summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRay Lai <ray@cvs.openbsd.org>2006-04-29 05:31:29 +0000
committerRay Lai <ray@cvs.openbsd.org>2006-04-29 05:31:29 +0000
commitf36c2e3e0a2a4d86a12061db66523cadaa8434fc (patch)
tree852a7c50b27b6a533aab94a7ef37f12ba175796c
parentb8cce2c60fab9bd9cc2acde64fe2e07b91fe700a (diff)
Check return values for all strlcpy, and strlcat calls.
OK xsa@ and probably others.
-rw-r--r--usr.bin/rcs/ci.c33
-rw-r--r--usr.bin/rcs/co.c12
-rw-r--r--usr.bin/rcs/diff.c7
-rw-r--r--usr.bin/rcs/diff3.c33
-rw-r--r--usr.bin/rcs/rcs.c95
-rw-r--r--usr.bin/rcs/rcsdiff.c43
-rw-r--r--usr.bin/rcs/rcsnum.c14
-rw-r--r--usr.bin/rcs/rcsprog.c7
-rw-r--r--usr.bin/rcs/rcsutil.c8
-rw-r--r--usr.bin/rcs/xmalloc.c5
10 files changed, 151 insertions, 106 deletions
diff --git a/usr.bin/rcs/ci.c b/usr.bin/rcs/ci.c
index e3840e7942f..dd9bc54b2b1 100644
--- a/usr.bin/rcs/ci.c
+++ b/usr.bin/rcs/ci.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ci.c,v 1.165 2006/04/29 05:10:16 ray Exp $ */
+/* $OpenBSD: ci.c,v 1.166 2006/04/29 05:31:28 ray Exp $ */
/*
* Copyright (c) 2005, 2006 Niall O'Higgins <niallo@openbsd.org>
* All rights reserved.
@@ -352,15 +352,17 @@ checkin_diff_file(struct checkin_params *pb)
goto out;
}
- strlcpy(path1, rcs_tmpdir, sizeof(path1));
- strlcat(path1, "/diff1.XXXXXXXXXX", sizeof(path1));
+ if (strlcpy(path1, rcs_tmpdir, sizeof(path1)) >= sizeof(path1) ||
+ strlcat(path1, "/diff1.XXXXXXXXXX", sizeof(path1)) >= sizeof(path1))
+ errx(1, "path truncated");
rcs_buf_write_stmp(b1, path1, 0600);
rcs_buf_free(b1);
b1 = NULL;
- strlcpy(path2, rcs_tmpdir, sizeof(path2));
- strlcat(path2, "/diff2.XXXXXXXXXX", sizeof(path2));
+ if (strlcpy(path2, rcs_tmpdir, sizeof(path2)) >= sizeof(path2) ||
+ strlcat(path2, "/diff2.XXXXXXXXXX", sizeof(path2)) >= sizeof(path2))
+ errx(1, "path truncated");
rcs_buf_write_stmp(b2, path2, 0600);
rcs_buf_free(b2);
@@ -881,10 +883,9 @@ checkin_keywordscan(char *data, RCSNUM **rev, time_t *date, char **author,
while (*c++) {
if (*c == '$') {
end = c - start + 2;
- if (end >= sizeof(buf))
+ if (strlcpy(buf, start, end) >= end)
errx(1, "keyword buffer"
" too small!");
- strlcpy(buf, start, end);
checkin_parsekeyword(buf, rev,
date, author, state);
break;
@@ -970,11 +971,12 @@ checkin_parsekeyword(char *keystring, RCSNUM **rev, time_t *date,
*state = xstrdup(tokens[6]);
len = strlen(tokens[3]) + strlen(tokens[4]) + 2;
datestring = xmalloc(len);
- strlcpy(datestring, tokens[3], len);
- strlcat(datestring, " ", len);
- strlcat(datestring, tokens[4], len);
+ if (strlcpy(datestring, tokens[3], len) >= len ||
+ strlcat(datestring, " ", len) >= len ||
+ strlcat(datestring, tokens[4], len) >= len)
+ errx(1, "date too long");
if ((*date = rcs_date_parse(datestring)) <= 0)
- errx(1, "could not parse date");
+ errx(1, "could not parse date");
xfree(datestring);
break;
case KW_TYPE_AUTHOR:
@@ -995,11 +997,12 @@ checkin_parsekeyword(char *keystring, RCSNUM **rev, time_t *date,
}
len = strlen(tokens[1]) + strlen(tokens[2]) + 2;
datestring = xmalloc(len);
- strlcpy(datestring, tokens[1], len);
- strlcat(datestring, " ", len);
- strlcat(datestring, tokens[2], len);
+ if (strlcpy(datestring, tokens[1], len) >= len ||
+ strlcat(datestring, " ", len) >= len ||
+ strlcat(datestring, tokens[2], len) >= len)
+ errx(1, "date too long");
if ((*date = rcs_date_parse(datestring)) <= 0)
- errx(1, "could not parse date");
+ errx(1, "could not parse date");
xfree(datestring);
break;
case KW_TYPE_STATE:
diff --git a/usr.bin/rcs/co.c b/usr.bin/rcs/co.c
index 80c68db241e..20d9e83fb17 100644
--- a/usr.bin/rcs/co.c
+++ b/usr.bin/rcs/co.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: co.c,v 1.86 2006/04/26 21:55:22 joris Exp $ */
+/* $OpenBSD: co.c,v 1.87 2006/04/29 05:31:28 ray Exp $ */
/*
* Copyright (c) 2005 Joris Vink <joris@openbsd.org>
* All rights reserved.
@@ -330,12 +330,14 @@ checkout_rev(RCSFILE *file, RCSNUM *frev, const char *dst, int flags,
if (file->rf_ndelta != 0 && rdp->rd_locker != NULL) {
if (strcmp(lockname, rdp->rd_locker)) {
- strlcpy(msg, "Revision %s is already locked by %s; ",
- sizeof(msg));
+ if (strlcpy(msg, "Revision %s is already locked by %s; ",
+ sizeof(msg)) >= sizeof(msg))
+ errx(1, "msg too long");
if (flags & CO_UNLOCK) {
- strlcat(msg, "use co -r or rcs -u",
- sizeof(msg));
+ if (strlcat(msg, "use co -r or rcs -u",
+ sizeof(msg)) >= sizeof(msg))
+ errx(1, "msg too long");
}
warnx(msg, buf, rdp->rd_locker);
diff --git a/usr.bin/rcs/diff.c b/usr.bin/rcs/diff.c
index 6eecdd738c4..10e74089007 100644
--- a/usr.bin/rcs/diff.c
+++ b/usr.bin/rcs/diff.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: diff.c,v 1.2 2006/04/26 15:08:25 xsa Exp $ */
+/* $OpenBSD: diff.c,v 1.3 2006/04/29 05:31:28 ray Exp $ */
/*
* Copyright (C) Caldera International Inc. 2001-2002.
* All rights reserved.
@@ -1182,8 +1182,9 @@ match_function(const long *f, int pos, FILE *fp)
if (p != NULL)
*p = '\0';
if (isalpha(buf[0]) || buf[0] == '_' || buf[0] == '$') {
- strlcpy(lastbuf, (const char *)buf,
- sizeof lastbuf);
+ if (strlcpy(lastbuf, (const char *)buf,
+ sizeof(lastbuf)) >= sizeof(lastbuf))
+ errx(1, "match_function: strlcpy");
lastmatchline = pos;
return lastbuf;
}
diff --git a/usr.bin/rcs/diff3.c b/usr.bin/rcs/diff3.c
index bd04b9efff9..8ec3e9d3130 100644
--- a/usr.bin/rcs/diff3.c
+++ b/usr.bin/rcs/diff3.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: diff3.c,v 1.2 2006/04/27 07:59:33 xsa Exp $ */
+/* $OpenBSD: diff3.c,v 1.3 2006/04/29 05:31:28 ray Exp $ */
/*
* Copyright (C) Caldera International Inc. 2001-2002.
@@ -72,7 +72,7 @@ static const char copyright[] =
#ifndef lint
static const char rcsid[] =
- "$OpenBSD: diff3.c,v 1.2 2006/04/27 07:59:33 xsa Exp $";
+ "$OpenBSD: diff3.c,v 1.3 2006/04/29 05:31:28 ray Exp $";
#endif /* not lint */
#include "includes.h"
@@ -186,13 +186,13 @@ rcs_diff3(RCSFILE *rf, char *workfile, RCSNUM *rev1, RCSNUM *rev2, int verbose)
d2 = rcs_buf_alloc((size_t)128, BUF_AUTOEXT);
diffb = rcs_buf_alloc((size_t)128, BUF_AUTOEXT);
- strlcpy(path1, "/tmp/diff1.XXXXXXXXXX", sizeof(path1));
- rcs_buf_write_stmp(b1, path1, 0600);
+ if (strlcpy(path1, "/tmp/diff1.XXXXXXXXXX", sizeof(path1)) >= sizeof(path1) ||
+ strlcpy(path2, "/tmp/diff2.XXXXXXXXXX", sizeof(path2)) >= sizeof(path2) ||
+ strlcpy(path3, "/tmp/diff3.XXXXXXXXXX", sizeof(path3)) >= sizeof(path3))
+ errx(1, "rcs_diff3: string truncated");
- strlcpy(path2, "/tmp/diff2.XXXXXXXXXX", sizeof(path2));
+ rcs_buf_write_stmp(b1, path1, 0600);
rcs_buf_write_stmp(b2, path2, 0600);
-
- strlcpy(path3, "/tmp/diff3.XXXXXXXXXX", sizeof(path3));
rcs_buf_write_stmp(b3, path3, 0600);
rcs_buf_free(b2);
@@ -201,13 +201,15 @@ rcs_diff3(RCSFILE *rf, char *workfile, RCSNUM *rev1, RCSNUM *rev2, int verbose)
rcs_diffreg(path1, path3, d1);
rcs_diffreg(path2, path3, d2);
- strlcpy(dp13, "/tmp/d13.XXXXXXXXXX", sizeof(dp13));
+ if (strlcpy(dp13, "/tmp/d13.XXXXXXXXXX", sizeof(dp13)) >= sizeof(dp13))
+ errx(1, "rcs_diff3: string truncated");
rcs_buf_write_stmp(d1, dp13, 0600);
rcs_buf_free(d1);
d1 = NULL;
- strlcpy(dp23, "/tmp/d23.XXXXXXXXXX", sizeof(dp23));
+ if (strlcpy(dp23, "/tmp/d23.XXXXXXXXXX", sizeof(dp23)) >= sizeof(dp23))
+ errx(1, "rcs_diff3: string truncated");
rcs_buf_write_stmp(d2, dp23, 0600);
rcs_buf_free(d2);
@@ -281,22 +283,23 @@ diff3_internal(int argc, char **argv, const char *fmark, const char *rmark)
if (argc < 5)
return (-1);
- strlcpy(f1mark, "<<<<<<< ", sizeof(f1mark));
- strlcat(f1mark, fmark, sizeof(f1mark));
+ if (strlcpy(f1mark, "<<<<<<< ", sizeof(f1mark)) >= sizeof(f1mark) ||
+ strlcat(f1mark, fmark, sizeof(f1mark)) >= sizeof(f1mark))
+ errx(1, "diff3_internal: string truncated");
- strlcpy(f3mark, ">>>>>>> ", sizeof(f3mark));
- strlcat(f3mark, rmark, sizeof(f3mark));
+ if (strlcpy(f3mark, ">>>>>>> ", sizeof(f3mark)) >= sizeof(f3mark) ||
+ strlcat(f3mark, rmark, sizeof(f3mark)) >= sizeof(f3mark))
+ errx(1, "diff3_internal: strlcat");
increase();
m = readin(argv[0], &d13);
n = readin(argv[1], &d23);
- for (i = 0; i <= 2; i++) {
+ for (i = 0; i <= 2; i++)
if ((fp[i] = fopen(argv[i + 2], "r")) == NULL) {
warn("%s", argv[i + 2]);
return (-1);
}
- }
return (merge(m, n));
}
diff --git a/usr.bin/rcs/rcs.c b/usr.bin/rcs/rcs.c
index b1f3f5de11b..2eca0e99d7f 100644
--- a/usr.bin/rcs/rcs.c
+++ b/usr.bin/rcs/rcs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rcs.c,v 1.4 2006/04/27 07:59:33 xsa Exp $ */
+/* $OpenBSD: rcs.c,v 1.5 2006/04/29 05:31:28 ray Exp $ */
/*
* Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org>
* All rights reserved.
@@ -358,7 +358,7 @@ int
rcs_write(RCSFILE *rfp)
{
FILE *fp;
- char buf[1024], numbuf[64], fn[19] = "";
+ char buf[1024], numbuf[64], fn[20] = "";
void *bp;
struct rcs_access *ap;
struct rcs_sym *symp;
@@ -377,12 +377,17 @@ rcs_write(RCSFILE *rfp)
/* Write operations need the whole file parsed */
rcs_parse_deltatexts(rfp, NULL);
- strlcpy(fn, "/tmp/rcs.XXXXXXXXXX", sizeof(fn));
+ if (strlcpy(fn, "/tmp/rcs.XXXXXXXXXX", sizeof(fn)) >= sizeof(fn))
+ errx(1, "rcs_write: string truncated");
if ((fd = mkstemp(fn)) == -1)
err(1, "%s", fn);
if ((fp = fdopen(fd, "w+")) == NULL) {
+ int saved_errno;
+
+ saved_errno = errno;
(void)unlink(fn);
+ errno = saved_errno;
err(1, "%s", fn);
}
@@ -407,9 +412,10 @@ rcs_write(RCSFILE *rfp)
fprintf(fp, "symbols");
TAILQ_FOREACH(symp, &(rfp->rf_symbols), rs_list) {
rcsnum_tostr(symp->rs_num, numbuf, sizeof(numbuf));
- strlcpy(buf, symp->rs_name, sizeof(buf));
- strlcat(buf, ":", sizeof(buf));
- strlcat(buf, numbuf, sizeof(buf));
+ if (strlcpy(buf, symp->rs_name, sizeof(buf)) >= sizeof(buf) ||
+ strlcat(buf, ":", sizeof(buf)) >= sizeof(buf) ||
+ strlcat(buf, numbuf, sizeof(buf)) >= sizeof(buf))
+ errx(1, "rcs_write: string overflow");
fprintf(fp, "\n\t%s", buf);
}
fprintf(fp, ";\n");
@@ -2084,7 +2090,9 @@ rcs_parse_deltatext(RCSFILE *rfp)
}
rdp->rd_text = xmalloc(RCS_TOKLEN(rfp) + 1);
- strlcpy(rdp->rd_text, RCS_TOKSTR(rfp), (RCS_TOKLEN(rfp) + 1));
+ if (strlcpy(rdp->rd_text, RCS_TOKSTR(rfp), (RCS_TOKLEN(rfp) + 1)) >=
+ RCS_TOKLEN(rfp) + 1)
+ errx(1, "rcs_parse_deltatext: strlcpy");
rdp->rd_tlen = RCS_TOKLEN(rfp);
return (1);
@@ -2369,7 +2377,9 @@ rcs_gettok(RCSFILE *rfp)
if (pdp->rp_pttype != RCS_TOK_ERR) {
type = pdp->rp_pttype;
- strlcpy(pdp->rp_buf, pdp->rp_ptok, pdp->rp_blen);
+ if (strlcpy(pdp->rp_buf, pdp->rp_ptok, pdp->rp_blen) >=
+ pdp->rp_blen)
+ errx(1, "rcs_gettok: strlcpy");
pdp->rp_pttype = RCS_TOK_ERR;
return (type);
}
@@ -2483,7 +2493,9 @@ rcs_pushtok(RCSFILE *rfp, const char *tok, int type)
return (-1);
pdp->rp_pttype = type;
- strlcpy(pdp->rp_ptok, tok, sizeof(pdp->rp_ptok));
+ if (strlcpy(pdp->rp_ptok, tok, sizeof(pdp->rp_ptok)) >=
+ sizeof(pdp->rp_ptok))
+ errx(1, "rcs_pushtok: strlcpy");
return (0);
}
@@ -2633,10 +2645,12 @@ rcs_expand_keywords(char *rcsfile, struct rcs_delta *rdp, char *data,
expbuf[0] = '\0';
if (mode & RCS_KWEXP_NAME) {
- strlcat(expbuf, "$", sizeof(expbuf));
- strlcat(expbuf, kwstr, sizeof(expbuf));
- if (mode & RCS_KWEXP_VAL)
- strlcat(expbuf, ": ", sizeof(expbuf));
+ if (strlcat(expbuf, "$", sizeof(expbuf)) >= sizeof(expbuf) ||
+ strlcat(expbuf, kwstr, sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
+ if ((mode & RCS_KWEXP_VAL) &&
+ strlcat(expbuf, ": ", sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
}
/*
@@ -2646,20 +2660,18 @@ rcs_expand_keywords(char *rcsfile, struct rcs_delta *rdp, char *data,
if (mode & RCS_KWEXP_VAL) {
if (kwtype & RCS_KW_RCSFILE) {
if (!(kwtype & RCS_KW_FULLPATH))
- strlcat(expbuf,
- basename(rcsfile),
- sizeof(expbuf));
+ (void)strlcat(expbuf, basename(rcsfile), sizeof(expbuf));
else
- strlcat(expbuf, rcsfile,
- sizeof(expbuf));
- strlcat(expbuf, " ", sizeof(expbuf));
+ (void)strlcat(expbuf, rcsfile, sizeof(expbuf));
+ if (strlcat(expbuf, " ", sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
}
if (kwtype & RCS_KW_REVISION) {
- rcsnum_tostr(rdp->rd_num, buf,
- sizeof(buf));
- strlcat(buf, " ", sizeof(buf));
- strlcat(expbuf, buf, sizeof(expbuf));
+ rcsnum_tostr(rdp->rd_num, buf, sizeof(buf));
+ if (strlcat(buf, " ", sizeof(buf)) >= sizeof(buf) ||
+ strlcat(expbuf, buf, sizeof(expbuf)) >= sizeof(buf))
+ errx(1, "rcs_expand_keywords: string truncated");
}
if (kwtype & RCS_KW_DATE) {
@@ -2669,38 +2681,42 @@ rcs_expand_keywords(char *rcsfile, struct rcs_delta *rdp, char *data,
fmt = "%Y/%m/%d %H:%M:%S ";
strftime(buf, sizeof(buf), fmt, &tb);
- strlcat(expbuf, buf, sizeof(expbuf));
+ if (strlcat(expbuf, buf, sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
}
if (kwtype & RCS_KW_AUTHOR) {
- strlcat(expbuf, rdp->rd_author,
- sizeof(expbuf));
- strlcat(expbuf, " ", sizeof(expbuf));
+ if (strlcat(expbuf, rdp->rd_author, sizeof(expbuf)) >= sizeof(expbuf) ||
+ strlcat(expbuf, " ", sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
}
if (kwtype & RCS_KW_STATE) {
- strlcat(expbuf, rdp->rd_state,
- sizeof(expbuf));
- strlcat(expbuf, " ", sizeof(expbuf));
+ if (strlcat(expbuf, rdp->rd_state, sizeof(expbuf)) >= sizeof(expbuf) ||
+ strlcat(expbuf, " ", sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
}
/* order does not matter anymore below */
if (kwtype & RCS_KW_LOG)
- strlcat(expbuf, " ", sizeof(expbuf));
+ if (strlcat(expbuf, " ", sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
if (kwtype & RCS_KW_SOURCE) {
- strlcat(expbuf, rcsfile,
- sizeof(expbuf));
- strlcat(expbuf, " ", sizeof(expbuf));
+ if (strlcat(expbuf, rcsfile, sizeof(expbuf)) >= sizeof(expbuf) ||
+ strlcat(expbuf, " ", sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
}
if (kwtype & RCS_KW_NAME)
- strlcat(expbuf, " ", sizeof(expbuf));
+ if (strlcat(expbuf, " ", sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
}
/* end the expansion */
if (mode & RCS_KWEXP_NAME)
- strlcat(expbuf, "$", sizeof(expbuf));
+ if (strlcat(expbuf, "$", sizeof(expbuf)) >= sizeof(expbuf))
+ errx(1, "rcs_expand_keywords: string truncated");
sizdiff = strlen(expbuf) - (end - start);
tbuf = xstrdup(end);
@@ -2718,8 +2734,9 @@ rcs_expand_keywords(char *rcsfile, struct rcs_delta *rdp, char *data,
start = data + start_offset;
c = data + c_offset;
}
- strlcpy(start, expbuf, len);
- strlcat(data, tbuf, len);
+ if (strlcpy(start, expbuf, len) >= len ||
+ strlcat(data, tbuf, len) >= len)
+ errx(1, "rcs_expand_keywords: string truncated");
xfree(tbuf);
i += strlen(expbuf);
}
@@ -2887,7 +2904,7 @@ rcs_kwexp_buf(BUF *bp, RCSFILE *rf, RCSNUM *rev)
if (!(expmode & RCS_KWEXP_NONE)) {
if ((rdp = rcs_findrev(rf, rev)) == NULL)
- errx(1, "could not fetch revision");
+ errx(1, "could not fetch revision");
rcs_buf_putc(bp, '\0');
len = rcs_buf_len(bp);
tbuf = rcs_buf_release(bp);
diff --git a/usr.bin/rcs/rcsdiff.c b/usr.bin/rcs/rcsdiff.c
index a475d4a20cf..87a2929e426 100644
--- a/usr.bin/rcs/rcsdiff.c
+++ b/usr.bin/rcs/rcsdiff.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rcsdiff.c,v 1.58 2006/04/26 21:55:22 joris Exp $ */
+/* $OpenBSD: rcsdiff.c,v 1.59 2006/04/29 05:31:28 ray Exp $ */
/*
* Copyright (c) 2005 Joris Vink <joris@openbsd.org>
* All rights reserved.
@@ -47,12 +47,15 @@ rcsdiff_main(int argc, char **argv)
rev_str1 = rev_str2 = NULL;
status = 0;
- strlcpy(diffargs, "diff", sizeof(diffargs));
+ if (strlcpy(diffargs, "diff", sizeof(diffargs)) >= sizeof(diffargs))
+ errx(1, "diffargs too long");
while ((ch = rcs_getopt(argc, argv, "ck:nqr:TuVx::z::")) != -1) {
switch (ch) {
case 'c':
- strlcat(diffargs, " -c", sizeof(diffargs));
+ if (strlcat(diffargs, " -c", sizeof(diffargs)) >=
+ sizeof(diffargs))
+ errx(1, "diffargs too long");
diff_format = D_CONTEXT;
break;
case 'k':
@@ -64,16 +67,14 @@ rcsdiff_main(int argc, char **argv)
}
break;
case 'n':
- strlcat(diffargs, " -n", sizeof(diffargs));
+ if (strlcat(diffargs, " -n", sizeof(diffargs)) >=
+ sizeof(diffargs))
+ errx(1, "diffargs too long");
diff_format = D_RCSDIFF;
break;
case 'q':
flags |= QUIET;
break;
- case 'u':
- strlcat(diffargs, " -u", sizeof(diffargs));
- diff_format = D_UNIFIED;
- break;
case 'r':
rcs_setrevstr2(&rev_str1, &rev_str2, rcs_optarg);
break;
@@ -82,6 +83,12 @@ rcsdiff_main(int argc, char **argv)
* kept for compatibility
*/
break;
+ case 'u':
+ if (strlcat(diffargs, " -u", sizeof(diffargs)) >=
+ sizeof(diffargs))
+ errx(1, "diffargs too long");
+ diff_format = D_UNIFIED;
+ break;
case 'V':
printf("%s\n", rcs_version);
exit(0);
@@ -228,8 +235,9 @@ rcsdiff_file(RCSFILE *file, RCSNUM *rev, const char *filename)
tv2[0].tv_sec = t;
tv2[1].tv_sec = t;
- strlcpy(path1, rcs_tmpdir, sizeof(path1));
- strlcat(path1, "/diff1.XXXXXXXXXX", sizeof(path1));
+ if (strlcpy(path1, rcs_tmpdir, sizeof(path1)) >= sizeof(path1) ||
+ strlcat(path1, "/diff1.XXXXXXXXXX", sizeof(path1)) >= sizeof(path1))
+ errx(1, "path too long");
rcs_buf_write_stmp(b1, path1, 0600);
rcs_buf_free(b1);
@@ -238,8 +246,9 @@ rcsdiff_file(RCSFILE *file, RCSNUM *rev, const char *filename)
if (utimes(path1, (const struct timeval *)&tv) < 0)
warn("utimes");
- strlcpy(path2, rcs_tmpdir, sizeof(path2));
- strlcat(path2, "/diff2.XXXXXXXXXX", sizeof(path2));
+ if (strlcpy(path2, rcs_tmpdir, sizeof(path2)) >= sizeof(path2) ||
+ strlcat(path2, "/diff2.XXXXXXXXXX", sizeof(path2)) >= sizeof(path2))
+ errx(1, "path too long");
rcs_buf_write_stmp(b2, path2, 0600);
rcs_buf_free(b2);
@@ -308,8 +317,9 @@ rcsdiff_rev(RCSFILE *file, RCSNUM *rev1, RCSNUM *rev2)
if (!(flags & QUIET))
fprintf(stderr, "%s -r%s -r%s\n", diffargs, rbuf1, rbuf2);
- strlcpy(path1, rcs_tmpdir, sizeof(path1));
- strlcat(path1, "/diff1.XXXXXXXXXX", sizeof(path1));
+ if (strlcpy(path1, rcs_tmpdir, sizeof(path1)) >= sizeof(path1) ||
+ strlcat(path1, "/diff1.XXXXXXXXXX", sizeof(path1)) >= sizeof(path1))
+ errx(1, "path too long");
rcs_buf_write_stmp(b1, path1, 0600);
rcs_buf_free(b1);
@@ -318,8 +328,9 @@ rcsdiff_rev(RCSFILE *file, RCSNUM *rev1, RCSNUM *rev2)
if (utimes(path1, (const struct timeval *)&tv) < 0)
warn("utimes");
- strlcpy(path2, rcs_tmpdir, sizeof(path2));
- strlcat(path2, "/diff2.XXXXXXXXXX", sizeof(path2));
+ if (strlcpy(path2, rcs_tmpdir, sizeof(path2)) >= sizeof(path2) ||
+ strlcat(path2, "/diff2.XXXXXXXXXX", sizeof(path2)) >= sizeof(path2))
+ errx(1, "path too long");
rcs_buf_write_stmp(b2, path2, 0600);
rcs_buf_free(b2);
diff --git a/usr.bin/rcs/rcsnum.c b/usr.bin/rcs/rcsnum.c
index 1c6aa5af620..061ea2073d7 100644
--- a/usr.bin/rcs/rcsnum.c
+++ b/usr.bin/rcs/rcsnum.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rcsnum.c,v 1.1 2006/04/26 02:55:13 joris Exp $ */
+/* $OpenBSD: rcsnum.c,v 1.2 2006/04/29 05:31:28 ray Exp $ */
/*
* Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org>
* All rights reserved.
@@ -106,11 +106,15 @@ rcsnum_tostr(const RCSNUM *nump, char *buf, size_t blen)
return (buf);
}
- strlcpy(buf, rcsnum_itoa(nump->rn_id[0], buf, blen), blen);
+ if (strlcpy(buf, rcsnum_itoa(nump->rn_id[0], buf, blen), blen) >= blen)
+ errx(1, "rcsnum_tostr: string truncated");
for (i = 1; i < nump->rn_len; i++) {
- strlcat(buf, ".", blen);
- strlcat(buf, rcsnum_itoa(nump->rn_id[i], tmp, sizeof(tmp)),
- blen);
+ const char *str;
+
+ str = rcsnum_itoa(nump->rn_id[i], tmp, sizeof(tmp));
+ if (strlcat(buf, ".", blen) >= blen ||
+ strlcat(buf, str, blen) >= blen)
+ errx(1, "rcsnum_tostr: string truncated");
}
return (buf);
diff --git a/usr.bin/rcs/rcsprog.c b/usr.bin/rcs/rcsprog.c
index 0fe107d0c34..7c024123e03 100644
--- a/usr.bin/rcs/rcsprog.c
+++ b/usr.bin/rcs/rcsprog.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rcsprog.c,v 1.121 2006/04/29 05:10:16 ray Exp $ */
+/* $OpenBSD: rcsprog.c,v 1.122 2006/04/29 05:31:28 ray Exp $ */
/*
* Copyright (c) 2005 Jean-Francois Brousseau <jfb@openbsd.org>
* All rights reserved.
@@ -74,8 +74,9 @@ rcs_init(char *envstr, char **argv, int argvlen)
int argc, error;
char linebuf[256], *lp, *cp;
- strlcpy(linebuf, envstr, sizeof(linebuf));
- memset(argv, 0, argvlen * sizeof(char *));
+ if (strlcpy(linebuf, envstr, sizeof(linebuf)) >= sizeof(linebuf))
+ errx(1, "rcs_init: string truncation");
+ (void)memset(argv, 0, argvlen * sizeof(char *));
error = argc = 0;
for (lp = linebuf; lp != NULL;) {
diff --git a/usr.bin/rcs/rcsutil.c b/usr.bin/rcs/rcsutil.c
index 31119174e33..c1ce031ec7c 100644
--- a/usr.bin/rcs/rcsutil.c
+++ b/usr.bin/rcs/rcsutil.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rcsutil.c,v 1.7 2006/04/27 07:59:33 xsa Exp $ */
+/* $OpenBSD: rcsutil.c,v 1.8 2006/04/29 05:31:28 ray Exp $ */
/*
* Copyright (c) 2005, 2006 Joris Vink <joris@openbsd.org>
* Copyright (c) 2006 Xavier Santolaria <xsa@openbsd.org>
@@ -197,7 +197,8 @@ rcs_choosefile(const char *filename, char *out, size_t len)
*/
if (strcmp(rcs_suffixes, "") == 0) {
fd = open(rcspath, O_RDONLY);
- strlcpy(out, rcspath, len);
+ if (strlcpy(out, rcspath, len) >= len)
+ errx(1, "rcs_choosefile: truncation");
return (fd);
}
@@ -263,7 +264,8 @@ rcs_choosefile(const char *filename, char *out, size_t len)
xfree(suffixes);
fd = open(rcspath, O_RDONLY);
- strlcpy(out, rcspath, len);
+ if (strlcpy(out, rcspath, len) >= len)
+ errx(1, "rcs_choosefile: truncation");
return (fd);
}
diff --git a/usr.bin/rcs/xmalloc.c b/usr.bin/rcs/xmalloc.c
index 3d90ca09170..370ab0f99e7 100644
--- a/usr.bin/rcs/xmalloc.c
+++ b/usr.bin/rcs/xmalloc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xmalloc.c,v 1.1 2006/04/26 02:55:13 joris Exp $ */
+/* $OpenBSD: xmalloc.c,v 1.2 2006/04/29 05:31:28 ray Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -84,7 +84,8 @@ xstrdup(const char *str)
len = strlen(str) + 1;
cp = xmalloc(len);
- strlcpy(cp, str, len);
+ if (strlcpy(cp, str, len) >= len)
+ errx(1, "xstrdup: string truncated");
return cp;
}