diff options
| author | Niels Provos <provos@cvs.openbsd.org> | 1999-12-04 01:01:08 +0000 |
|---|---|---|
| committer | Niels Provos <provos@cvs.openbsd.org> | 1999-12-04 01:01:08 +0000 |
| commit | 37a56eed99073283673f4c65bf406c6c658c8068 (patch) | |
| tree | bf295c33d94bdf22fc858d6528bbf96118c03d1d /usr.bin/patch | |
| parent | a64909a2d7f7ce668a1531fa33db963234985274 (diff) | |
avoid overflows
Diffstat (limited to 'usr.bin/patch')
| -rw-r--r-- | usr.bin/patch/patch.c | 14 | ||||
| -rw-r--r-- | usr.bin/patch/pch.c | 14 | ||||
| -rw-r--r-- | usr.bin/patch/util.c | 21 |
3 files changed, 28 insertions, 21 deletions
diff --git a/usr.bin/patch/patch.c b/usr.bin/patch/patch.c index c9e401afd79..e5a75225391 100644 --- a/usr.bin/patch/patch.c +++ b/usr.bin/patch/patch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: patch.c,v 1.12 1999/08/31 21:29:19 espie Exp $ */ +/* $OpenBSD: patch.c,v 1.13 1999/12/04 01:01:06 provos Exp $ */ /* patch - a program to apply diffs to original files * @@ -12,7 +12,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: patch.c,v 1.12 1999/08/31 21:29:19 espie Exp $"; +static char rcsid[] = "$OpenBSD: patch.c,v 1.13 1999/12/04 01:01:06 provos Exp $"; #endif /* not lint */ #include "INTERN.h" @@ -312,7 +312,9 @@ char **argv; if (failed) { failtotal += failed; if (!*rejname) { - Strcpy(rejname, outname); + if (strlcpy(rejname, outname, sizeof(rejname)) >= sizeof(rejname)) + fatal2("filename %s is too long\n", outname); + #ifndef FLEXFILENAMES { char *s = strrchr(rejname,'/'); @@ -325,7 +327,8 @@ char **argv; s[13] = '\0'; } #endif - Strcat(rejname, REJEXT); + if (strlcat(rejname, REJEXT, sizeof(rejname)) >= sizeof(rejname)) + fatal2("filename %s is too long\n", outname); } if (skip_rest_of_patch) { say4("%d out of %d hunks ignored--saving rejects to %s\n", @@ -548,7 +551,8 @@ get_some_switches() strippath = atoi(s); break; case 'r': - Strcpy(rejname, nextarg()); + if (strlcpy(rejname, nextarg(), sizeof(rejname)) >= sizeof(rejname)) + fatal1("argument for -r is too long\n"); break; case 'R': reverse = TRUE; diff --git a/usr.bin/patch/pch.c b/usr.bin/patch/pch.c index 6e9b1ce6546..cb4de9ac51c 100644 --- a/usr.bin/patch/pch.c +++ b/usr.bin/patch/pch.c @@ -1,7 +1,7 @@ -/* $OpenBSD: pch.c,v 1.9 1998/11/25 00:30:26 espie Exp $ */ +/* $OpenBSD: pch.c,v 1.10 1999/12/04 01:01:07 provos Exp $ */ #ifndef lint -static char rcsid[] = "$OpenBSD: pch.c,v 1.9 1998/11/25 00:30:26 espie Exp $"; +static char rcsid[] = "$OpenBSD: pch.c,v 1.10 1999/12/04 01:01:07 provos Exp $"; #endif /* not lint */ #include "EXTERN.h" @@ -454,7 +454,7 @@ another_hunk() p_input_line++; if (ret == Nullch) { if (p_max - p_end < 4) - Strcpy(buf, " \n"); /* assume blank lines got chopped */ + strcpy(buf, " \n"); /* assume blank lines got chopped */ else { if (repl_beginning && repl_could_be_missing) { repl_missing = TRUE; @@ -499,7 +499,7 @@ another_hunk() if (!*s) malformed (); if (strnEQ(s,"0,0",3)) - strcpy(s,s+2); + strcpy(s, s+2); p_first = (LINENUM) atol(s); while (isdigit(*s)) s++; if (*s == ',') { @@ -807,7 +807,7 @@ another_hunk() p_input_line++; if (ret == Nullch) { if (p_max - filldst < 3) - Strcpy(buf, " \n"); /* assume blank lines got chopped */ + strcpy(buf, " \n"); /* assume blank lines got chopped */ else { fatal1("unexpected end of file in patch\n"); } @@ -1023,8 +1023,8 @@ FILE *fp; else indent++; } - if (buf != s) - Strcpy(buf, s); + if (buf != s && strlcpy(buf, s, sizeof(buf)) >= sizeof(buf)) + fatal1("buffer too small in pgets()\n"); } return ret; } diff --git a/usr.bin/patch/util.c b/usr.bin/patch/util.c index f4f3bb8db11..432e0980bb8 100644 --- a/usr.bin/patch/util.c +++ b/usr.bin/patch/util.c @@ -1,7 +1,7 @@ -/* $OpenBSD: util.c,v 1.6 1999/01/11 00:16:32 marc Exp $ */ +/* $OpenBSD: util.c,v 1.7 1999/12/04 01:01:07 provos Exp $ */ #ifndef lint -static char rcsid[] = "$OpenBSD: util.c,v 1.6 1999/01/11 00:16:32 marc Exp $"; +static char rcsid[] = "$OpenBSD: util.c,v 1.7 1999/12/04 01:01:07 provos Exp $"; #endif /* not lint */ #include "EXTERN.h" @@ -45,18 +45,21 @@ char *from, *to; } if (origprae) { - Strcpy(bakname, origprae); - Strcat(bakname, to); + if (strlcpy(bakname, origprae, sizeof(bakname)) >= sizeof(bakname) || + strlcat(bakname, to, sizeof(bakname)) >= sizeof(bakname)) + fatal2("filename %s too long for buffer\n", origprae); } else { #ifndef NODIR char *backupname = find_backup_file_name(to); if (backupname == (char *) 0) fatal1("out of memory\n"); - Strcpy(bakname, backupname); + if (strlcpy(bakname, backupname, sizeof(bakname)) >= sizeof(bakname)) + fatal2("filename %s too long for buffer\n", backupname); free(backupname); #else /* NODIR */ - Strcpy(bakname, to); - Strcat(bakname, simple_backup_suffix); + if (strlcpy(bakname, to, sizeof(bakname)) >= sizeof(bakname) || + strlcat(bakname, simple_backup_suffix, sizeof(bakname)) >= sizeof(bakname)) + fatal2("filename %s too long for buffer\n", to); #endif /* NODIR */ } @@ -79,7 +82,7 @@ char *from, *to; if (*s) *s = toupper(*s); else - Strcpy(simplename, simplename+1); + strcpy(simplename, simplename+1); } while (unlink(bakname) >= 0) ; /* while() is for benefit of Eunice */ #ifdef DEBUGGING @@ -358,7 +361,7 @@ bool striplast; if (stat(tmpbuf, &sbuf) && errno == ENOENT) { while (*s) s++; *s++ = ' '; - strcpy(s, tmpbuf); + strlcpy(s, tmpbuf, strlen(s) + 1); } *dirv[i] = '/'; } |