src - OpenBSD base system

diff options


context:
space:
mode:

author	Hakan Olsson <ho@cvs.openbsd.org>	2002-01-03 16:27:42 +0000
committer	Hakan Olsson <ho@cvs.openbsd.org>	2002-01-03 16:27:42 +0000
commit	4489c1820c489738cc69b3d150d036f405ed8a14 (patch)
tree	485b5f0d859ad04ce1f4576b23676aa7f1be9ad9 /sbin
parent	3c1bd46556c17c2cdb2c0f3a8c593614e6864150 (diff)

str[n]{cpy,cat} -> strl{cpy,cat}, sprintf -> snprintf

Diffstat (limited to 'sbin')

-rw-r--r--

sbin/isakmpd/conf.c

-rw-r--r--

sbin/isakmpd/dnssec.c

-rw-r--r--

sbin/isakmpd/exchange.c

-rw-r--r--

sbin/isakmpd/field.c

-rw-r--r--

sbin/isakmpd/log.c

-rw-r--r--

sbin/isakmpd/regress/rsakeygen/rsakeygen.c

-rw-r--r--

sbin/isakmpd/regress/x509/x509test.c

-rw-r--r--

sbin/isakmpd/udp.c

8 files changed, 50 insertions, 49 deletions

diff --git a/sbin/isakmpd/conf.c b/sbin/isakmpd/conf.c
index 10e369dd548..8e100759361 100644
--- a/sbin/isakmpd/conf.c
+++ b/sbin/isakmpd/conf.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: conf.c,v 1.34 2001/10/05 05:59:06 ho Exp $ */

+/* $OpenBSD: conf.c,v 1.35 2002/01/03 16:27:41 ho Exp $ */

/* $EOM: conf.c,v 1.48 2000/12/04 02:04:29 angelos Exp $ */

@@ -250,8 +250,7 @@ conf_parse_line (int trans, char *line, size_t sz)

if (section)

free (section);

section = malloc (i);

- strncpy (section, line + 1, i - 1);

- section[i - 1] = '\0';

+ strlcpy (section, line + 1, i);

return;

}

@@ -372,8 +371,9 @@ conf_find_trans_xf (int phase, char *xf)

static void

conf_load_defaults (int tr)

{

+#define CONF_MAX 256

int enc, auth, hash, proto, mode, pfs;

- char sect[256], *dflt;

+ char sect[CONF_MAX], *dflt;

char *mm_auth[] = { "PRE_SHARED", "DSS", "RSA_SIG", 0 };

char *mm_hash[] = { "MD5", "SHA", 0 };

@@ -432,8 +432,8 @@ conf_load_defaults (int tr)

for (hash = 0; mm_hash[hash]; hash ++)

for (auth = 0; mm_auth[auth]; auth ++)

{

- sprintf (sect, "%s-%s%s", mm_enc_p[enc], mm_hash[hash],

- mm_auth_p[auth]);

+ snprintf (sect, CONF_MAX, "%s-%s%s", mm_enc_p[enc], mm_hash[hash],

+ mm_auth_p[auth]);

#if 0

if (!conf_find_trans_xf (1, sect))

@@ -480,13 +480,14 @@ conf_load_defaults (int tr)

continue;

else

{

- char tmp[256];

+ char tmp[CONF_MAX];

- sprintf (tmp, "QM-%s%s%s%s%s", PROTO (proto), MODE_p (mode),

- qm_enc_p[enc], qm_hash_p[hash], PFS (pfs));

+ snprintf (tmp, CONF_MAX, "QM-%s%s%s%s%s", PROTO (proto),

+ MODE_p (mode), qm_enc_p[enc], qm_hash_p[hash],

+ PFS (pfs));

- strcpy (sect, tmp);

- strcat (sect, "-SUITE");

+ strlcpy (sect, tmp, CONF_MAX);

+ strlcat (sect, "-SUITE", CONF_MAX);

#if 0

if (!conf_find_trans_xf (2, sect))

@@ -498,11 +499,11 @@ conf_load_defaults (int tr)

conf_set (tr, sect, "Protocols", tmp, 0, 1);

- sprintf (sect, "IPSEC_%s", PROTO (proto));

+ snprintf (sect, CONF_MAX, "IPSEC_%s", PROTO (proto));

conf_set (tr, tmp, "PROTOCOL_ID", sect, 0, 1);

- strcpy (sect, tmp);

- strcat (sect, "-XF");

+ strlcpy (sect, tmp, CONF_MAX);

+ strlcat (sect, "-XF", CONF_MAX);

conf_set (tr, tmp, "Transforms", sect, 0, 1);

/* XXX For now, defaults contain just one xf per protocol. */

diff --git a/sbin/isakmpd/dnssec.c b/sbin/isakmpd/dnssec.c
index c81f2fcdb68..c84c794df54 100644
--- a/sbin/isakmpd/dnssec.c
+++ b/sbin/isakmpd/dnssec.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: dnssec.c,v 1.11 2001/08/23 14:17:08 aaron Exp $ */

+/* $OpenBSD: dnssec.c,v 1.12 2002/01/03 16:27:41 ho Exp $ */

@@ -121,7 +121,7 @@ dns_get_key (int type, struct message *msg, int *keylen)

if (id_len < sizeof ip4)

return 0;

memcpy (&ip4, id + ISAKMP_ID_DATA_OFF, sizeof ip4);

- sprintf (name, "%d.%d.%d.%d.in-addr.arpa.", ip4 >> 24,

+ snprintf (name, MAXHOSTNAMELEN, "%d.%d.%d.%d.in-addr.arpa.", ip4 >> 24,

(ip4 >> 16) & 0xFF, (ip4 >> 8) & 0xFF, ip4 & 0xFF);

break;

@@ -157,7 +157,8 @@ dns_get_key (int type, struct message *msg, int *keylen)

}

*umark++ = '\0';

/* id is now terminated. 'umark', however, is not. */

- sprintf (name, "%s%s", id + ISAKMP_ID_DATA_OFF, DNS_UFQDN_SEPARATOR);

+ snprintf (name, MAXHOSTNAMELEN, "%s%s", id + ISAKMP_ID_DATA_OFF,

+ DNS_UFQDN_SEPARATOR);

memcpy (name + strlen (name), umark, id_len - strlen (id) - 1);

*(name + id_len + sizeof (DNS_UFQDN_SEPARATOR) - 2) = '.';

*(name + id_len + sizeof (DNS_UFQDN_SEPARATOR) - 1) = '\0';

diff --git a/sbin/isakmpd/exchange.c b/sbin/isakmpd/exchange.c
index 83c01f8127a..68b028306fd 100644
--- a/sbin/isakmpd/exchange.c
+++ b/sbin/isakmpd/exchange.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: exchange.c,v 1.62 2001/08/25 22:13:27 niklas Exp $ */

+/* $OpenBSD: exchange.c,v 1.63 2002/01/03 16:27:41 ho Exp $ */

/* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */

@@ -1118,12 +1118,12 @@ exchange_dump_real (char *header, struct exchange *exchange, int class,

/* Include phase 2 SA list for this exchange */

if (exchange->phase == 2)

{

- sprintf (buf, "sa_list ");

+ snprintf (buf, bufsize_max, "sa_list ");

for (sa = TAILQ_FIRST (&exchange->sa_list);

sa && strlen (buf) < bufsize_max; sa = TAILQ_NEXT (sa, next))

sprintf (buf + strlen (buf), "%p ", sa);

if (sa)

- strcat (buf, "...");

+ strlcat (buf, "...", bufsize_max);

}

else

buf[0] = '\0';

@@ -1273,12 +1273,11 @@ exchange_check_old_sa (struct sa *sa, void *v_arg)

return 0;

if (sa->initiator)

- strncpy (res1, ipsec_decode_ids ("%s %s", sa->id_i, sa->id_i_len, sa->id_r,

+ strlcpy (res1, ipsec_decode_ids ("%s %s", sa->id_i, sa->id_i_len, sa->id_r,

sa->id_r_len, 0), sizeof res1);

else

- strncpy (res1, ipsec_decode_ids ("%s %s", sa->id_r, sa->id_r_len, sa->id_i,

+ strlcpy (res1, ipsec_decode_ids ("%s %s", sa->id_r, sa->id_r_len, sa->id_i,

sa->id_i_len, 0), sizeof res1);

- res1[sizeof res1 - 1] = '\0';

LOG_DBG ((LOG_EXCHANGE, 30,

"checking whether new SA replaces existing SA with IDs %s", res1));

diff --git a/sbin/isakmpd/field.c b/sbin/isakmpd/field.c
index bbdec734d21..d1476709292 100644
--- a/sbin/isakmpd/field.c
+++ b/sbin/isakmpd/field.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: field.c,v 1.8 2000/02/25 17:23:39 niklas Exp $ */

+/* $OpenBSD: field.c,v 1.9 2002/01/03 16:27:41 ho Exp $ */

/* $EOM: field.c,v 1.11 2000/02/20 19:58:37 niklas Exp $ */

@@ -74,7 +74,7 @@ field_debug_raw (u_int8_t *buf, size_t len, struct constant_map **maps)

retval = malloc (3 + len * 2);

if (!retval)

return 0;

- strcpy (retval, "0x");

+ strlcpy (retval, "0x", 3 + len * 2);

p = retval + 2;

while (len--)

{

@@ -148,7 +148,7 @@ field_debug_mask (u_int8_t *buf, size_t len, struct constant_map **maps)

if (!retval)

return 0;

- strcpy (retval, "[ ");

+ strlcpy (retval, "[ ", buf_sz);

for (bit = 1; bit; bit <<= 1)

{

if (val & bit)

@@ -162,11 +162,11 @@ field_debug_mask (u_int8_t *buf, size_t len, struct constant_map **maps)

return 0;

}

retval = new_buf;

- strcat (retval, name);

- strcat (retval, " ");

+ strlcat (retval, name, buf_sz);

+ strlcat (retval, " ", buf_sz);

}

- strcat (retval, "]");

+ strlcat (retval, "]", buf_sz);

return retval;

}

diff --git a/sbin/isakmpd/log.c b/sbin/isakmpd/log.c
index 9c6ada9dc3b..3b01d77a523 100644
--- a/sbin/isakmpd/log.c
+++ b/sbin/isakmpd/log.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: log.c,v 1.24 2001/10/05 08:18:37 ho Exp $ */

+/* $OpenBSD: log.c,v 1.25 2002/01/03 16:27:41 ho Exp $ */

/* $EOM: log.c,v 1.30 2000/09/29 08:19:23 niklas Exp $ */

@@ -162,15 +162,15 @@ _log_print (int error, int syslog_level, const char *fmt, va_list ap,

t = now.tv_sec;

tm = localtime (&t);

if (class >= 0)

- sprintf (nbuf, "%02d%02d%02d.%06ld %s %02d ", tm->tm_hour,

- tm->tm_min, tm->tm_sec, now.tv_usec, _log_get_class (class),

- level);

+ snprintf (nbuf, LOG_SIZE + 32, "%02d%02d%02d.%06ld %s %02d ",

+ tm->tm_hour, tm->tm_min, tm->tm_sec, now.tv_usec,

+ _log_get_class (class), level);

else /* LOG_PRINT (-1) or LOG_REPORT (-2) */

- sprintf (nbuf, "%02d%02d%02d.%06ld %s ", tm->tm_hour,

- tm->tm_min, tm->tm_sec, now.tv_usec,

- class == LOG_PRINT ? "Default" : "Report>");

- strcat (nbuf, buffer);

- strcat (nbuf, "\n");

+ snprintf (nbuf, LOG_SIZE + 32, "%02d%02d%02d.%06ld %s ", tm->tm_hour,

+ tm->tm_min, tm->tm_sec, now.tv_usec,

+ class == LOG_PRINT ? "Default" : "Report>");

+ strlcat (nbuf, buffer, LOG_SIZE + 32);

+ strlcat (nbuf, "\n", LOG_SIZE + 32);

if (fwrite (nbuf, strlen (nbuf), 1, log_output) == 0)

{

diff --git a/sbin/isakmpd/regress/rsakeygen/rsakeygen.c b/sbin/isakmpd/regress/rsakeygen/rsakeygen.c
index 0dfb4d80f6d..ac3d96bf1a3 100644
--- a/sbin/isakmpd/regress/rsakeygen/rsakeygen.c
+++ b/sbin/isakmpd/regress/rsakeygen/rsakeygen.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: rsakeygen.c,v 1.13 2001/01/27 12:03:38 niklas Exp $ */

+/* $OpenBSD: rsakeygen.c,v 1.14 2002/01/03 16:27:41 ho Exp $ */

/* $EOM: rsakeygen.c,v 1.10 2000/12/21 15:18:53 ho Exp $ */

@@ -81,7 +81,7 @@ main (void)

log_debug_cmd (LOG_CRYPTO, 99);

memset (dec, '\0', sizeof dec);

- strcpy (dec, TEST_STRING);

+ strlcpy (dec, TEST_STRING, 256);

key = LC (RSA_generate_key, (1024, RSA_F4, NULL, NULL));

if (key == NULL)

diff --git a/sbin/isakmpd/regress/x509/x509test.c b/sbin/isakmpd/regress/x509/x509test.c
index 25a937fc90e..7948547a341 100644
--- a/sbin/isakmpd/regress/x509/x509test.c
+++ b/sbin/isakmpd/regress/x509/x509test.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: x509test.c,v 1.17 2001/07/05 12:37:05 ho Exp $ */

+/* $OpenBSD: x509test.c,v 1.18 2002/01/03 16:27:41 ho Exp $ */

/* $EOM: x509test.c,v 1.9 2000/12/21 15:24:25 ho Exp $ */

@@ -249,7 +249,7 @@ main (int argc, char *argv[])

printf ("Testing RSA keys: ");

err = 0;

- strcpy (dec, "Eine kleine Testmeldung");

+ strlcpy (dec, "Eine kleine Testmeldung", 256);

if ((len = LC (RSA_private_encrypt, (strlen (dec), dec, enc, priv_key,

RSA_PKCS1_PADDING))) == -1)

diff --git a/sbin/isakmpd/udp.c b/sbin/isakmpd/udp.c
index 30611d4fa8a..5d9b7871f6c 100644
--- a/sbin/isakmpd/udp.c
+++ b/sbin/isakmpd/udp.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: udp.c,v 1.53 2001/10/26 13:29:26 ho Exp $ */

+/* $OpenBSD: udp.c,v 1.54 2002/01/03 16:27:41 ho Exp $ */

/* $EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $ */

@@ -351,7 +351,7 @@ udp_bind_if (char *ifname, struct sockaddr *if_addr, void *arg)

if_addr->sa_family);

return;

}

- strncpy (flags_ifr.ifr_name, ifname, sizeof flags_ifr.ifr_name - 1);

+ strlcpy (flags_ifr.ifr_name, ifname, sizeof flags_ifr.ifr_name);

if (ioctl (s, SIOCGIFFLAGS, (caddr_t)&flags_ifr) == -1)

{

log_error ("udp_bind_if: ioctl (%d, SIOCGIFFLAGS, ...) failed", s);

@@ -818,7 +818,7 @@ udp_decode_ids (struct transport *t)

idsrc, sizeof idsrc, NULL, 0, NI_NUMERICHOST) != 0)

{

log_print ("udp_decode_ids: getnameinfo () failed for 'src'");

- strcpy (idsrc, "<error>");

+ strlcpy (idsrc, "<error>", 256);

}

if (getnameinfo (((struct udp_transport *)t)->dst,

@@ -826,14 +826,14 @@ udp_decode_ids (struct transport *t)

iddst, sizeof iddst, NULL, 0, NI_NUMERICHOST) != 0)

{

log_print ("udp_decode_ids: getnameinfo () failed for 'dst'");

- strcpy (iddst, "<error>");

+ strlcpy (iddst, "<error>", 256);

}

#else

- strcpy (idsrc, inet_ntoa (((struct udp_transport *)t)->src.sin_addr));

- strcpy (iddst, inet_ntoa (((struct udp_transport *)t)->dst.sin_addr));

+ strlcpy (idsrc, inet_ntoa (((struct udp_transport *)t)->src.sin_addr), 256);

+ strlcpy (iddst, inet_ntoa (((struct udp_transport *)t)->dst.sin_addr), 256);

#endif /* HAVE_GETNAMEINFO */

- sprintf (result, "src: %s dst: %s", idsrc, iddst);

+ snprintf (result, 1024, "src: %s dst: %s", idsrc, iddst);

return result;

}