summaryrefslogtreecommitdiff
path: root/usr.bin/cvs
diff options
context:
space:
mode:
Diffstat (limited to 'usr.bin/cvs')
-rw-r--r--usr.bin/cvs/file.c42
-rw-r--r--usr.bin/cvs/getlog.c11
-rw-r--r--usr.bin/cvs/import.c22
-rw-r--r--usr.bin/cvs/init.c11
-rw-r--r--usr.bin/cvs/repo.c14
-rw-r--r--usr.bin/cvs/util.c4
6 files changed, 81 insertions, 23 deletions
diff --git a/usr.bin/cvs/file.c b/usr.bin/cvs/file.c
index 882c216482c..56e94691b71 100644
--- a/usr.bin/cvs/file.c
+++ b/usr.bin/cvs/file.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: file.c,v 1.60 2005/04/13 20:11:21 joris Exp $ */
+/* $OpenBSD: file.c,v 1.61 2005/04/16 20:05:05 xsa Exp $ */
/*
* Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org>
* All rights reserved.
@@ -124,7 +124,7 @@ static CVSFILE* cvs_file_lget (const char *, int, CVSFILE *);
int
cvs_file_init(void)
{
- int i;
+ int i, l;
size_t len;
char path[MAXPATHLEN], buf[MAXNAMLEN];
FILE *ifp;
@@ -142,7 +142,13 @@ cvs_file_init(void)
/* read the cvsignore file in the user's home directory, if any */
pwd = getpwuid(getuid());
if (pwd != NULL) {
- snprintf(path, sizeof(path), "%s/.cvsignore", pwd->pw_dir);
+ l = snprintf(path, sizeof(path), "%s/.cvsignore", pwd->pw_dir);
+ if (l == -1 || l >= (int)sizeof(path)) {
+ errno = ENAMETOOLONG;
+ cvs_log(LP_ERRNO, "%s", path);
+ return (-1);
+ }
+
ifp = fopen(path, "r");
if (ifp == NULL) {
if (errno != ENOENT)
@@ -531,7 +537,7 @@ cvs_file_attach(CVSFILE *parent, CVSFILE *file)
static int
cvs_file_getdir(CVSFILE *cf, int flags)
{
- int ret, fd;
+ int ret, fd, l;
u_int ndirs;
long base;
u_char *dp, *ep;
@@ -558,7 +564,13 @@ cvs_file_getdir(CVSFILE *cf, int flags)
cvs_mkadmin(cf, 0755);
/* if the CVS administrative directory exists, load the info */
- snprintf(pbuf, sizeof(pbuf), "%s/" CVS_PATH_CVSDIR, fpath);
+ l = snprintf(pbuf, sizeof(pbuf), "%s/" CVS_PATH_CVSDIR, fpath);
+ if (l == -1 || l >= (int)sizeof(pbuf)) {
+ errno = ENAMETOOLONG;
+ cvs_log(LP_ERRNO, "%s", pbuf);
+ return (-1);
+ }
+
if ((stat(pbuf, &st) == 0) && S_ISDIR(st.st_mode)) {
if (cvs_readrepo(fpath, pbuf, sizeof(pbuf)) == 0) {
cdp->cd_repo = strdup(pbuf);
@@ -621,8 +633,16 @@ cvs_file_getdir(CVSFILE *cf, int flags)
continue;
}
- snprintf(pbuf, sizeof(pbuf), "%s/%s", fpath,
+ l = snprintf(pbuf, sizeof(pbuf), "%s/%s", fpath,
ent->d_name);
+ if (l == -1 || l >= (int)sizeof(pbuf)) {
+ errno = ENAMETOOLONG;
+ cvs_log(LP_ERRNO, "%s", pbuf);
+
+ (void)close(fd);
+ return (-1);
+ }
+
cfp = cvs_file_lget(pbuf, flags, cf);
if (cfp == NULL) {
(void)close(fd);
@@ -645,8 +665,16 @@ cvs_file_getdir(CVSFILE *cf, int flags)
* entry in the Entries file but no file on disk
*/
while ((cvsent = cvs_ent_next(cdp->cd_ent)) != NULL) {
- snprintf(pbuf, sizeof(pbuf), "%s/%s", fpath,
+ l = snprintf(pbuf, sizeof(pbuf), "%s/%s", fpath,
cvsent->ce_name);
+ if (l == -1 || l >= (int)sizeof(pbuf)) {
+ errno = ENAMETOOLONG;
+ cvs_log(LP_ERRNO, "%s", pbuf);
+
+ (void)close(fd);
+ return (-1);
+ }
+
cfp = cvs_file_lget(pbuf, flags, cf);
if (cfp != NULL) {
if (cfp->cf_type == DT_DIR) {
diff --git a/usr.bin/cvs/getlog.c b/usr.bin/cvs/getlog.c
index 7be8167733c..ec0bb9d64b6 100644
--- a/usr.bin/cvs/getlog.c
+++ b/usr.bin/cvs/getlog.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getlog.c,v 1.21 2005/04/13 19:44:42 jfb Exp $ */
+/* $OpenBSD: getlog.c,v 1.22 2005/04/16 20:05:05 xsa Exp $ */
/*
* Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org>
* All rights reserved.
@@ -157,7 +157,7 @@ cvs_getlog_remote(CVSFILE *cf, void *arg)
static int
cvs_getlog_local(CVSFILE *cf, void *arg)
{
- int nrev;
+ int nrev, l;
char rcspath[MAXPATHLEN], numbuf[64];
char *repo;
RCSFILE *rf;
@@ -180,8 +180,13 @@ cvs_getlog_local(CVSFILE *cf, void *arg)
root = CVS_DIR_ROOT(cf);
repo = CVS_DIR_REPO(cf);
- snprintf(rcspath, sizeof(rcspath), "%s/%s/%s%s",
+ l = snprintf(rcspath, sizeof(rcspath), "%s/%s/%s%s",
root->cr_dir, repo, CVS_FILE_NAME(cf), RCS_FILE_EXT);
+ if (l == -1 || l >= (int)sizeof(rcspath)) {
+ errno = ENAMETOOLONG;
+ cvs_log(LP_ERRNO, "%s", rcspath);
+ return (-1);
+ }
if (log_rfonly) {
cvs_printf("%s\n", rcspath);
diff --git a/usr.bin/cvs/import.c b/usr.bin/cvs/import.c
index 3b097c89350..9835d5333a4 100644
--- a/usr.bin/cvs/import.c
+++ b/usr.bin/cvs/import.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: import.c,v 1.11 2005/04/12 14:58:40 joris Exp $ */
+/* $OpenBSD: import.c,v 1.12 2005/04/16 20:05:05 xsa Exp $ */
/*
* Copyright (c) 2004 Joris Vink <joris@openbsd.org>
* All rights reserved.
@@ -140,13 +140,18 @@ cvs_import_sendflags(struct cvsroot *root)
int
cvs_import_file(CVSFILE *cfp, void *arg)
{
- int ret;
+ int ret, l;
struct cvsroot *root;
char fpath[MAXPATHLEN], repodir[MAXPATHLEN];
char repo[MAXPATHLEN];
root = CVS_DIR_ROOT(cfp);
- snprintf(repo, sizeof(repo), "%s/%s", root->cr_dir, module);
+ l = snprintf(repo, sizeof(repo), "%s/%s", root->cr_dir, module);
+ if (l == -1 || l >= (int)sizeof(repo)) {
+ errno = ENAMETOOLONG;
+ cvs_log(LP_ERRNO, "%s", repo);
+ return (-1);
+ }
cvs_file_getpath(cfp, fpath, sizeof(fpath));
printf("Importing %s\n", fpath);
@@ -154,8 +159,15 @@ cvs_import_file(CVSFILE *cfp, void *arg)
if (cfp->cf_type == DT_DIR) {
if (!strcmp(CVS_FILE_NAME(cfp), "."))
strlcpy(repodir, repo, sizeof(repodir));
- else
- snprintf(repodir, sizeof(repodir), "%s/%s", repo, fpath);
+ else {
+ l = snprintf(repodir, sizeof(repodir), "%s/%s",
+ repo, fpath);
+ if (l == -1 || l >= (int)sizeof(repodir)) {
+ errno = ENAMETOOLONG;
+ cvs_log(LP_ERRNO, "%s", repodir);
+ return (-1);
+ }
+ }
if (root->cr_method != CVS_METHOD_LOCAL) {
ret = cvs_sendreq(root, CVS_REQ_DIRECTORY, fpath);
if (ret == 0)
diff --git a/usr.bin/cvs/init.c b/usr.bin/cvs/init.c
index 59946c39c7c..3a9ba588751 100644
--- a/usr.bin/cvs/init.c
+++ b/usr.bin/cvs/init.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: init.c,v 1.14 2005/04/12 14:58:40 joris Exp $ */
+/* $OpenBSD: init.c,v 1.15 2005/04/16 20:05:05 xsa Exp $ */
/*
* Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org>
* All rights reserved.
@@ -84,14 +84,19 @@ struct cvs_cmd_info cvs_init = {
int
cvs_init_local(struct cvsroot *root)
{
- int fd;
+ int fd, l;
u_int i;
char path[MAXPATHLEN];
RCSFILE *rfp;
for (i = 0; i < sizeof(cvsroot_files)/sizeof(cvsroot_files[i]); i++) {
- snprintf(path, sizeof(path), "%s/%s", root->cr_dir,
+ l = snprintf(path, sizeof(path), "%s/%s", root->cr_dir,
cvsroot_files[i].cf_path);
+ if (l == -1 || l >= (int)sizeof(path)) {
+ errno = ENAMETOOLONG;
+ cvs_log(LP_ERRNO, "%s", path);
+ return (-1);
+ }
if (cvsroot_files[i].cf_type == CFT_DIR) {
if (mkdir(path, cvsroot_files[i].cf_mode) == -1) {
diff --git a/usr.bin/cvs/repo.c b/usr.bin/cvs/repo.c
index dc32fb43740..6c95dee00b4 100644
--- a/usr.bin/cvs/repo.c
+++ b/usr.bin/cvs/repo.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: repo.c,v 1.2 2005/04/15 08:23:17 xsa Exp $ */
+/* $OpenBSD: repo.c,v 1.3 2005/04/16 20:05:05 xsa Exp $ */
/*
* Copyright (c) 2005 Jean-Francois Brousseau <jfb@openbsd.org>
* All rights reserved.
@@ -473,7 +473,7 @@ cvs_repo_getpath(CVSRPENT *file, char *buf, size_t len)
static CVSRPENT*
cvs_repo_loadrec(CVSREPO *repo, const char *path)
{
- int ret, fd;
+ int ret, fd, l;
long base;
u_char *dp, *ep;
mode_t fmode;
@@ -569,8 +569,16 @@ cvs_repo_loadrec(CVSREPO *repo, const char *path)
(ent->d_name[1] == '.')))
continue;
- snprintf(pbuf, sizeof(pbuf), "%s/%s", path,
+ l = snprintf(pbuf, sizeof(pbuf), "%s/%s", path,
ent->d_name);
+ if (l == -1 || l >= (int)sizeof(pbuf)) {
+ errno = ENAMETOOLONG;
+ cvs_log(LP_ERRNO, "%s", pbuf);
+
+ cvs_repo_entree(cfp);
+ (void)close(fd);
+ return (NULL);
+ }
if ((ent->d_type != DT_DIR) &&
(ent->d_type != DT_REG)) {
diff --git a/usr.bin/cvs/util.c b/usr.bin/cvs/util.c
index f175231779e..47f56fa314c 100644
--- a/usr.bin/cvs/util.c
+++ b/usr.bin/cvs/util.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: util.c,v 1.21 2005/04/16 18:07:35 xsa Exp $ */
+/* $OpenBSD: util.c,v 1.22 2005/04/16 20:05:05 xsa Exp $ */
/*
* Copyright (c) 2004 Jean-Francois Brousseau <jfb@openbsd.org>
* All rights reserved.
@@ -559,7 +559,7 @@ cvs_mkadmin(CVSFILE *cdir, mode_t mode)
(void)fclose(fp);
}
- snprintf(path, sizeof(path), "%s/" CVS_PATH_REPOSITORY, dpath);
+ l = snprintf(path, sizeof(path), "%s/" CVS_PATH_REPOSITORY, dpath);
if (l == -1 || l >= (int)sizeof(path)) {
errno = ENAMETOOLONG;
cvs_log(LP_ERRNO, "%s", path);
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-03 01:11:28 +0000