diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2003-04-08 17:34:54 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2003-04-08 17:34:54 +0000 |
| commit | 717c7abbdce27050e2dc76e5b540f4231abd8d60 (patch) | |
| tree | bb194eaf9e677c575c1114e82acea2300c7d91f1 /usr.sbin | |
| parent | 56311ad000880bf4b89ec59ccc1af228baa6be05 (diff) | |
string shit; ok pval
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/httpd/src/support/ab.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/usr.sbin/httpd/src/support/ab.c b/usr.sbin/httpd/src/support/ab.c index 4127bc47fb3..3fd81c4697f 100644 --- a/usr.sbin/httpd/src/support/ab.c +++ b/usr.sbin/httpd/src/support/ab.c @@ -101,7 +101,6 @@ /* * BUGS: * - * - uses strcpy/etc. * - has various other poor buffer attacks related to the lazy parsing of * response headers from the server * - doesn't implement much of HTTP/1.x, only accepts certain forms of @@ -1352,14 +1351,14 @@ static void test(void) static void copyright(void) { if (!use_html) { - printf("This is ApacheBench, Version %s\n", VERSION " <$Revision: 1.10 $> apache-1.3"); + printf("This is ApacheBench, Version %s\n", VERSION " <$Revision: 1.11 $> apache-1.3"); printf("Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/\n"); printf("Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/\n"); printf("\n"); } else { printf("<p>\n"); - printf(" This is ApacheBench, Version %s <i><%s></i> apache-1.3<br>\n", VERSION, "$Revision: 1.10 $"); printf(" Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/<br>\n"); + printf(" This is ApacheBench, Version %s <i><%s></i> apache-1.3<br>\n", VERSION, "$Revision: 1.11 $"); printf(" Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/<br>\n"); printf(" Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/<br>\n"); printf("</p>\n<p>\n"); } @@ -1440,9 +1439,9 @@ static int parse_url(char * purl) } if ((cp = strchr(purl, '/')) == NULL) return 1; - strcpy(path, cp); + strlcpy(path, cp, sizeof(path)); *cp = '\0'; - strcpy(hostname, h); + strlcpy(hostname, h, sizeof(hostname)); if (p != NULL) port = atoi(p); @@ -1572,7 +1571,7 @@ int main(int argc, char **argv) * something */ break; case 'T': - strcpy(content_type, optarg); + strlcpy(content_type, optarg, sizeof(content_type)); break; case 'C': strncat(cookie, "Cookie: ", sizeof(cookie)-strlen(cookie)-1); @@ -1617,7 +1616,7 @@ int main(int argc, char **argv) p++; proxyport = atoi(p); }; - strcpy(proxyhost, optarg); + strlcpy(proxyhost, optarg, sizeof(proxyhost)); isproxy = 1; } break; @@ -1661,8 +1660,8 @@ int main(int argc, char **argv) fprintf(stderr, "%s: wrong number of arguments\n", argv[0]); usage(argv[0]); } - strcpy(url, argv[optind++]); - strcpy(fullurl, url); + strlcpy(url, argv[optind++], sizeof(url)); + strlcpy(fullurl, url, sizeof(fullurl)); if (parse_url(url)) { fprintf(stderr, "%s: invalid URL\n", argv[0]); usage(argv[0]); |