diff options
author | Hakan Olsson <ho@cvs.openbsd.org> | 2003-03-16 12:18:22 +0000 |
---|---|---|
committer | Hakan Olsson <ho@cvs.openbsd.org> | 2003-03-16 12:18:22 +0000 |
commit | bdadd960a0c95ffa89a55f7253fe169550cc95b8 (patch) | |
tree | 08a5a67175365f2a93e73c27826cb83be1dc983a | |
parent | 587479b12a642fdd914c1c9cfac5d81a32959a9c (diff) |
Less strcpy/strcat/sprintf. tdeval@ ok.
-rw-r--r-- | lib/libssl/src/crypto/bio/b_dump.c | 32 | ||||
-rw-r--r-- | lib/libssl/src/crypto/conf/conf_def.c | 4 | ||||
-rw-r--r-- | lib/libssl/src/crypto/conf/conf_mod.c | 6 | ||||
-rw-r--r-- | lib/libssl/src/crypto/dso/dso_lib.c | 4 | ||||
-rw-r--r-- | lib/libssl/src/crypto/mem_dbg.c | 7 | ||||
-rw-r--r-- | lib/libssl/src/crypto/rand/rand_egd.c | 2 | ||||
-rw-r--r-- | lib/libssl/src/crypto/ui/ui_lib.c | 13 | ||||
-rw-r--r-- | lib/libssl/src/crypto/x509v3/v3_info.c | 11 |
8 files changed, 43 insertions, 36 deletions
diff --git a/lib/libssl/src/crypto/bio/b_dump.c b/lib/libssl/src/crypto/bio/b_dump.c index 8397cfab6a2..983604fb494 100644 --- a/lib/libssl/src/crypto/bio/b_dump.c +++ b/lib/libssl/src/crypto/bio/b_dump.c @@ -104,38 +104,41 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent) for(i=0;i<rows;i++) { buf[0]='\0'; /* start with empty string */ - strcpy(buf,str); - sprintf(tmp,"%04x - ",i*dump_width); - strcat(buf,tmp); + strlcpy(buf,str,sizeof buf); + snprintf(tmp,sizeof tmp,"%04x - ",i*dump_width); + strlcat(buf,tmp,sizeof buf); for(j=0;j<dump_width;j++) { if (((i*dump_width)+j)>=len) { - strcat(buf," "); + strlcat(buf," ",sizeof buf); } else { ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; - sprintf(tmp,"%02x%c",ch,j==7?'-':' '); - strcat(buf,tmp); + snprintf(tmp,sizeof tmp,"%02x%c",ch, + j==7?'-':' '); + strlcat(buf,tmp,sizeof buf); } } - strcat(buf," "); + strlcat(buf," ",sizeof buf); for(j=0;j<dump_width;j++) { if (((i*dump_width)+j)>=len) break; ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; #ifndef CHARSET_EBCDIC - sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.'); + snprintf(tmp,sizeof tmp,"%c", + ((ch>=' ')&&(ch<='~'))?ch:'.'); #else - sprintf(tmp,"%c",((ch>=os_toascii[' '])&&(ch<=os_toascii['~'])) - ? os_toebcdic[ch] - : '.'); + snprintf(tmp,sizeof tmp,"%c", + ((ch>=os_toascii[' '])&&(ch<=os_toascii['~'])) + ? os_toebcdic[ch] + : '.'); #endif - strcat(buf,tmp); + strlcat(buf,tmp,sizeof buf); } - strcat(buf,"\n"); + strlcat(buf,"\n",sizeof buf); /* if this is the last call then update the ddt_dump thing so that * we will move the selection point in the debug window */ @@ -144,7 +147,8 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent) #ifdef TRUNCATE if (trunc > 0) { - sprintf(buf,"%s%04x - <SPACES/NULS>\n",str,len+trunc); + snprintf(buf,sizeof buf,"%s%04x - <SPACES/NULS>\n",str, + len+trunc); ret+=BIO_write(bio,(char *)buf,strlen(buf)); } #endif diff --git a/lib/libssl/src/crypto/conf/conf_def.c b/lib/libssl/src/crypto/conf/conf_def.c index 5e194de60e9..37925b603dd 100644 --- a/lib/libssl/src/crypto/conf/conf_def.c +++ b/lib/libssl/src/crypto/conf/conf_def.c @@ -234,7 +234,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); goto err; } - strcpy(section,"default"); + strlcpy(section,"default",10); if (_CONF_new_data(conf) == 0) { @@ -390,7 +390,7 @@ again: ERR_R_MALLOC_FAILURE); goto err; } - strcpy(v->name,pname); + strlcpy(v->name,pname,strlen(pname)+1); if (!str_copy(conf,psection,&(v->value),start)) goto err; if (strcmp(psection,section) != 0) diff --git a/lib/libssl/src/crypto/conf/conf_mod.c b/lib/libssl/src/crypto/conf/conf_mod.c index edcc08921c2..8270ae5eb53 100644 --- a/lib/libssl/src/crypto/conf/conf_mod.c +++ b/lib/libssl/src/crypto/conf/conf_mod.c @@ -561,11 +561,11 @@ char *CONF_get1_default_config_file(void) if (!file) return NULL; - strcpy(file,X509_get_default_cert_area()); + strlcpy(file,X509_get_default_cert_area(),len + 1); #ifndef OPENSSL_SYS_VMS - strcat(file,"/"); + strlcat(file,"/",len + 1); #endif - strcat(file,OPENSSL_CONF); + strlcat(file,OPENSSL_CONF,len + 1); return file; } diff --git a/lib/libssl/src/crypto/dso/dso_lib.c b/lib/libssl/src/crypto/dso/dso_lib.c index 556069b9b82..85ac5103cdf 100644 --- a/lib/libssl/src/crypto/dso/dso_lib.c +++ b/lib/libssl/src/crypto/dso/dso_lib.c @@ -383,7 +383,7 @@ int DSO_set_filename(DSO *dso, const char *filename) DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE); return(0); } - strcpy(copied, filename); + strlcpy(copied, filename, strlen(filename) + 1); if(dso->filename) OPENSSL_free(dso->filename); dso->filename = copied; @@ -422,7 +422,7 @@ char *DSO_convert_filename(DSO *dso, const char *filename) ERR_R_MALLOC_FAILURE); return(NULL); } - strcpy(result, filename); + strlcpy(result, filename, strlen(filename) + 1); } return(result); } diff --git a/lib/libssl/src/crypto/mem_dbg.c b/lib/libssl/src/crypto/mem_dbg.c index 1c4e04f51fc..0beb3b36d15 100644 --- a/lib/libssl/src/crypto/mem_dbg.c +++ b/lib/libssl/src/crypto/mem_dbg.c @@ -629,7 +629,7 @@ static void print_leak(const MEM *m, MEM_LEAK *l) ami_cnt++; memset(buf,'>',ami_cnt); - sprintf(buf + ami_cnt, + snprintf(buf + ami_cnt, sizeof buf - ami_cnt, " thread=%lu, file=%s, line=%d, info=\"", amip->thread, amip->file, amip->line); buf_len=strlen(buf); @@ -641,10 +641,11 @@ static void print_leak(const MEM *m, MEM_LEAK *l) } else { - strcpy(buf + buf_len, amip->info); + strlcpy(buf + buf_len, amip->info, + sizeof buf - buf_len); buf_len = strlen(buf); } - sprintf(buf + buf_len, "\"\n"); + snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n"); BIO_puts(l->bio,buf); diff --git a/lib/libssl/src/crypto/rand/rand_egd.c b/lib/libssl/src/crypto/rand/rand_egd.c index abc3ac27d55..96019c07a6e 100644 --- a/lib/libssl/src/crypto/rand/rand_egd.c +++ b/lib/libssl/src/crypto/rand/rand_egd.c @@ -145,7 +145,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) addr.sun_family = AF_UNIX; if (strlen(path) > sizeof(addr.sun_path)) return (-1); - strcpy(addr.sun_path,path); + strlcpy(addr.sun_path,path,sizeof addr.sun_path); len = offsetof(struct sockaddr_un, sun_path) + strlen(path); fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd == -1) return (-1); diff --git a/lib/libssl/src/crypto/ui/ui_lib.c b/lib/libssl/src/crypto/ui/ui_lib.c index 16946cad95b..cce9075ac1d 100644 --- a/lib/libssl/src/crypto/ui/ui_lib.c +++ b/lib/libssl/src/crypto/ui/ui_lib.c @@ -428,14 +428,14 @@ char *UI_construct_prompt(UI *ui, const char *object_desc, len += sizeof(prompt3) - 1; prompt = (char *)OPENSSL_malloc(len + 1); - strcpy(prompt, prompt1); - strcat(prompt, object_desc); + strlcpy(prompt, prompt1, len + 1); + strlcat(prompt, object_desc, len + 1); if (object_name) { - strcat(prompt, prompt2); - strcat(prompt, object_name); + strlcat(prompt, prompt2, len + 1); + strlcat(prompt, object_name, len + 1); } - strcat(prompt, prompt3); + strlcat(prompt, prompt3, len + 1); } return prompt; } @@ -863,7 +863,8 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result) return -1; } - strcpy(uis->result_buf, result); + strlcpy(uis->result_buf, result, + uis->_.string_data.result_maxsize + 1); break; case UIT_BOOLEAN: { diff --git a/lib/libssl/src/crypto/x509v3/v3_info.c b/lib/libssl/src/crypto/x509v3/v3_info.c index e1cf01a9b46..92b9316b020 100644 --- a/lib/libssl/src/crypto/x509v3/v3_info.c +++ b/lib/libssl/src/crypto/x509v3/v3_info.c @@ -105,7 +105,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method STACK_OF(CONF_VALUE) *ret) { ACCESS_DESCRIPTION *desc; - int i; + int i,nlen; char objtmp[80], *ntmp; CONF_VALUE *vtmp; for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) { @@ -114,15 +114,16 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method if(!ret) break; vtmp = sk_CONF_VALUE_value(ret, i); i2t_ASN1_OBJECT(objtmp, 80, desc->method); - ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5); + nlen = strlen(objtmp) + strlen(vtmp->name) + 4; + ntmp = OPENSSL_malloc(nlen); if(!ntmp) { X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); return NULL; } - strcpy(ntmp, objtmp); - strcat(ntmp, " - "); - strcat(ntmp, vtmp->name); + strlcpy(ntmp, objtmp, nlen); + strlcat(ntmp, " - ", nlen); + strlcat(ntmp, vtmp->name, nlen); OPENSSL_free(vtmp->name); vtmp->name = ntmp; |