summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/bind/bin/dig/dig.c4
-rw-r--r--usr.sbin/bind/bin/dnssec/dnssec-makekeyset.c10
-rw-r--r--usr.sbin/bind/bin/dnssec/dnssec-signkey.c9
-rw-r--r--usr.sbin/bind/bin/dnssec/dnssec-signzone.c7
-rw-r--r--usr.sbin/bind/bin/dnssec/dnssectool.c2
-rw-r--r--usr.sbin/bind/bin/named/main.c2
-rw-r--r--usr.sbin/bind/bin/named/unix/os.c7
-rw-r--r--usr.sbin/bind/bin/tests/db_test.c4
-rw-r--r--usr.sbin/bind/bin/tests/dst/t_dst.c6
-rw-r--r--usr.sbin/bind/bin/tests/hash_test.c14
-rw-r--r--usr.sbin/bind/bin/tests/nxtify.c2
-rw-r--r--usr.sbin/bind/bin/tests/rwlock_test.c2
-rw-r--r--usr.sbin/bind/bin/tests/shutdown_test.c4
-rw-r--r--usr.sbin/bind/bin/tests/sock_test.c22
14 files changed, 50 insertions, 45 deletions
diff --git a/usr.sbin/bind/bin/dig/dig.c b/usr.sbin/bind/bin/dig/dig.c
index 530cac3201d..bcbb3ac99cd 100644
--- a/usr.sbin/bind/bin/dig/dig.c
+++ b/usr.sbin/bind/bin/dig/dig.c
@@ -1127,7 +1127,7 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only,
if (homedir != NULL)
snprintf(rcfile, sizeof(rcfile), "%s/.digrc", homedir);
else
- strcpy(rcfile, ".digrc");
+ strlcpy(rcfile, ".digrc", sizeof(rcfile));
batchfp = fopen(rcfile, "r");
if (batchfp != NULL) {
while (fgets(batchline, sizeof(batchline),
@@ -1312,7 +1312,7 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only,
lookup->trace_root = ISC_TF(lookup->trace ||
lookup->ns_search_only);
lookup->new_search = ISC_TRUE;
- strcpy(lookup->textname, ".");
+ strlcpy(lookup->textname, ".", sizeof(lookup->textname));
lookup->rdtype = dns_rdatatype_ns;
lookup->rdtypeset = ISC_TRUE;
if (firstarg) {
diff --git a/usr.sbin/bind/bin/dnssec/dnssec-makekeyset.c b/usr.sbin/bind/bin/dnssec/dnssec-makekeyset.c
index 669db9ec070..fb63523b75e 100644
--- a/usr.sbin/bind/bin/dnssec/dnssec-makekeyset.c
+++ b/usr.sbin/bind/bin/dnssec/dnssec-makekeyset.c
@@ -284,13 +284,13 @@ main(int argc, char *argv[]) {
savednamestr, namestr);
}
if (output == NULL) {
- output = isc_mem_allocate(mctx,
- strlen("keyset-") +
- strlen(namestr) + 1);
+ size_t len;
+ len = strlen("keyset=") + strlen(namestr) + 1;
+ output = isc_mem_allocate(mctx, len);
if (output == NULL)
fatal("out of memory");
- strcpy(output, "keyset-");
- strcat(output, namestr);
+ strlcpy(output, "keyset-", len);
+ strlcat(output, namestr, len);
}
if (domain == NULL) {
dns_fixedname_init(&fdomain);
diff --git a/usr.sbin/bind/bin/dnssec/dnssec-signkey.c b/usr.sbin/bind/bin/dnssec/dnssec-signkey.c
index 69f587fd03e..0f09c668402 100644
--- a/usr.sbin/bind/bin/dnssec/dnssec-signkey.c
+++ b/usr.sbin/bind/bin/dnssec/dnssec-signkey.c
@@ -180,6 +180,7 @@ main(int argc, char *argv[]) {
unsigned int eflags;
dns_rdataclass_t rdclass;
static isc_boolean_t tryverify = ISC_FALSE;
+ size_t len;
result = isc_mem_create(0, 0, &mctx);
check_result(result, "isc_mem_create()");
@@ -302,12 +303,12 @@ main(int argc, char *argv[]) {
check_result(result, "dns_name_tofilenametext()");
isc_buffer_putuint8(&b, 0);
- output = isc_mem_allocate(mctx,
- strlen("signedkey-") + strlen(tdomain) + 1);
+ len = strlen("signedkey-") + strlen(tdomain) + 1;
+ output = isc_mem_allocate(mctx, len);
if (output == NULL)
fatal("out of memory");
- strcpy(output, "signedkey-");
- strcat(output, tdomain);
+ strlcpy(output, "signedkey-", len);
+ strlcat(output, tdomain, len);
version = NULL;
dns_db_newversion(db, &version);
diff --git a/usr.sbin/bind/bin/dnssec/dnssec-signzone.c b/usr.sbin/bind/bin/dnssec/dnssec-signzone.c
index 74d302e6f3f..06576336b97 100644
--- a/usr.sbin/bind/bin/dnssec/dnssec-signzone.c
+++ b/usr.sbin/bind/bin/dnssec/dnssec-signzone.c
@@ -1669,12 +1669,13 @@ main(int argc, char *argv[]) {
argv += 1;
if (output == NULL) {
+ size_t len;
free_output = ISC_TRUE;
- output = isc_mem_allocate(mctx,
- strlen(file) + strlen(".signed") + 1);
+ len = strlen(file) + strlen(".signed") + 1;
+ output = isc_mem_allocate(mctx, len);
if (output == NULL)
fatal("out of memory");
- sprintf(output, "%s.signed", file);
+ snprintf(output, len, "%s.signed", file);
}
if (origin == NULL)
diff --git a/usr.sbin/bind/bin/dnssec/dnssectool.c b/usr.sbin/bind/bin/dnssec/dnssectool.c
index cdbd54e489e..10fbe976fb9 100644
--- a/usr.sbin/bind/bin/dnssec/dnssectool.c
+++ b/usr.sbin/bind/bin/dnssec/dnssectool.c
@@ -246,7 +246,7 @@ strtotime(char *str, isc_int64_t now, isc_int64_t base) {
val = now + offset;
} else if (strlen(str) == 8) {
char timestr[15];
- sprintf(timestr, "%s000000", str);
+ snprintf(timestr, sizeof(timestr), "%s000000", str);
result = dns_time64_fromtext(timestr, &val);
if (result != ISC_R_SUCCESS)
fatal("time value %s is invalid", str);
diff --git a/usr.sbin/bind/bin/named/main.c b/usr.sbin/bind/bin/named/main.c
index 9d628beb6fc..c8d12b04c44 100644
--- a/usr.sbin/bind/bin/named/main.c
+++ b/usr.sbin/bind/bin/named/main.c
@@ -269,7 +269,7 @@ save_command_line(int argc, char *argv[]) {
INSIST(sizeof(saved_command_line) >= sizeof(truncated));
if (dst == eob)
- strcpy(eob - sizeof(truncated), truncated);
+ strlcpy(eob - sizeof(truncated), truncated, sizeof(truncated));
else
*dst = '\0';
}
diff --git a/usr.sbin/bind/bin/named/unix/os.c b/usr.sbin/bind/bin/named/unix/os.c
index e94088699f4..8f610ccf1f3 100644
--- a/usr.sbin/bind/bin/named/unix/os.c
+++ b/usr.sbin/bind/bin/named/unix/os.c
@@ -495,15 +495,14 @@ open_pidfile(const char *filename, isc_boolean_t first_time) {
cleanup_pidfile();
- len = strlen(filename);
- pidfile = malloc(len + 1);
+ len = strlen(filename) + 1;
+ pidfile = malloc(len);
if (pidfile == NULL) {
isc__strerror(errno, strbuf, sizeof(strbuf));
(*report)("couldn't malloc '%s': %s", filename, strbuf);
return -1;
}
- /* This is safe. */
- strcpy(pidfile, filename);
+ strlcpy(pidfile, filename, len);
fd = safe_open(filename, ISC_FALSE);
if (fd < 0) {
diff --git a/usr.sbin/bind/bin/tests/db_test.c b/usr.sbin/bind/bin/tests/db_test.c
index d3717ebc438..28c32f1f5a4 100644
--- a/usr.sbin/bind/bin/tests/db_test.c
+++ b/usr.sbin/bind/bin/tests/db_test.c
@@ -387,7 +387,7 @@ main(int argc, char *argv[]) {
- strcpy(dbtype, "rbt");
+ strlcpy(dbtype, "rbt", sizeof(dbtype));
while ((ch = isc_commandline_parse(argc, argv, "c:d:t:z:P:Q:glpqvT"))
!= -1) {
switch (ch) {
@@ -399,7 +399,7 @@ main(int argc, char *argv[]) {
isc_result_totext(result));
break;
case 'd':
- strcpy(dbtype, isc_commandline_argument);
+ strlcpy(dbtype, isc_commandline_argument, sizeof(dbtype));
break;
case 'g':
options |= (DNS_DBFIND_GLUEOK|DNS_DBFIND_VALIDATEGLUE);
diff --git a/usr.sbin/bind/bin/tests/dst/t_dst.c b/usr.sbin/bind/bin/tests/dst/t_dst.c
index eba3374d118..9758cab8037 100644
--- a/usr.sbin/bind/bin/tests/dst/t_dst.c
+++ b/usr.sbin/bind/bin/tests/dst/t_dst.c
@@ -73,9 +73,9 @@ cleandir(char *path) {
continue;
if (! strcmp(pe->d_name, ".."))
continue;
- strcpy(fullname, path);
- strcat(fullname, "/");
- strcat(fullname, pe->d_name);
+ strlcpy(fullname, path, sizeof(fullname));
+ strlcat(fullname, "/", sizeof(fullname));
+ strlcat(fullname, pe->d_name, sizeof(fullname));
if (remove(fullname))
t_info("remove(%s) failed %d\n", fullname, errno);
diff --git a/usr.sbin/bind/bin/tests/hash_test.c b/usr.sbin/bind/bin/tests/hash_test.c
index 8d27619c120..b8fb37daf56 100644
--- a/usr.sbin/bind/bin/tests/hash_test.c
+++ b/usr.sbin/bind/bin/tests/hash_test.c
@@ -58,21 +58,21 @@ main(int argc, char **argv) {
s = "abc";
isc_sha1_init(&sha1);
- strcpy(buffer, s);
+ strlcpy(buffer, s, sizeof(buffer));
isc_sha1_update(&sha1, buffer, strlen(s));
isc_sha1_final(&sha1, digest);
print_digest(buffer, "sha1", digest, 5);
s = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
isc_sha1_init(&sha1);
- strcpy(buffer, s);
+ strlcpy(buffer, s, sizeof(buffer));
isc_sha1_update(&sha1, buffer, strlen(s));
isc_sha1_final(&sha1, digest);
print_digest(buffer, "sha1", digest, 5);
s = "abc";
isc_md5_init(&md5);
- strcpy(buffer, s);
+ strlcpy(buffer, s, sizeof(buffer));
isc_md5_update(&md5, buffer, strlen(s));
isc_md5_final(&md5, digest);
print_digest(buffer, "md5", digest, 4);
@@ -83,15 +83,15 @@ main(int argc, char **argv) {
s = "Hi There";
memset(key, 0x0b, 16);
isc_hmacmd5_init(&hmacmd5, key, 16);
- strcpy(buffer, s);
+ strlcpy(buffer, s, sizeof(buffer));
isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
isc_hmacmd5_sign(&hmacmd5, digest);
print_digest(buffer, "hmacmd5", digest, 4);
s = "what do ya want for nothing?";
- strcpy(key, "Jefe");
+ strlcpy(key, "Jefe", sizeof(key));
isc_hmacmd5_init(&hmacmd5, key, 4);
- strcpy(buffer, s);
+ strlcpy(buffer, s, sizeof(buffer));
isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
isc_hmacmd5_sign(&hmacmd5, digest);
print_digest(buffer, "hmacmd5", digest, 4);
@@ -103,7 +103,7 @@ main(int argc, char **argv) {
"\335\335\335\335\335\335\335\335\335\335";
memset(key, 0xaa, 16);
isc_hmacmd5_init(&hmacmd5, key, 16);
- strcpy(buffer, s);
+ strlcpy(buffer, s, sizeof(buffer));
isc_hmacmd5_update(&hmacmd5, buffer, strlen(s));
isc_hmacmd5_sign(&hmacmd5, digest);
print_digest(buffer, "hmacmd5", digest, 4);
diff --git a/usr.sbin/bind/bin/tests/nxtify.c b/usr.sbin/bind/bin/tests/nxtify.c
index c5c8ef8cc80..2a0d9c4ee7f 100644
--- a/usr.sbin/bind/bin/tests/nxtify.c
+++ b/usr.sbin/bind/bin/tests/nxtify.c
@@ -186,7 +186,7 @@ nxtify(char *filename) {
len = strlen(filename);
if (len + 4 + 1 > sizeof newfilename)
fatal("filename too long");
- sprintf(newfilename, "%s.new", filename);
+ snprintf(newfilename, sizeof(newfilename), "%s.new", filename);
result = dns_db_dump(db, NULL, newfilename);
check_result(result, "dns_db_dump");
dns_db_detach(&db);
diff --git a/usr.sbin/bind/bin/tests/rwlock_test.c b/usr.sbin/bind/bin/tests/rwlock_test.c
index cc6629a87ff..ff24875f7cb 100644
--- a/usr.sbin/bind/bin/tests/rwlock_test.c
+++ b/usr.sbin/bind/bin/tests/rwlock_test.c
@@ -107,7 +107,7 @@ main(int argc, char *argv[]) {
RUNTIME_CHECK(isc_rwlock_init(&lock, 5, 10) == ISC_R_SUCCESS);
for (i = 0; i < nworkers; i++) {
- sprintf(name, "%02u", i);
+ snprintf(name, sizeof(name), "%02u", i);
dupname = strdup(name);
RUNTIME_CHECK(dupname != NULL);
if (i != 0 && i % 3 == 0)
diff --git a/usr.sbin/bind/bin/tests/shutdown_test.c b/usr.sbin/bind/bin/tests/shutdown_test.c
index 6ad2347105e..4fc5c61c1fa 100644
--- a/usr.sbin/bind/bin/tests/shutdown_test.c
+++ b/usr.sbin/bind/bin/tests/shutdown_test.c
@@ -145,9 +145,9 @@ new_task(isc_mem_t *mctx, const char *name) {
ti->ticks = 0;
if (name != NULL) {
INSIST(strlen(name) < sizeof(ti->name));
- strcpy(ti->name, name);
+ strlcpy(ti->name, name, sizeof(ti->name));
} else
- sprintf(ti->name, "%d", task_count);
+ snprintf(ti->name, sizeof(ti->name), "%d", task_count);
RUNTIME_CHECK(isc_task_create(task_manager, 0, &ti->task) ==
ISC_R_SUCCESS);
RUNTIME_CHECK(isc_task_onshutdown(ti->task, shutdown_action, ti) ==
diff --git a/usr.sbin/bind/bin/tests/sock_test.c b/usr.sbin/bind/bin/tests/sock_test.c
index 8bf9baaf0d1..df8f9f31d42 100644
--- a/usr.sbin/bind/bin/tests/sock_test.c
+++ b/usr.sbin/bind/bin/tests/sock_test.c
@@ -107,12 +107,14 @@ my_recv(isc_task_t *task, isc_event_t *event) {
* Echo the data back.
*/
if (strcmp(event->ev_arg, "so2") != 0) {
+ size_t len;
region = dev->region;
- sprintf(buf, "\r\nReceived: %.*s\r\n\r\n",
+ snprintf(buf, sizeof(buf), "\r\nReceived: %.*s\r\n\r\n",
(int)dev->n, (char *)region.base);
- region.base = isc_mem_get(mctx, strlen(buf) + 1);
- region.length = strlen(buf) + 1;
- strcpy((char *)region.base, buf); /* strcpy is safe */
+ len = strlen(buf) + 1;
+ region.base = isc_mem_get(mctx, len);
+ region.length = len;
+ strlcpy((char *)region.base, buf, len);
isc_socket_send(sock, &region, task, my_send, event->ev_arg);
} else {
region = dev->region;
@@ -157,6 +159,7 @@ my_connect(isc_task_t *task, isc_event_t *event) {
isc_socket_connev_t *dev;
isc_region_t region;
char buf[1024];
+ size_t len;
sock = event->ev_sender;
dev = (isc_socket_connev_t *)event;
@@ -175,11 +178,12 @@ my_connect(isc_task_t *task, isc_event_t *event) {
* Send a GET string, and set up to receive (and just display)
* the result.
*/
- strcpy(buf, "GET / HTTP/1.1\r\nHost: www.flame.org\r\n"
- "Connection: Close\r\n\r\n");
- region.base = isc_mem_get(mctx, strlen(buf) + 1);
- region.length = strlen(buf) + 1;
- strcpy((char *)region.base, buf); /* This strcpy is safe. */
+ strlcpy(buf, "GET / HTTP/1.1\r\nHost: www.flame.org\r\n"
+ "Connection: Close\r\n\r\n", sizeof(buf));
+ len = strlen(buf) + 1;
+ region.base = isc_mem_get(mctx, len);
+ region.length = len;
+ strlcpy((char *)region.base, buf, len);
isc_socket_send(sock, &region, task, my_http_get, event->ev_arg);
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-27 15:31:31 +0000