diff options
| author | Xavier Santolaria <xsa@cvs.openbsd.org> | 2005-04-16 19:05:03 +0000 |
|---|---|---|
| committer | Xavier Santolaria <xsa@cvs.openbsd.org> | 2005-04-16 19:05:03 +0000 |
| commit | 0cae10430a2668ccb1fbf3384626de2a454e4aa9 (patch) | |
| tree | e11c5cd406f261d0871501e2f5411ea95519a41b | |
| parent | bd9adb8655c1ef4397614e9de21c9c9c68125acc (diff) | |
snprintf return value check; joris ok
| -rw-r--r-- | usr.bin/cvs/admin.c | 13 | ||||
| -rw-r--r-- | usr.bin/cvs/cvs.c | 11 | ||||
| -rw-r--r-- | usr.bin/cvs/diff.c | 12 | ||||
| -rw-r--r-- | usr.bin/cvs/root.c | 11 |
4 files changed, 37 insertions, 10 deletions
diff --git a/usr.bin/cvs/admin.c b/usr.bin/cvs/admin.c index 43ff574a26b..94db0513897 100644 --- a/usr.bin/cvs/admin.c +++ b/usr.bin/cvs/admin.c @@ -1,4 +1,4 @@ -/* $OpenBSD: admin.c,v 1.11 2005/04/12 14:58:40 joris Exp $ */ +/* $OpenBSD: admin.c,v 1.12 2005/04/16 19:05:02 xsa Exp $ */ /* * Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org> * Copyright (c) 2005 Joris Vink <joris@openbsd.org> @@ -295,7 +295,7 @@ cvs_admin_sendflags(struct cvsroot *root) int cvs_admin_file(CVSFILE *cfp, void *arg) { - int ret; + int ret, l; char *repo, fpath[MAXPATHLEN], rcspath[MAXPATHLEN]; RCSFILE *rf; struct cvs_ent *entp; @@ -350,8 +350,15 @@ cvs_admin_file(CVSFILE *cfp, void *arg) return (0); } - snprintf(rcspath, sizeof(rcspath), "%s/%s/%s%s", + l = snprintf(rcspath, sizeof(rcspath), "%s/%s/%s%s", root->cr_dir, repo, CVS_FILE_NAME(cfp), RCS_FILE_EXT); + if (l == -1 || l >= (int)sizeof(rcspath)) { + errno = ENAMETOOLONG; + cvs_log(LP_ERRNO, "%s", rcspath); + + cvs_ent_free(entp); + return (-1); + } rf = rcs_open(rcspath, RCS_READ); if (rf == NULL) { diff --git a/usr.bin/cvs/cvs.c b/usr.bin/cvs/cvs.c index a39e67e7e8d..761de4aef2f 100644 --- a/usr.bin/cvs/cvs.c +++ b/usr.bin/cvs/cvs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cvs.c,v 1.53 2005/04/12 19:35:32 joris Exp $ */ +/* $OpenBSD: cvs.c,v 1.54 2005/04/16 19:05:02 xsa Exp $ */ /* * Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org> * All rights reserved. @@ -587,7 +587,7 @@ static void cvs_read_rcfile(void) { char rcpath[MAXPATHLEN], linebuf[128], *lp; - int linenum = 0; + int l, linenum = 0; size_t len; struct cvs_cmd *cmdp; struct passwd *pw; @@ -599,7 +599,12 @@ cvs_read_rcfile(void) return; } - snprintf(rcpath, sizeof(rcpath), "%s/%s", pw->pw_dir, CVS_PATH_RC); + l = snprintf(rcpath, sizeof(rcpath), "%s/%s", pw->pw_dir, CVS_PATH_RC); + if (l == -1 || l >= (int)sizeof(rcpath)) { + errno = ENAMETOOLONG; + cvs_log(LP_ERRNO, "%s", rcpath); + return; + } fp = fopen(rcpath, "r"); if (fp == NULL) { diff --git a/usr.bin/cvs/diff.c b/usr.bin/cvs/diff.c index ae956aa9bfc..210949bcf8c 100644 --- a/usr.bin/cvs/diff.c +++ b/usr.bin/cvs/diff.c @@ -1,4 +1,4 @@ -/* $OpenBSD: diff.c,v 1.29 2005/04/14 16:49:09 joris Exp $ */ +/* $OpenBSD: diff.c,v 1.30 2005/04/16 19:05:02 xsa Exp $ */ /* * Copyright (C) Caldera International Inc. 2001-2002. * All rights reserved. @@ -475,6 +475,7 @@ cvs_diff_sendflags(struct cvsroot *root) int cvs_diff_file(struct cvs_file *cfp, void *arg) { + int l; char *dir, *repo, buf[64]; char fpath[MAXPATHLEN], dfpath[MAXPATHLEN], rcspath[MAXPATHLEN]; char path_tmp1[MAXPATHLEN], path_tmp2[MAXPATHLEN]; @@ -556,8 +557,15 @@ cvs_diff_file(struct cvs_file *cfp, void *arg) cvs_sendreq(root, CVS_REQ_MODIFIED, CVS_FILE_NAME(cfp)); cvs_sendfile(root, diff_file); } else { - snprintf(rcspath, sizeof(rcspath), "%s/%s/%s%s", + l = snprintf(rcspath, sizeof(rcspath), "%s/%s/%s%s", root->cr_dir, repo, diff_file, RCS_FILE_EXT); + if (l == -1 || l >= (int)sizeof(rcspath)) { + errno = ENAMETOOLONG; + cvs_log(LP_ERRNO, "%s", rcspath); + + cvs_ent_free(entp); + return (-1); + } rf = rcs_open(rcspath, RCS_READ); if (rf == NULL) { diff --git a/usr.bin/cvs/root.c b/usr.bin/cvs/root.c index de43073d501..e9dc8db2bfe 100644 --- a/usr.bin/cvs/root.c +++ b/usr.bin/cvs/root.c @@ -1,4 +1,4 @@ -/* $OpenBSD: root.c,v 1.15 2005/02/17 16:09:03 jfb Exp $ */ +/* $OpenBSD: root.c,v 1.16 2005/04/16 19:05:02 xsa Exp $ */ /* * Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org> * All rights reserved. @@ -260,6 +260,7 @@ cvsroot_free(struct cvsroot *root) struct cvsroot* cvsroot_get(const char *dir) { + int l; size_t len; char rootpath[MAXPATHLEN], *rootstr, line[128]; FILE *fp; @@ -267,7 +268,13 @@ cvsroot_get(const char *dir) if (cvs_rootstr != NULL) return cvsroot_parse(cvs_rootstr); - snprintf(rootpath, sizeof(rootpath), "%s/" CVS_PATH_ROOTSPEC, dir); + l = snprintf(rootpath, sizeof(rootpath), "%s/" CVS_PATH_ROOTSPEC, dir); + if (l == -1 || l >= (int)sizeof(rootpath)) { + errno = ENAMETOOLONG; + cvs_log(LP_ERRNO, "%s", rootpath); + return (NULL); + } + fp = fopen(rootpath, "r"); if (fp == NULL) { if (errno == ENOENT) { |