sbin/pppd/auth.c b/usr.sbin/pppd/auth.c index c77564659ac..99b0a8c3ac3 100644 --- a/usr.sbin/pppd/auth.c +++ b/usr.sbin/pppd/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.26 2003/02/18 13:14:43 jmc Exp $ */ +/* $OpenBSD: auth.c,v 1.27 2003/04/04 20:25:07 deraadt Exp $ */ /* * auth.c - PPP authentication and phase control. @@ -77,7 +77,7 @@ #if 0 static char rcsid[] = "Id: auth.c,v 1.37 1998/03/26 04:46:03 paulus Exp $"; #else -static char rcsid[] = "$OpenBSD: auth.c,v 1.26 2003/02/18 13:14:43 jmc Exp $"; +static char rcsid[] = "$OpenBSD: auth.c,v 1.27 2003/04/04 20:25:07 deraadt Exp $"; #endif #endif @@ -560,9 +560,9 @@ auth_check_options() /* Default our_name to hostname, and user to our_name */ if (our_name[0] == 0 || usehostname) - strcpy(our_name, hostname); + strlcpy(our_name, hostname, MAXHOSTNAMELEN); if (user[0] == 0) - strcpy(user, our_name); + strlcpy(user, our_name, MAXNAMELEN); /* If authentication is required, ask peer for CHAP or PAP. */ if (auth_required && !wo->neg_chap && !wo->neg_upap) { @@ -1424,7 +1424,7 @@ scan_authfile(f, client, server, ipaddr, secret, addrs, filename) * Special syntax: @filename means read secret from file. */ if (word[0] == '@') { - strcpy(atfile, word+1); + strlcpy(atfile, word+1, sizeof atfile); if ((sf = fopen(atfile, "r")) == NULL) { syslog(LOG_WARNING, "can't open indirect secret file %s", atfile); @@ -1440,7 +1440,7 @@ scan_authfile(f, client, server, ipaddr, secret, addrs, filename) fclose(sf); } if (secret != NULL) - strcpy(lsecret, word); + strlcpy(lsecret, word, sizeof lsecret); /* * Now read address authorization info and make a wordlist. @@ -1478,7 +1478,7 @@ scan_authfile(f, client, server, ipaddr, secret, addrs, filename) free_wordlist(addr_list); addr_list = alist; if (secret != NULL) - strcpy(secret, lsecret); + strlcpy(secret, lsecret, MAXWORDLEN); if (!newline) break; @@ -1525,10 +1525,10 @@ auth_script(script) if ((pw = getpwuid(getuid())) != NULL && pw->pw_name != NULL) user_name = pw->pw_name; else { - sprintf(struid, "%u", getuid()); + snprintf(struid, sizeof struid, "%u", getuid()); user_name = struid; } - sprintf(strspeed, "%d", baud_rate); + snprintf(strspeed, sizeof strspeed, "%d", baud_rate); argv[0] = script; argv[1] = ifname; diff --git a/usr.sbin/pppd/ccp.c b/usr.sbin/pppd/ccp.c index 4dbf91a8603..05526283776 100644 --- a/usr.sbin/pppd/ccp.c +++ b/usr.sbin/pppd/ccp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ccp.c,v 1.11 2002/09/13 00:12:10 deraadt Exp $ */ +/* $OpenBSD: ccp.c,v 1.12 2003/04/04 20:25:07 deraadt Exp $ */ /* * ccp.c - PPP Compression Control Protocol. @@ -39,7 +39,7 @@ #if 0 static char rcsid[] = "Id: ccp.c,v 1.22 1998/03/25 01:25:02 paulus Exp $"; #else -static char rcsid[] = "$OpenBSD: ccp.c,v 1.11 2002/09/13 00:12:10 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: ccp.c,v 1.12 2003/04/04 20:25:07 deraadt Exp $"; #endif #endif @@ -885,27 +885,28 @@ method_name(opt, opt2) case CI_DEFLATE: case CI_DEFLATE_DRAFT: if (opt2 != NULL && opt2->deflate_size != opt->deflate_size) - sprintf(result, "Deflate%s (%d/%d)", + snprintf(result, sizeof result, "Deflate%s (%d/%d)", (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""), opt->deflate_size, opt2->deflate_size); else - sprintf(result, "Deflate%s (%d)", + snprintf(result, sizeof result, "Deflate%s (%d)", (opt->method == CI_DEFLATE_DRAFT? "(old#)": ""), opt->deflate_size); break; case CI_BSD_COMPRESS: if (opt2 != NULL && opt2->bsd_bits != opt->bsd_bits) - sprintf(result, "BSD-Compress (%d/%d)", opt->bsd_bits, + snprintf(result, sizeof result, + "BSD-Compress (%d/%d)", opt->bsd_bits, opt2->bsd_bits); else - sprintf(result, "BSD-Compress (%d)", opt->bsd_bits); + snprintf(result, sizeof result, "BSD-Compress (%d)", opt->bsd_bits); break; case CI_PREDICTOR_1: return "Predictor 1"; case CI_PREDICTOR_2: return "Predictor 2"; default: - sprintf(result, "Method %d", opt->method); + snprintf(result, sizeof result, "Method %d", opt->method); } return result; } @@ -928,7 +929,7 @@ ccp_up(f) syslog(LOG_NOTICE, "%s compression enabled", method_name(go, ho)); } else { - strcpy(method1, method_name(go, NULL)); + strncpy(method1, method_name(go, NULL), sizeof method1); syslog(LOG_NOTICE, "%s / %s compression enabled", method1, method_name(ho, NULL)); } diff --git a/usr.sbin/pppd/chap.c b/usr.sbin/pppd/chap.c index 43e91198b6b..2eddac898bd 100644 --- a/usr.sbin/pppd/chap.c +++ b/usr.sbin/pppd/chap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: chap.c,v 1.11 2002/09/13 00:12:10 deraadt Exp $ */ +/* $OpenBSD: chap.c,v 1.12 2003/04/04 20:25:07 deraadt Exp $ */ /* * chap.c - Challenge Handshake Authentication Protocol. @@ -55,7 +55,7 @@ #if 0 static char rcsid[] = "Id: chap.c,v 1.15 1997/11/27 06:07:48 paulus Exp $"; #else -static char rcsid[] = "$OpenBSD: chap.c,v 1.11 2002/09/13 00:12:10 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: chap.c,v 1.12 2003/04/04 20:25:07 deraadt Exp $"; #endif #endif @@ -738,9 +738,9 @@ ChapSendStatus(cstate, code) char msg[256]; if (code == CHAP_SUCCESS) - sprintf(msg, "Welcome to %s.", hostname); + snprintf(msg, sizeof msg, "Welcome to %s.", hostname); else - sprintf(msg, "I don't like you. Go 'way."); + snprintf(msg, sizeof msg, "I don't like you. Go 'way."); msglen = strlen(msg); outlen = CHAP_HEADERLEN + msglen; diff --git a/usr.sbin/pppd/ipcp.c b/usr.sbin/pppd/ipcp.c index 93282afddfc..578cb771827 100644 --- a/usr.sbin/pppd/ipcp.c +++ b/usr.sbin/pppd/ipcp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipcp.c,v 1.9 2002/07/01 19:31:37 deraadt Exp $ */ +/* $OpenBSD: ipcp.c,v 1.10 2003/04/04 20:25:07 deraadt Exp $ */ /* * ipcp.c - PPP IP Control Protocol. @@ -46,7 +46,7 @@ #if 0 static char rcsid[] = "Id: ipcp.c,v 1.34 1998/04/28 23:38:09 paulus Exp $"; #else -static char rcsid[] = "$OpenBSD: ipcp.c,v 1.9 2002/07/01 19:31:37 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: ipcp.c,v 1.10 2003/04/04 20:25:07 deraadt Exp $"; #endif #endif @@ -174,7 +174,7 @@ u_int32_t ipaddr; ipaddr = ntohl(ipaddr); - sprintf(b, "%d.%d.%d.%d", + snprintf(b, sizeof b, "%d.%d.%d.%d", (u_char)(ipaddr >> 24), (u_char)(ipaddr >> 16), (u_char)(ipaddr >> 8), @@ -1368,9 +1368,11 @@ ipcp_script(f, script) char strspeed[32], strlocal[32], strremote[32]; char *argv[8]; - sprintf(strspeed, "%d", baud_rate); - strcpy(strlocal, ip_ntoa(ipcp_gotoptions[f->unit].ouraddr)); - strcpy(strremote, ip_ntoa(ipcp_hisoptions[f->unit].hisaddr)); + snprintf(strspeed, sizeof strspeed, "%d", baud_rate); + strlcpy(strlocal, ip_ntoa(ipcp_gotoptions[f->unit].ouraddr), + sizeof strlocal); + strlcpy(strremote, ip_ntoa(ipcp_hisoptions[f->unit].hisaddr), + sizeof strremote); argv[0] = script; argv[1] = ifname; diff --git a/usr.sbin/pppd/ipxcp.c b/usr.sbin/pppd/ipxcp.c index aa057618dfd..dad33181be8 100644 --- a/usr.sbin/pppd/ipxcp.c +++ b/usr.sbin/pppd/ipxcp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipxcp.c,v 1.10 2002/07/01 19:31:37 deraadt Exp $ */ +/* $OpenBSD: ipxcp.c,v 1.11 2003/04/04 20:25:07 deraadt Exp $ */ /* * ipxcp.c - PPP IPX Control Protocol. @@ -47,7 +47,7 @@ #if 0 static char rcsid[] = "Id: ipxcp.c,v 1.6 1998/03/25 03:08:16 paulus Exp $"; #else -static char rcsid[] = "$OpenBSD: ipxcp.c,v 1.10 2002/07/01 19:31:37 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: ipxcp.c,v 1.11 2003/04/04 20:25:07 deraadt Exp $"; #endif #endif @@ -194,7 +194,8 @@ ipx_ntoa(ipxaddr) u_int32_t ipxaddr; { static char b[64]; - sprintf(b, "%x", ipxaddr); + + snprintf(b, sizeof b, "%x", ipxaddr); return b; } @@ -1239,42 +1240,38 @@ ipxcp_script(f, script) char strnetwork[32], strpid[32]; char *argv[14], strproto_lcl[32], strproto_rmt[32]; - sprintf (strpid, "%ld", (long)getpid()); - sprintf (strspeed, "%d", baud_rate); + snprintf(strpid, sizeof strpid, "%ld", (long)getpid()); + snprintf(strspeed, sizeof strspeed, "%d", baud_rate); strproto_lcl[0] = '\0'; if (go->neg_router && ((go->router & BIT(IPX_NONE)) == 0)) { if (go->router & BIT(RIP_SAP)) - strcpy (strproto_lcl, "RIP "); + strlcpy (strproto_lcl, "RIP ", sizeof strproto_lcl); if (go->router & BIT(NLSP)) - strcat (strproto_lcl, "NLSP "); + strlcat (strproto_lcl, "NLSP ", sizeof strproto_lcl); } if (strproto_lcl[0] == '\0') - strcpy (strproto_lcl, "NONE "); - - strproto_lcl[strlen (strproto_lcl)-1] = '\0'; + strlcpy (strproto_lcl, "NONE ", sizeof strproto_lcl); strproto_rmt[0] = '\0'; if (ho->neg_router && ((ho->router & BIT(IPX_NONE)) == 0)) { if (ho->router & BIT(RIP_SAP)) - strcpy (strproto_rmt, "RIP "); + strlcpy (strproto_rmt, "RIP ", sizeof strproto_rmt); if (ho->router & BIT(NLSP)) - strcat (strproto_rmt, "NLSP "); + strlcat (strproto_rmt, "NLSP ", sizeof strproto_rmt); } if (strproto_rmt[0] == '\0') - strcpy (strproto_rmt, "NONE "); - - strproto_rmt[strlen (strproto_rmt)-1] = '\0'; + strlcpy (strproto_rmt, "NONE ", sizeof strproto_rmt); - strcpy (strnetwork, ipx_ntoa (go->network)); + strlcpy (strnetwork, ipx_ntoa (go->network), sizeof strnetwork); - sprintf (strlocal, + snprintf (strlocal, sizeof strlocal, "%02X%02X%02X%02X%02X%02X", NODE(go->our_node)); - sprintf (strremote, + snprintf (strremote, sizeof strremote, "%02X%02X%02X%02X%02X%02X", NODE(ho->his_node)); diff --git a/usr.sbin/pppd/main.c b/usr.sbin/pppd/main.c index 22ce837206d..4c65b55580e 100644 --- a/usr.sbin/pppd/main.c +++ b/usr.sbin/pppd/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.39 2002/07/29 22:02:38 millert Exp $ */ +/* $OpenBSD: main.c,v 1.40 2003/04/04 20:25:07 deraadt Exp $ */ /* * main.c - Point-to-Point Protocol main module @@ -46,7 +46,7 @@ #if 0 static char rcsid[] = "Id: main.c,v 1.49 1998/05/05 05:24:17 paulus Exp $"; #else -static char rcsid[] = "$OpenBSD: main.c,v 1.39 2002/07/29 22:02:38 millert Exp $"; +static char rcsid[] = "$OpenBSD: main.c,v 1.40 2003/04/04 20:25:07 deraadt Exp $"; #endif #endif @@ -208,8 +208,8 @@ main(argc, argv) phase = PHASE_INITIALIZE; p = ttyname(0); if (p) - strcpy(devnam, p); - strcpy(default_devnam, devnam); + strlcpy(devnam, p, MAXPATHLEN); + strlcpy(default_devnam, devnam, sizeof default_devnam); script_env = NULL; @@ -228,7 +228,7 @@ main(argc, argv) uid = getuid(); privileged = uid == 0; - sprintf(numbuf, "%u", uid); + snprintf(numbuf, sizeof numbuf, "%u", uid); script_setenv("UID", numbuf); /* @@ -277,7 +277,7 @@ main(argc, argv) } script_setenv("DEVICE", devnam); - sprintf(numbuf, "%d", baud_rate); + snprintf(numbuf, sizeof numbuf, "%d", baud_rate); script_setenv("SPEED", numbuf); /* @@ -402,7 +402,7 @@ main(argc, argv) open_ppp_loopback(); syslog(LOG_INFO, "Using interface ppp%d", ifunit); - (void) sprintf(ifname, "ppp%d", ifunit); + (void) snprintf(ifname, sizeof ifname, "ppp%d", ifunit); script_setenv("IFNAME", ifname); create_pidfile(); /* write pid to file */ @@ -541,7 +541,7 @@ main(argc, argv) if (!demand) { syslog(LOG_INFO, "Using interface ppp%d", ifunit); - (void) sprintf(ifname, "ppp%d", ifunit); + (void) snprintf(ifname, sizeof ifname, "ppp%d", ifunit); script_setenv("IFNAME", ifname); create_pidfile(); /* write pid to file */ @@ -661,7 +661,8 @@ create_pidfile() { FILE *pidfile; - (void) sprintf(pidfilename, "%s%s.pid", _PATH_VARRUN, ifname); + (void) snprintf(pidfilename, sizeof pidfilename, + "%s%s.pid", _PATH_VARRUN, ifname); if ((pidfile = fopen(pidfilename, "w")) != NULL) { fprintf(pidfile, "%ld\n", (long)pid); (void) fclose(pidfile); @@ -1277,7 +1278,7 @@ log_packet(p, len, prefix, level) char *prefix; int level; { - strcpy(line, prefix); + strlcpy(line, prefix, sizeof line); linep = line + strlen(line); format_packet(p, len, pr_log, NULL); if (linep != line) @@ -1645,12 +1646,8 @@ script_setenv(var, value) int i; char *p, *newstring; - newstring = (char *) malloc(vl + strlen(value) + 2); - if (newstring == 0) + if (asprintf(&newstring, "%s=%s", var, value) == -1) novm("script_setenv"); - strcpy(newstring, var); - newstring[vl] = '='; - strcpy(newstring+vl+1, value); /* check if this variable is already set */ if (script_env != 0) { diff --git a/usr.sbin/pppd/options.c b/usr.sbin/pppd/options.c index 7928f388b37..6a110ad958e 100644 --- a/usr.sbin/pppd/options.c +++ b/usr.sbin/pppd/options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: options.c,v 1.18 2002/12/23 21:07:43 mickey Exp $ */ +/* $OpenBSD: options.c,v 1.19 2003/04/04 20:25:07 deraadt Exp $ */ /* * options.c - handles option processing for PPP. @@ -46,7 +46,7 @@ #if 0 static char rcsid[] = "Id: options.c,v 1.42 1998/03/26 04:46:06 paulus Exp $"; #else -static char rcsid[] = "$OpenBSD: options.c,v 1.18 2002/12/23 21:07:43 mickey Exp $"; +static char rcsid[] = "$OpenBSD: options.c,v 1.19 2003/04/04 20:25:07 deraadt Exp $"; #endif #endif @@ -700,12 +700,8 @@ options_from_user() if (pw == NULL || (user = pw->pw_dir) == NULL || user[0] == 0) return 1; file = _PATH_USEROPT; - path = malloc(strlen(user) + strlen(file) + 2); - if (path == NULL) + if (asprintf(&path, "%s/%s", user, file) == -1) novm("init file name"); - strcpy(path, user); - strcat(path, "/"); - strcat(path, file); ret = options_from_file(path, 0, 1, privileged); free(path); return ret; @@ -726,14 +722,8 @@ options_for_tty() dev += 5; if (strcmp(dev, "tty") == 0) return 1; /* don't look for /etc/ppp/options.tty */ - path = malloc(strlen(_PATH_TTYOPT) + strlen(dev) + 1); - if (path == NULL) + if (asprintf(&path, "%s%s", _PATH_TTYOPT, dev) == -1) novm("tty init file name"); - strcpy(path, _PATH_TTYOPT); - /* Turn slashes into dots, for Solaris case (e.g. /dev/term/a) */ - for (p = path + strlen(path); *dev != 0; ++dev) - *p++ = (*dev == '/'? '.': *dev); - *p = 0; ret = options_from_file(path, 0, 0, 1); free(path); return ret; @@ -1121,8 +1111,8 @@ callfile(argv) l = strlen(arg) + strlen(_PATH_PEERFILES) + 1; if ((fname = (char *) malloc(l)) == NULL) novm("call file name"); - strcpy(fname, _PATH_PEERFILES); - strcat(fname, arg); + strlcpy(fname, _PATH_PEERFILES, l); + strlcat(fname, arg, l); ok = options_from_file(fname, 1, 1, 1); @@ -1687,9 +1677,8 @@ setdevname(cp, quiet) return 0; if (strncmp("/dev/", cp, 5) != 0) { - strcpy(dev, "/dev/"); - strncat(dev, cp, MAXPATHLEN - 5); - dev[MAXPATHLEN-1] = 0; + strlcpy(dev, "/dev/", sizeof dev); + strlcat(dev, cp, sizeof dev); cp = dev; } diff --git a/usr.sbin/pppd/sys-bsd.c b/usr.sbin/pppd/sys-bsd.c index bbed485884d..b527d115b2e 100644 --- a/usr.sbin/pppd/sys-bsd.c +++ b/usr.sbin/pppd/sys-bsd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sys-bsd.c,v 1.19 2002/09/13 00:12:10 deraadt Exp $ */ +/* $OpenBSD: sys-bsd.c,v 1.20 2003/04/04 20:25:07 deraadt Exp $ */ /* * sys-bsd.c - System-dependent procedures for setting up @@ -78,7 +78,7 @@ #if 0 static char rcsid[] = "Id: sys-bsd.c,v 1.31 1998/04/02 12:04:19 paulus Exp $"; #else -static char rcsid[] = "$OpenBSD: sys-bsd.c,v 1.19 2002/09/13 00:12:10 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: sys-bsd.c,v 1.20 2003/04/04 20:25:07 deraadt Exp $"; #endif #endif @@ -1593,10 +1593,8 @@ lock(dev) if ((p = strrchr(dev, '/')) != NULL) dev = p + 1; - lock_file = malloc(strlen(LOCK_PREFIX) + strlen(dev) + 1); - if (lock_file == NULL) + if (asprintf(&lock_file, "%s%s", LOCK_PREFIX, dev) == -1) novm("lock file name"); - strcat(strcpy(lock_file, LOCK_PREFIX), dev); while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) { if (errno == EEXIST @@ -1631,7 +1629,7 @@ lock(dev) return -1; } - sprintf(hdb_lock_buffer, "%10ld\n", (long)getpid()); + snprintf(hdb_lock_buffer, sizeof hdb_lock_buffer, "%10ld\n", (long)getpid()); write(fd, hdb_lock_buffer, 11); close(fd); |