From 0f64621783b3f46a4851826b9f4284e3c9dbeb61 Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Sun, 6 Apr 2003 18:50:39 +0000 Subject: 2451 lines of strdup/sprintf/strcpy whacking. mostly ok'd by pjanzen already, but he may have later changes to make still. --- games/adventure/extern.h | 3 +- games/adventure/main.c | 11 ++- games/adventure/subr.c | 6 +- games/adventure/wizard.c | 6 +- games/atc/input.c | 12 +-- games/atc/log.c | 13 +-- games/atc/main.c | 26 ++--- games/atc/update.c | 21 ++-- games/backgammon/common_source/board.c | 14 +-- games/banner/banner.c | 10 +- games/cribbage/cribbage.h | 4 +- games/cribbage/score.c | 30 +++--- games/cribbage/support.c | 6 +- games/fortune/fortune/fortune.c | 14 +-- games/fortune/strfile/strfile.c | 6 +- games/gomoku/gomoku.h | 6 +- games/gomoku/main.c | 24 +++-- games/gomoku/pickmove.c | 70 ++++++++----- games/gomoku/stoc.c | 6 +- games/hack/hack.do_name.c | 18 ++-- games/hack/hack.eat.c | 7 +- games/hack/hack.end.c | 51 +++++----- games/hack/hack.fight.c | 6 +- games/hack/hack.invent.c | 10 +- games/hack/hack.main.c | 8 +- games/hack/hack.objnam.c | 175 ++++++++++++++++----------------- games/hack/hack.options.c | 25 ++--- games/hack/hack.pri.c | 14 +-- games/hack/hack.rip.c | 14 +-- games/hack/hack.shk.c | 11 ++- games/hack/hack.topl.c | 14 +-- games/hack/hack.u_init.c | 6 +- games/hack/hack.unix.c | 6 +- games/mille/mille.h | 4 +- games/mille/save.c | 10 +- games/monop/execute.c | 8 +- games/phantasia/convert.c | 11 ++- games/phantasia/fight.c | 8 +- games/phantasia/gamesupport.c | 14 ++- games/phantasia/main.c | 21 ++-- games/phantasia/misc.c | 12 ++- games/phantasia/phantglobs.h | 4 +- games/phantasia/setup.c | 4 +- games/quiz/quiz.c | 6 +- games/rogue/pack.c | 6 +- games/rogue/save.c | 10 +- games/sail/dr_1.c | 13 ++- games/sail/dr_2.c | 51 +++++----- games/sail/dr_3.c | 11 ++- games/sail/extern.h | 8 +- games/sail/lo_main.c | 8 +- games/sail/misc.c | 7 +- games/sail/pl_5.c | 11 ++- games/sail/pl_main.c | 6 +- games/sail/sync.c | 26 ++--- games/tetris/scores.c | 4 +- games/tetris/tetris.c | 4 +- games/trek/getpar.c | 10 +- games/trek/shield.c | 10 +- 59 files changed, 504 insertions(+), 436 deletions(-) diff --git a/games/adventure/extern.h b/games/adventure/extern.h index ebd822e874b..e7ab5385a6f 100644 --- a/games/adventure/extern.h +++ b/games/adventure/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.4 2002/02/16 21:27:08 millert Exp $ */ +/* $OpenBSD: extern.h,v 1.5 2003/04/06 18:50:33 deraadt Exp $ */ /* $NetBSD: extern.h,v 1.3 1997/10/11 01:55:27 lukem Exp $ */ /* @@ -121,7 +121,6 @@ int vocab(const char *, int, int); void prht(void); /* These three used to be functions in vocab.c */ -#define copystr(src, dest) strcpy((dest), (src)) #define weq(str1, str2) (!strncmp((str1), (str2), 5)) #define length(str) (strlen((str)) + 1) diff --git a/games/adventure/main.c b/games/adventure/main.c index 4295750c532..c383bbb1a2d 100644 --- a/games/adventure/main.c +++ b/games/adventure/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.12 2002/05/31 03:39:55 pjanzen Exp $ */ +/* $OpenBSD: main.c,v 1.13 2003/04/06 18:50:33 deraadt Exp $ */ /* $NetBSD: main.c,v 1.5 1996/05/21 21:53:09 mrg Exp $ */ /*- @@ -49,7 +49,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/2/93"; #else -static char rcsid[] = "$OpenBSD: main.c,v 1.12 2002/05/31 03:39:55 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: main.c,v 1.13 2003/04/06 18:50:33 deraadt Exp $"; #endif #endif /* not lint */ @@ -172,7 +172,8 @@ l2600: checkhints(); /* to 2600-2602 */ getin(&wd1, &wd2); if (delhit) { /* user typed a DEL */ delhit = 0; /* reset counter */ - copystr("quit", wd1); /* pretend he's quitting */ + /* pretend he's quitting */ + strcpy(wd1, "quit"); *wd2 = 0; } l2608: if ((foobar = -foobar) > 0) @@ -244,7 +245,7 @@ l19999: k = 43; || (!weq(wd2, "plant") && !weq(wd2, "door"))) goto l2610; if (at(vocab(wd2, 1, 0))) - copystr("pour", wd2); + strcpy(wd2, "pour"); l2610: if (weq(wd1, "west")) if (++iwest == 10) @@ -279,7 +280,7 @@ l8: default: bug(110); } -l2800: copystr(wd2, wd1); +l2800: strcpy(wd1, wd2); *wd2 = 0; goto l2610; diff --git a/games/adventure/subr.c b/games/adventure/subr.c index 731eb999e67..921a63c9185 100644 --- a/games/adventure/subr.c +++ b/games/adventure/subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: subr.c,v 1.4 1998/09/02 06:36:07 pjanzen Exp $ */ +/* $OpenBSD: subr.c,v 1.5 2003/04/06 18:50:33 deraadt Exp $ */ /* $NetBSD: subr.c,v 1.2 1995/03/21 12:05:11 cgd Exp $ */ /*- @@ -43,7 +43,7 @@ #if 0 static char sccsid[] = "@(#)subr.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: subr.c,v 1.4 1998/09/02 06:36:07 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: subr.c,v 1.5 2003/04/06 18:50:33 deraadt Exp $"; #endif #endif /* not lint */ @@ -556,7 +556,7 @@ trsay() /* 9030 */ int i; if (*wd2 != 0) - copystr(wd2, wd1); + strcpy(wd1, wd2); i = vocab(wd1, -1, 0); if (i == 62 || i == 65 || i == 71 || i == 2025) { *wd2 = 0; diff --git a/games/adventure/wizard.c b/games/adventure/wizard.c index c24a0e758ba..2d94312145f 100644 --- a/games/adventure/wizard.c +++ b/games/adventure/wizard.c @@ -1,4 +1,4 @@ -/* $OpenBSD: wizard.c,v 1.9 2002/02/18 06:38:43 deraadt Exp $ */ +/* $OpenBSD: wizard.c,v 1.10 2003/04/06 18:50:33 deraadt Exp $ */ /* $NetBSD: wizard.c,v 1.3 1995/04/24 12:21:41 cgd Exp $ */ /*- @@ -43,7 +43,7 @@ #if 0 static char sccsid[] = "@(#)wizard.c 8.1 (Berkeley) 6/2/93"; #else -static char rcsid[] = "$OpenBSD: wizard.c,v 1.9 2002/02/18 06:38:43 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: wizard.c,v 1.10 2003/04/06 18:50:33 deraadt Exp $"; #endif #endif /* not lint */ @@ -81,7 +81,7 @@ char magic[6]; void poof() { - strcpy(magic, DECR(d,w,a,r,f)); + strlcpy(magic, DECR(d,w,a,r,f), sizeof magic); latncy = 45; } diff --git a/games/atc/input.c b/games/atc/input.c index ee04bfa659e..11117c8c1a6 100644 --- a/games/atc/input.c +++ b/games/atc/input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: input.c,v 1.7 2002/02/16 21:27:08 millert Exp $ */ +/* $OpenBSD: input.c,v 1.8 2003/04/06 18:50:36 deraadt Exp $ */ /* $NetBSD: input.c,v 1.4 1995/04/27 21:22:24 mycroft Exp $ */ /*- @@ -50,7 +50,7 @@ #if 0 static char sccsid[] = "@(#)input.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: input.c,v 1.7 2002/02/16 21:27:08 millert Exp $"; +static char rcsid[] = "$OpenBSD: input.c,v 1.8 2003/04/06 18:50:36 deraadt Exp $"; #endif #endif /* not lint */ @@ -185,7 +185,7 @@ pop() ioclrtoeol(T_POS); - strcpy(T_STR, ""); + strlcpy(T_STR, "", sizeof T_STR); T_RULE = -1; T_CH = -1; return (0); @@ -201,7 +201,7 @@ rezero() T_RULE = -1; T_CH = -1; T_POS = 0; - strcpy(T_STR, ""); + strlcpy(T_STR, "", sizeof T_STR); } void @@ -210,7 +210,7 @@ push(ruleno, ch) { int newstate, newpos; - (void)sprintf(T_STR, st[T_STATE].rule[ruleno].str, tval); + (void)snprintf(T_STR, sizeof T_STR, st[T_STATE].rule[ruleno].str, tval); T_RULE = ruleno; T_CH = ch; newstate = st[T_STATE].rule[ruleno].to_state; @@ -224,7 +224,7 @@ push(ruleno, ch) T_STATE = newstate; T_POS = newpos; T_RULE = -1; - strcpy(T_STR, ""); + strlcpy(T_STR, "", sizeof T_STR); } int diff --git a/games/atc/log.c b/games/atc/log.c index 74a4b292d3f..f8246deca37 100644 --- a/games/atc/log.c +++ b/games/atc/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.10 2002/06/23 03:01:12 deraadt Exp $ */ +/* $OpenBSD: log.c,v 1.11 2003/04/06 18:50:36 deraadt Exp $ */ /* $NetBSD: log.c,v 1.3 1995/03/21 15:04:21 cgd Exp $ */ /*- @@ -50,7 +50,7 @@ #if 0 static char sccsid[] = "@(#)log.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: log.c,v 1.10 2002/06/23 03:01:12 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: log.c,v 1.11 2003/04/06 18:50:36 deraadt Exp $"; #endif #endif /* not lint */ @@ -90,13 +90,14 @@ timestr(t) static char s[80]; if (DAY(t) > 0) - (void)sprintf(s, "%dd+%02dhrs", DAY(t), HOUR(t)); + (void)snprintf(s, sizeof s, "%dd+%02dhrs", DAY(t), HOUR(t)); else if (HOUR(t) > 0) - (void)sprintf(s, "%d:%02d:%02d", HOUR(t), MINUTES(t), SEC(t)); + (void)snprintf(s, sizeof s, "%d:%02d:%02d", + HOUR(t), MINUTES(t), SEC(t)); else if (MINUTES(t) > 0) - (void)sprintf(s, "%d:%02d", MINUTES(t), SEC(t)); + (void)snprintf(s, sizeof s, "%d:%02d", MINUTES(t), SEC(t)); else if (SEC(t) > 0) - (void)sprintf(s, ":%02d", SEC(t)); + (void)snprintf(s, sizeof s, ":%02d", SEC(t)); else *s = '\0'; diff --git a/games/atc/main.c b/games/atc/main.c index db0445b1b98..83215f6b80c 100644 --- a/games/atc/main.c +++ b/games/atc/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.9 2002/12/06 21:48:50 millert Exp $ */ +/* $OpenBSD: main.c,v 1.10 2003/04/06 18:50:36 deraadt Exp $ */ /* $NetBSD: main.c,v 1.4 1995/04/27 21:22:25 mycroft Exp $ */ /*- @@ -56,7 +56,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: main.c,v 1.9 2002/12/06 21:48:50 millert Exp $"; +static char rcsid[] = "$OpenBSD: main.c,v 1.10 2003/04/06 18:50:36 deraadt Exp $"; #endif #endif /* not lint */ @@ -148,7 +148,7 @@ main(ac, av) if (f_printpath) { char buf[256]; - strcpy(buf, _PATH_GAMES); + strlcpy(buf, _PATH_GAMES, sizeof buf); buf[strlen(buf) - 1] = '\0'; puts(buf); } @@ -262,8 +262,8 @@ default_game() static char file[256]; char line[256], games[256]; - strcpy(games, _PATH_GAMES); - strcat(games, GAMES); + strlcpy(games, _PATH_GAMES, sizeof games); + strlcat(games, GAMES, sizeof games); if ((fp = fopen(games, "r")) == NULL) { warn("fopen %s", games); @@ -279,8 +279,8 @@ default_game() warnx("default game name too long"); return (NULL); } - strcpy(file, _PATH_GAMES); - strcat(file, line); + strlcpy(file, _PATH_GAMES, sizeof file); + strlcat(file, line, sizeof file); return (file); } @@ -293,8 +293,8 @@ okay_game(s) const char *ret = NULL; char line[256], games[256]; - strcpy(games, _PATH_GAMES); - strcat(games, GAMES); + strlcpy(games, _PATH_GAMES, sizeof games); + strlcat(games, GAMES, sizeof games); if ((fp = fopen(games, "r")) == NULL) { warn("fopen %s", games); @@ -307,8 +307,8 @@ okay_game(s) warnx("game name too long"); return (NULL); } - strcpy(file, _PATH_GAMES); - strcat(file, line); + strlcpy(file, _PATH_GAMES, sizeof file); + strlcat(file, line, sizeof file); ret = file; break; } @@ -331,8 +331,8 @@ list_games() char line[256], games[256]; int num_games = 0; - strcpy(games, _PATH_GAMES); - strcat(games, GAMES); + strlcpy(games, _PATH_GAMES, sizeof games); + strlcat(games, GAMES, sizeof games); if ((fp = fopen(games, "r")) == NULL) { warn("fopen %s", games); diff --git a/games/atc/update.c b/games/atc/update.c index ecd7cadd099..1df33e4d331 100644 --- a/games/atc/update.c +++ b/games/atc/update.c @@ -1,4 +1,4 @@ -/* $OpenBSD: update.c,v 1.5 2003/03/11 04:47:39 david Exp $ */ +/* $OpenBSD: update.c,v 1.6 2003/04/06 18:50:36 deraadt Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -49,7 +49,7 @@ #if 0 static char sccsid[] = "@(#)update.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: update.c,v 1.5 2003/03/11 04:47:39 david Exp $"; +static char rcsid[] = "$OpenBSD: update.c,v 1.6 2003/04/06 18:50:36 deraadt Exp $"; #endif #endif /* not lint */ @@ -204,8 +204,9 @@ update(dummy) if (too_close(p1, p2, 1)) { static char buf[80]; - (void)sprintf(buf, "collided with plane '%c'.", - name(p2)); + (void)snprintf(buf, sizeof buf, + "collided with plane '%c'.", + name(p2)); loser(p1, buf); } /* @@ -229,21 +230,25 @@ command(pp) buf[0] = '\0'; bp = buf; - (void)sprintf(bp, "%c%d%c%c%d: ", name(pp), pp->altitude, + (void)snprintf(bp, buf + sizeof buf - bp, + "%c%d%c%c%d: ", name(pp), pp->altitude, (pp->fuel < LOWFUEL) ? '*' : ' ', (pp->dest_type == T_AIRPORT) ? 'A' : 'E', pp->dest_no); comm_start = bp = strchr(buf, '\0'); if (pp->altitude == 0) - (void)sprintf(bp, "Holding @ A%d", pp->orig_no); + (void)snprintf(bp, buf + sizeof buf - bp, + "Holding @ A%d", pp->orig_no); else if (pp->new_dir >= MAXDIR || pp->new_dir < 0) strcpy(bp, "Circle"); else if (pp->new_dir != pp->dir) - (void)sprintf(bp, "%d", dir_deg(pp->new_dir)); + (void)snprintf(bp, buf + sizeof buf - bp, + "%d", dir_deg(pp->new_dir)); bp = strchr(buf, '\0'); if (pp->delayd) - (void)sprintf(bp, " @ B%d", pp->delayd_no); + (void)snprintf(bp, buf + sizeof buf - bp, + " @ B%d", pp->delayd_no); bp = strchr(buf, '\0'); if (*comm_start == '\0' && diff --git a/games/backgammon/common_source/board.c b/games/backgammon/common_source/board.c index fa5dfe7c3ca..4d299bfd238 100644 --- a/games/backgammon/common_source/board.c +++ b/games/backgammon/common_source/board.c @@ -1,4 +1,4 @@ -/* $OpenBSD: board.c,v 1.5 2001/06/23 23:50:03 pjanzen Exp $ */ +/* $OpenBSD: board.c,v 1.6 2003/04/06 18:50:36 deraadt Exp $ */ /* * Copyright (c) 1980, 1993 @@ -37,7 +37,7 @@ #if 0 static char sccsid[] = "@(#)board.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: board.c,v 1.5 2001/06/23 23:50:03 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: board.c,v 1.6 2003/04/06 18:50:36 deraadt Exp $"; #endif #endif /* not lint */ @@ -61,7 +61,7 @@ wrboard() goto lastline; addstr("_____________________________________________________\n"); addstr(bl); - strcpy(ln, bl); + strlcpy(ln, bl, sizeof ln); for (j = 1; j < 50; j += 4) { k = j / 4 + (j > 24 ? 12 : 13); ln[j + 1] = k % 10 + '0'; @@ -71,7 +71,7 @@ wrboard() } addstr(ln); for (i = 0; i < 5; i++) { - strcpy(ln, sv); + strlcpy(ln, sv, sizeof ln); for (j = 1; j < 50; j += 4) { k = j / 4 + (j > 24 ? 12 : 13); wrbsub(); @@ -101,12 +101,12 @@ wrboard() ln[l] = '\0'; addstr(ln); } - strcpy(ln, bl); + strlcpy(ln, bl, sizeof ln); ln[25] = 'B'; ln[26] = 'A'; ln[27] = 'R'; addstr(ln); - strcpy(ln, sv); + strlcpy(ln, sv, sizeof ln); for (i = 4; i > -1; i--) { for (j = 1; j < 50; j += 4) { k = ((j > 24 ? 53 : 49) - j) / 4; @@ -137,7 +137,7 @@ wrboard() ln[l] = '\0'; addstr(ln); } - strcpy(ln, bl); + strlcpy(ln, bl, sizeof ln); for (j = 1; j < 50; j += 4) { k = ((j > 24 ? 53 : 49) - j) / 4; ln[j + 1] = k % 10 + '0'; diff --git a/games/banner/banner.c b/games/banner/banner.c index 08b60b4290f..8489256c70d 100644 --- a/games/banner/banner.c +++ b/games/banner/banner.c @@ -1,4 +1,4 @@ -/* $OpenBSD: banner.c,v 1.8 2002/05/31 03:40:00 pjanzen Exp $ */ +/* $OpenBSD: banner.c,v 1.9 2003/04/06 18:50:36 deraadt Exp $ */ /* $NetBSD: banner.c,v 1.4 1995/04/22 11:55:15 cgd Exp $ */ /* @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)banner.c 8.3 (Berkeley) 4/2/94"; #else -static char rcsid[] = "$OpenBSD: banner.c,v 1.8 2002/05/31 03:40:00 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: banner.c,v 1.9 2003/04/06 18:50:36 deraadt Exp $"; #endif #endif /* not lint */ @@ -1065,10 +1065,10 @@ main(argc, argv) /* Have now read in the data. Next get the message to be printed. */ if (*argv) { - strcpy(message, *argv); + strlcpy(message, *argv, sizeof message); while (*++argv) { - strcat(message, " "); - strcat(message, *argv); + strlcat(message, " ", sizeof message); + strlcat(message, *argv, sizeof message); } nchars = strlen(message); } else { diff --git a/games/cribbage/cribbage.h b/games/cribbage/cribbage.h index 918a8f318ce..ea1d5397844 100644 --- a/games/cribbage/cribbage.h +++ b/games/cribbage/cribbage.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cribbage.h,v 1.4 2002/02/16 21:27:09 millert Exp $ */ +/* $OpenBSD: cribbage.h,v 1.5 2003/04/06 18:50:36 deraadt Exp $ */ /* $NetBSD: cribbage.h,v 1.3 1995/03/21 15:08:46 cgd Exp $ */ /* @@ -61,7 +61,7 @@ extern bool rflag; /* if all cuts random */ extern bool quiet; /* if suppress random mess */ extern bool playing; /* currently playing game */ -extern char expl[]; /* string for explanation */ +extern char expl[128]; /* string for explanation */ void addmsg(const char *, ...); int adjust(CARD [], CARD); diff --git a/games/cribbage/score.c b/games/cribbage/score.c index 94423abfac0..3391410950e 100644 --- a/games/cribbage/score.c +++ b/games/cribbage/score.c @@ -1,4 +1,4 @@ -/* $OpenBSD: score.c,v 1.4 2001/08/10 23:50:22 pjanzen Exp $ */ +/* $OpenBSD: score.c,v 1.5 2003/04/06 18:50:36 deraadt Exp $ */ /* $NetBSD: score.c,v 1.3 1995/03/21 15:08:57 cgd Exp $ */ /*- @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)score.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: score.c,v 1.4 2001/08/10 23:50:22 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: score.c,v 1.5 2003/04/06 18:50:36 deraadt Exp $"; #endif #endif /* not lint */ @@ -132,49 +132,51 @@ scorehand(hand, starter, n, crb, do_explain) if (hand[i].suit == starter.suit) { score++; if (do_explain) - strcat(expl, "His Nobs"); + strlcat(expl, "His Nobs", sizeof expl); } h[i] = hand[i]; } if (flag && n >= CINHAND) { if (do_explain && expl[0] != '\0') - strcat(expl, ", "); + strlcat(expl, ", ", sizeof expl); if (starter.suit == k) { score += 5; if (do_explain) - strcat(expl, "Five-flush"); + strlcat(expl, "Five-flush", sizeof expl); } else if (!crb) { score += 4; if (do_explain && expl[0] != '\0') - strcat(expl, ", Four-flush"); + strlcat(expl, ", Four-flush", sizeof expl); else - strcpy(expl, "Four-flush"); + strlcpy(expl, "Four-flush", sizeof expl); } } if (do_explain && expl[0] != '\0') - strcat(expl, ", "); + strlcat(expl, ", ", sizeof expl); h[n] = starter; sorthand(h, n + 1); /* sort by rank */ i = 2 * fifteens(h, n + 1); score += i; if (do_explain) { if (i > 0) { - (void) sprintf(buf, "%d points in fifteens", i); - strcat(expl, buf); + (void) snprintf(buf, sizeof buf, + "%d points in fifteens", i); + strlcat(expl, buf, sizeof expl); } else - strcat(expl, "No fifteens"); + strlcat(expl, "No fifteens", sizeof expl); } i = pairuns(h, n + 1); score += i; if (do_explain) { if (i > 0) { - (void) sprintf(buf, ", %d points in pairs, %d in runs", + (void) snprintf(buf, sizeof buf, + ", %d points in pairs, %d in runs", pairpoints, runpoints); - strcat(expl, buf); + strlcat(expl, buf, sizeof expl); } else - strcat(expl, ", No pairs/runs"); + strlcat(expl, ", No pairs/runs", sizeof expl); } return (score); } diff --git a/games/cribbage/support.c b/games/cribbage/support.c index cebc710659c..8541e9d941e 100644 --- a/games/cribbage/support.c +++ b/games/cribbage/support.c @@ -1,4 +1,4 @@ -/* $OpenBSD: support.c,v 1.5 2001/08/10 23:50:22 pjanzen Exp $ */ +/* $OpenBSD: support.c,v 1.6 2003/04/06 18:50:36 deraadt Exp $ */ /* $NetBSD: support.c,v 1.3 1995/03/21 15:08:59 cgd Exp $ */ /*- @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)support.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: support.c,v 1.5 2001/08/10 23:50:22 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: support.c,v 1.6 2003/04/06 18:50:36 deraadt Exp $"; #endif #endif /* not lint */ @@ -137,7 +137,7 @@ plyrhand(hand, s) bool win; prhand(hand, CINHAND, Playwin, FALSE); - (void) sprintf(prompt, "Your %s scores ", s); + (void) snprintf(prompt, sizeof prompt, "Your %s scores ", s); i = scorehand(hand, turnover, CINHAND, strcmp(s, "crib") == 0, explain); if ((j = number(0, 29, prompt)) == 19) j = 0; diff --git a/games/fortune/fortune/fortune.c b/games/fortune/fortune/fortune.c index bbe88779660..a99dc15718c 100644 --- a/games/fortune/fortune/fortune.c +++ b/games/fortune/fortune/fortune.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fortune.c,v 1.15 2002/05/31 20:40:11 pjanzen Exp $ */ +/* $OpenBSD: fortune.c,v 1.16 2003/04/06 18:50:37 deraadt Exp $ */ /* $NetBSD: fortune.c,v 1.8 1995/03/23 08:28:40 cgd Exp $ */ /*- @@ -47,7 +47,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)fortune.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: fortune.c,v 1.15 2002/05/31 20:40:11 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: fortune.c,v 1.16 2003/04/06 18:50:37 deraadt Exp $"; #endif #endif /* not lint */ @@ -466,10 +466,12 @@ add_file(percent, file, dir, head, tail, parent) if (dir == NULL) { path = file; was_malloc = FALSE; - } - else { - path = do_malloc((unsigned int) (strlen(dir) + strlen(file) + 2)); - (void) strcat(strcat(strcpy(path, dir), "/"), file); + } else { + size_t len; + + len = (unsigned int) (strlen(dir) + strlen(file) + 2); + path = do_malloc(len); + snprintf(path, len, "%s/%s", dir, file); was_malloc = TRUE; } if ((isdir = is_dir(path)) && parent != NULL) { diff --git a/games/fortune/strfile/strfile.c b/games/fortune/strfile/strfile.c index c7e73ff89a6..e7ad75dab9c 100644 --- a/games/fortune/strfile/strfile.c +++ b/games/fortune/strfile/strfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: strfile.c,v 1.11 2002/12/06 21:48:51 millert Exp $ */ +/* $OpenBSD: strfile.c,v 1.12 2003/04/06 18:50:37 deraadt Exp $ */ /* $NetBSD: strfile.c,v 1.4 1995/04/24 12:23:09 cgd Exp $ */ /*- @@ -47,7 +47,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)strfile.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: strfile.c,v 1.11 2002/12/06 21:48:51 millert Exp $"; +static char rcsid[] = "$OpenBSD: strfile.c,v 1.12 2003/04/06 18:50:37 deraadt Exp $"; #endif #endif /* not lint */ @@ -301,7 +301,7 @@ getargs(argc, argv) if (*argv) { Infile = *argv; if (*++argv) - (void) strcpy(Outfile, *argv); + (void) strlcpy(Outfile, *argv, sizeof Outfile); } if (!Infile) { puts("No input file name"); diff --git a/games/gomoku/gomoku.h b/games/gomoku/gomoku.h index a19f098c6a9..bdff4c2c85f 100644 --- a/games/gomoku/gomoku.h +++ b/games/gomoku/gomoku.h @@ -1,4 +1,4 @@ -/* $OpenBSD: gomoku.h,v 1.6 2002/02/17 19:42:20 millert Exp $ */ +/* $OpenBSD: gomoku.h,v 1.7 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1994 * The Regents of the University of California. All rights reserved. @@ -254,7 +254,7 @@ struct ovlp_info { }; extern char *letters; -extern char fmtbuf[]; +extern char fmtbuf[128]; extern char pdir[]; extern int dd[4]; @@ -305,7 +305,7 @@ void markcombo(struct combostr *); #endif void panic(char *); int pickmove(int); -void printcombo(struct combostr *, char *); +void printcombo(struct combostr *, char *, size_t); void qlog(char *); void quit(int); int readinput(FILE *); diff --git a/games/gomoku/main.c b/games/gomoku/main.c index 505f5eecc4e..a14cfeacb10 100644 --- a/games/gomoku/main.c +++ b/games/gomoku/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.13 2002/12/06 21:48:51 millert Exp $ */ +/* $OpenBSD: main.c,v 1.14 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1994 * The Regents of the University of California. All rights reserved. @@ -45,7 +45,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)main.c 8.4 (Berkeley) 5/4/95"; #else -static char rcsid[] = "$OpenBSD: main.c,v 1.13 2002/12/06 21:48:51 millert Exp $"; +static char rcsid[] = "$OpenBSD: main.c,v 1.14 2003/04/06 18:50:37 deraadt Exp $"; #endif #endif /* not lint */ @@ -193,7 +193,7 @@ again: else if (strcmp(buf, "white") == 0) color = WHITE; else { - sprintf(fmtbuf, + snprintf(fmtbuf, sizeof fmtbuf, "Huh? Expected `black' or `white', got `%s'\n", buf); panic(fmtbuf); @@ -299,7 +299,8 @@ again: break; } if (interactive) { - sprintf(fmtbuf, fmt[color], movenum, stoc(curmove)); + snprintf(fmtbuf, sizeof fmtbuf, + fmt[color], movenum, stoc(curmove)); log(fmtbuf); } if ((i = makemove(color, curmove)) != MOVEOK) @@ -397,7 +398,8 @@ top: quit(0); case 'd': /* set debug level */ debug = fmtbuf[1] - '0'; - sprintf(fmtbuf, "Debug set to %d", debug); + snprintf(fmtbuf, sizeof fmtbuf, + "Debug set to %d", debug); dlog(fmtbuf); sleep(1); case 'c': @@ -411,7 +413,8 @@ top: goto top; case 's': /* suggest a move */ i = fmtbuf[1] == 'b' ? BLACK : WHITE; - sprintf(fmtbuf, "suggest %c %s", i == BLACK ? 'B' : 'W', + snprintf(fmtbuf, sizeof fmtbuf, + "suggest %c %s", i == BLACK ? 'B' : 'W', stoc(pickmove(i))); dlog(fmtbuf); goto top; @@ -466,17 +469,20 @@ top: goto top; case 'p': sp = &board[i = ctos(fmtbuf + 1)]; - sprintf(fmtbuf, "V %s %x/%d %d %x/%d %d %d %x", stoc(i), + snprintf(fmtbuf, sizeof fmtbuf, + "V %s %x/%d %d %x/%d %d %d %x", stoc(i), sp->s_combo[BLACK].s, sp->s_level[BLACK], sp->s_nforce[BLACK], sp->s_combo[WHITE].s, sp->s_level[WHITE], sp->s_nforce[WHITE], sp->s_wval, sp->s_flg); dlog(fmtbuf); - sprintf(fmtbuf, "FB %s %x %x %x %x", stoc(i), + snprintf(fmtbuf, sizeof fmtbuf, + "FB %s %x %x %x %x", stoc(i), sp->s_fval[BLACK][0].s, sp->s_fval[BLACK][1].s, sp->s_fval[BLACK][2].s, sp->s_fval[BLACK][3].s); dlog(fmtbuf); - sprintf(fmtbuf, "FW %s %x %x %x %x", stoc(i), + snprintf(fmtbuf, sizeof fmtbuf, + "FW %s %x %x %x %x", stoc(i), sp->s_fval[WHITE][0].s, sp->s_fval[WHITE][1].s, sp->s_fval[WHITE][2].s, sp->s_fval[WHITE][3].s); dlog(fmtbuf); diff --git a/games/gomoku/pickmove.c b/games/gomoku/pickmove.c index bf3f07c7b45..fe42b537e03 100644 --- a/games/gomoku/pickmove.c +++ b/games/gomoku/pickmove.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pickmove.c,v 1.7 2002/05/31 04:21:30 pjanzen Exp $ */ +/* $OpenBSD: pickmove.c,v 1.8 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1994 * The Regents of the University of California. All rights reserved. @@ -39,7 +39,7 @@ #if 0 static char sccsid[] = "@(#)pickmove.c 8.2 (Berkeley) 5/3/95"; #else -static char rcsid[] = "$OpenBSD: pickmove.c,v 1.7 2002/05/31 04:21:30 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: pickmove.c,v 1.8 2003/04/06 18:50:37 deraadt Exp $"; #endif #endif /* not lint */ @@ -102,7 +102,8 @@ pickmove(us) continue; if (debug && (sp->s_combo[BLACK].c.a == 1 || sp->s_combo[WHITE].c.a == 1)) { - sprintf(fmtbuf, "- %s %x/%d %d %x/%d %d %d", stoc(sp - board), + snprintf(fmtbuf, sizeof fmtbuf, + "- %s %x/%d %d %x/%d %d %d", stoc(sp - board), sp->s_combo[BLACK].s, sp->s_level[BLACK], sp->s_nforce[BLACK], sp->s_combo[WHITE].s, sp->s_level[WHITE], @@ -119,14 +120,16 @@ pickmove(us) } if (debug) { - sprintf(fmtbuf, "B %s %x/%d %d %x/%d %d %d", + snprintf(fmtbuf, sizeof fmtbuf, + "B %s %x/%d %d %x/%d %d %d", stoc(sp1 - board), sp1->s_combo[BLACK].s, sp1->s_level[BLACK], sp1->s_nforce[BLACK], sp1->s_combo[WHITE].s, sp1->s_level[WHITE], sp1->s_nforce[WHITE], sp1->s_wval); dlog(fmtbuf); - sprintf(fmtbuf, "W %s %x/%d %d %x/%d %d %d", + snprintf(fmtbuf, sizeof fmtbuf, + "W %s %x/%d %d %x/%d %d %d", stoc(sp2 - board), sp2->s_combo[WHITE].s, sp2->s_level[WHITE], sp2->s_nforce[WHITE], @@ -335,7 +338,8 @@ scanframes(color) d = 2; while (d <= ((unsigned)(movenum + 1) >> 1) && combolen > n) { if (debug) { - sprintf(fmtbuf, "%cL%d %d %d %d", "BW"[color], + snprintf(fmtbuf, sizeof fmtbuf, + "%cL%d %d %d %d", "BW"[color], d, combolen - n, combocnt, elistcnt); dlog(fmtbuf); refresh(); @@ -394,13 +398,15 @@ scanframes(color) #ifdef DEBUG if (combocnt) { - sprintf(fmtbuf, "scanframes: %c combocnt %d", "BW"[color], + snprintf(fmtbuf, sizeof fmtbuf, + "scanframes: %c combocnt %d", "BW"[color], combocnt); dlog(fmtbuf); whatsup(0); } if (elistcnt) { - sprintf(fmtbuf, "scanframes: %c elistcnt %d", "BW"[color], + snprintf(fmtbuf, sizeof fmtbuf, + "scanframes: %c elistcnt %d", "BW"[color], elistcnt); dlog(fmtbuf); whatsup(0); @@ -510,13 +516,14 @@ makecombo2(ocbp, osp, off, s) combocnt++; if (c == 1 && debug > 1) { - sprintf(fmtbuf, "%c c %d %d m %x %x o %d %d", + snprintf(fmtbuf, sizeof fmtbuf, + "%c c %d %d m %x %x o %d %d", "bw"[curcolor], ncbp->c_framecnt[0], ncbp->c_framecnt[1], ncbp->c_emask[0], ncbp->c_emask[1], ncbp->c_voff[0], ncbp->c_voff[1]); dlog(fmtbuf); - printcombo(ncbp, fmtbuf); + printcombo(ncbp, fmtbuf, sizeof fmtbuf); dlog(fmtbuf); } if (c > 1) { @@ -680,7 +687,8 @@ makecombo(ocbp, osp, off, s) sp = &board[vertices[0].o_intersect]; #ifdef DEBUG if (sp->s_occ != EMPTY) { - sprintf(fmtbuf, "loop: %c %s", "BW"[curcolor], + snprintf(fmtbuf, sizeof fmtbuf, + "loop: %c %s", "BW"[curcolor], stoc(sp - board)); dlog(fmtbuf); whatsup(0); @@ -762,13 +770,14 @@ makecombo(ocbp, osp, off, s) } if (c == 1 && debug > 1) { - sprintf(fmtbuf, "%c v%d i%d d%d c %d %d m %x %x o %d %d", + snprintf(fmtbuf, sizeof fmtbuf, + "%c v%d i%d d%d c %d %d m %x %x o %d %d", "bw"[curcolor], verts, ncbp->c_frameindex, ncbp->c_dir, ncbp->c_framecnt[0], ncbp->c_framecnt[1], ncbp->c_emask[0], ncbp->c_emask[1], ncbp->c_voff[0], ncbp->c_voff[1]); dlog(fmtbuf); - printcombo(ncbp, fmtbuf); + printcombo(ncbp, fmtbuf, sizeof fmtbuf); dlog(fmtbuf); } if (c > 1) { @@ -809,8 +818,8 @@ makeempty(ocbp) int nframes; if (debug > 2) { - sprintf(fmtbuf, "E%c ", "bw"[curcolor]); - printcombo(ocbp, fmtbuf + 3); + snprintf(fmtbuf, sizeof fmtbuf, "E%c ", "bw"[curcolor]); + printcombo(ocbp, fmtbuf + 3, sizeof fmtbuf - 3); dlog(fmtbuf); } @@ -932,7 +941,8 @@ makeempty(ocbp) } nep->e_fval.s = ep->e_fval.s; if (debug > 2) { - sprintf(fmtbuf, "e %s o%d i%d c%d m%x %x", + snprintf(fmtbuf, sizeof fmtbuf, + "e %s o%d i%d c%d m%x %x", stoc(sp - board), nep->e_off, nep->e_frameindex, @@ -1228,12 +1238,14 @@ sortcombo(scbpp, cbpp, fcbp) if (debug > 3) { char *str; - sprintf(fmtbuf, "sortc: %s%c l%d", stoc(fcbp->c_vertex), + snprintf(fmtbuf, sizeof fmtbuf, + "sortc: %s%c l%d", stoc(fcbp->c_vertex), pdir[fcbp->c_dir], curlevel); dlog(fmtbuf); str = fmtbuf; for (cpp = cbpp; cpp < cbpp + curlevel; cpp++) { - sprintf(str, " %s%c", stoc((*cpp)->c_vertex), + snprintf(str, fmtbuf + sizeof fmtbut - str, + " %s%c", stoc((*cpp)->c_vertex), pdir[(*cpp)->c_dir]); str += strlen(str); } @@ -1287,21 +1299,23 @@ inserted: if (debug > 3) { char *str; - sprintf(fmtbuf, "sort1: n%d", n); + snprintf(fmtbuf, sizeof fmtbuf, "sort1: n%d", n); dlog(fmtbuf); str = fmtbuf; for (cpp = scbpp; cpp < scbpp + n; cpp++) { - sprintf(str, " %s%c", stoc((*cpp)->c_vertex), + snprintf(str, fmtbuf + sizeof fmtbuf - str, + " %s%c", stoc((*cpp)->c_vertex), pdir[(*cpp)->c_dir]); str += strlen(str); } dlog(fmtbuf); - printcombo(cbp, fmtbuf); + printcombo(cbp, fmtbuf, sizeof fmtbuf); dlog(fmtbuf); str = fmtbuf; cbpp--; for (cpp = cbpp; cpp < cbpp + n; cpp++) { - sprintf(str, " %s%c", stoc((*cpp)->c_vertex), + snprintf(str, fmtbuf + sizeof fmtbuf - str, + " %s%c", stoc((*cpp)->c_vertex), pdir[(*cpp)->c_dir]); str += strlen(str); } @@ -1329,20 +1343,24 @@ inserted: * Print the combo into string 'str'. */ void -printcombo(cbp, str) +printcombo(cbp, str, strl) struct combostr *cbp; char *str; + size_t strl; { + char *basestr = str; struct combostr *tcbp; - sprintf(str, "%x/%d", cbp->c_combo.s, cbp->c_nframes); + snprintf(str, strl, "%x/%d", cbp->c_combo.s, cbp->c_nframes); str += strlen(str); for (; (tcbp = cbp->c_link[1]) != NULL; cbp = cbp->c_link[0]) { - sprintf(str, " %s%c%x", stoc(tcbp->c_vertex), pdir[tcbp->c_dir], + snprintf(str, basestr + strl - str, + " %s%c%x", stoc(tcbp->c_vertex), pdir[tcbp->c_dir], cbp->c_flg); str += strlen(str); } - sprintf(str, " %s%c", stoc(cbp->c_vertex), pdir[cbp->c_dir]); + snprintf(str, basestr + strl - str, + " %s%c", stoc(cbp->c_vertex), pdir[cbp->c_dir]); } #ifdef DEBUG diff --git a/games/gomoku/stoc.c b/games/gomoku/stoc.c index 9b16713300a..be736f25b58 100644 --- a/games/gomoku/stoc.c +++ b/games/gomoku/stoc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: stoc.c,v 1.4 2002/05/31 04:21:30 pjanzen Exp $ */ +/* $OpenBSD: stoc.c,v 1.5 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1994 * The Regents of the University of California. All rights reserved. @@ -39,7 +39,7 @@ #if 0 static char sccsid[] = "@(#)stoc.c 8.1 (Berkeley) 7/24/94"; #else -static char rcsid[] = "$OpenBSD: stoc.c,v 1.4 2002/05/31 04:21:30 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: stoc.c,v 1.5 2003/04/06 18:50:37 deraadt Exp $"; #endif #endif /* not lint */ @@ -73,7 +73,7 @@ stoc(s) for (i = 0; mv[i].m_code >= 0; i++) if (s == mv[i].m_code) return(mv[i].m_text); - sprintf(buf, "%c%d", letters[s % BSZ1], s / BSZ1); + snprintf(buf, sizeof buf, "%c%d", letters[s % BSZ1], s / BSZ1); return(buf); } diff --git a/games/hack/hack.do_name.c b/games/hack/hack.do_name.c index ca636d469a2..584be169e05 100644 --- a/games/hack/hack.do_name.c +++ b/games/hack/hack.do_name.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.do_name.c,v 1.5 2003/03/16 21:22:35 camield Exp $ */ +/* $OpenBSD: hack.do_name.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.do_name.c,v 1.5 2003/03/16 21:22:35 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.do_name.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" @@ -253,7 +253,7 @@ xmonnam(mtmp, vb) register struct monst *mtmp; int vb; { static char buf[BUFSZ]; /* %% */ extern char *shkname(); if(mtmp->mnamelth && !vb) { - (void) strcpy(buf, NAME(mtmp)); + (void) strlcpy(buf, NAME(mtmp), sizeof buf); return(buf); } switch(mtmp->data->mlet) { @@ -264,23 +264,23 @@ extern char *shkname(); if(!rn2(2)) (void) strcpy((char *) mtmp->mextra, !rn2(5) ? plname : gn); } - (void) sprintf(buf, "%s's ghost", gn); + (void) snprintf(buf, sizeof buf, "%s's ghost", gn); } break; case '@': if(mtmp->isshk) { - (void) strcpy(buf, shkname(mtmp)); + (void) strlcpy(buf, shkname(mtmp), sizeof buf); break; } /* fall into next case */ default: - (void) sprintf(buf, "the %s%s", + (void) snprintf(buf, sizeof buf, "the %s%s", mtmp->minvis ? "invisible " : "", mtmp->data->mname); } if(vb && mtmp->mnamelth) { - (void) strcat(buf, " called "); - (void) strcat(buf, NAME(mtmp)); + (void) strlcat(buf, " called ", sizeof buf); + (void) strlcat(buf, NAME(mtmp), sizeof buf); } return(buf); } @@ -311,7 +311,7 @@ register char *adj; static char buf[BUFSZ]; /* %% */ if(!strncmp(bp, "the ", 4)) bp += 4; - (void) sprintf(buf, "the %s %s", adj, bp); + (void) snprintf(buf, sizeof buf, "the %s %s", adj, bp); return(buf); } diff --git a/games/hack/hack.eat.c b/games/hack/hack.eat.c index 8acecabff1d..1b7fed2934d 100644 --- a/games/hack/hack.eat.c +++ b/games/hack/hack.eat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.eat.c,v 1.5 2003/03/16 21:22:35 camield Exp $ */ +/* $OpenBSD: hack.eat.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.eat.c,v 1.5 2003/03/16 21:22:35 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.eat.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" @@ -314,7 +314,8 @@ gotit: eatx: if(multi<0 && !nomovemsg){ static char msgbuf[BUFSZ]; - (void) sprintf(msgbuf, "You finished eating the %s.", + (void) snprintf(msgbuf, sizeof msgbuf, + "You finished eating the %s.", ftmp->oc_name); nomovemsg = msgbuf; } diff --git a/games/hack/hack.end.c b/games/hack/hack.end.c index f326cbf19f0..9a86617afe0 100644 --- a/games/hack/hack.end.c +++ b/games/hack/hack.end.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.end.c,v 1.5 2003/03/16 21:22:35 camield Exp $ */ +/* $OpenBSD: hack.end.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,13 +62,12 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.end.c,v 1.5 2003/03/16 21:22:35 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.end.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" #include #include -#define Sprintf (void) sprintf extern char plname[], pl_character[]; extern char *itoa(), *ordin(), *eos(); @@ -111,14 +110,14 @@ done_in_by(mtmp) register struct monst *mtmp; { static char buf[BUFSZ]; pline("You die ..."); if(mtmp->data->mlet == ' '){ - Sprintf(buf, "the ghost of %s", (char *) mtmp->mextra); + snprintf(buf, sizeof buf, "the ghost of %s", (char *) mtmp->mextra); killer = buf; } else if(mtmp->mnamelth) { - Sprintf(buf, "%s called %s", + snprintf(buf, sizeof buf, "%s called %s", mtmp->data->mname, NAME(mtmp)); killer = buf; } else if(mtmp->minvis) { - Sprintf(buf, "invisible %s", mtmp->data->mname); + snprintf(buf, sizeof buf, "invisible %s", mtmp->data->mname); killer = buf; } else killer = mtmp->data->mname; done("died"); @@ -451,53 +450,53 @@ outentry(rank,t1,so) register struct toptenentry *t1; { boolean quit = FALSE, killed = FALSE, starv = FALSE; char linebuf[BUFSZ]; linebuf[0] = 0; - if(rank) Sprintf(eos(linebuf), "%3d", rank); - else Sprintf(eos(linebuf), " "); - Sprintf(eos(linebuf), " %6ld %8s", t1->points, t1->name); - if(t1->plchar == 'X') Sprintf(eos(linebuf), " "); - else Sprintf(eos(linebuf), "-%c ", t1->plchar); + if(rank) sprintf(eos(linebuf), "%3d", rank); + else sprintf(eos(linebuf), " "); + sprintf(eos(linebuf), " %6ld %8s", t1->points, t1->name); + if(t1->plchar == 'X') sprintf(eos(linebuf), " "); + else sprintf(eos(linebuf), "-%c ", t1->plchar); if(!strncmp("escaped", t1->death, 7)) { if(!strcmp(" (with amulet)", t1->death+7)) - Sprintf(eos(linebuf), "escaped the dungeon with amulet"); + sprintf(eos(linebuf), "escaped the dungeon with amulet"); else - Sprintf(eos(linebuf), "escaped the dungeon [max level %d]", + sprintf(eos(linebuf), "escaped the dungeon [max level %d]", t1->maxlvl); } else { if(!strncmp(t1->death,"quit",4)) { quit = TRUE; if(t1->maxhp < 3*t1->hp && t1->maxlvl < 4) - Sprintf(eos(linebuf), "cravenly gave up"); + sprintf(eos(linebuf), "cravenly gave up"); else - Sprintf(eos(linebuf), "quit"); + sprintf(eos(linebuf), "quit"); } else if(!strcmp(t1->death,"choked")) - Sprintf(eos(linebuf), "choked on %s food", + sprintf(eos(linebuf), "choked on %s food", (t1->sex == 'F') ? "her" : "his"); else if(!strncmp(t1->death,"starv",5)) - Sprintf(eos(linebuf), "starved to death"), starv = TRUE; - else Sprintf(eos(linebuf), "was killed"), killed = TRUE; - Sprintf(eos(linebuf), " on%s level %d", + sprintf(eos(linebuf), "starved to death"), starv = TRUE; + else sprintf(eos(linebuf), "was killed"), killed = TRUE; + sprintf(eos(linebuf), " on%s level %d", (killed || starv) ? "" : " dungeon", t1->level); if(t1->maxlvl != t1->level) - Sprintf(eos(linebuf), " [max %d]", t1->maxlvl); - if(quit && t1->death[4]) Sprintf(eos(linebuf), t1->death + 4); + sprintf(eos(linebuf), " [max %d]", t1->maxlvl); + if(quit && t1->death[4]) sprintf(eos(linebuf), t1->death + 4); } - if(killed) Sprintf(eos(linebuf), " by %s%s", + if(killed) sprintf(eos(linebuf), " by %s%s", (!strncmp(t1->death, "trick", 5) || !strncmp(t1->death, "the ", 4)) ? "" : strchr(vowels,*t1->death) ? "an " : "a ", t1->death); - Sprintf(eos(linebuf), "."); + sprintf(eos(linebuf), "."); if(t1->maxhp) { register char *bp = eos(linebuf); char hpbuf[10]; int hppos; - Sprintf(hpbuf, (t1->hp > 0) ? itoa(t1->hp) : "-"); + snprintf(hpbuf, sizeof hpbuf, (t1->hp > 0) ? itoa(t1->hp) : "-"); hppos = COLNO - 7 - strlen(hpbuf); if(bp <= linebuf + hppos) { while(bp < linebuf + hppos) *bp++ = ' '; (void) strcpy(bp, hpbuf); - Sprintf(eos(bp), " [%d]", t1->maxhp); + sprintf(eos(bp), " [%d]", t1->maxhp); } } if(so == 0) puts(linebuf); @@ -517,7 +516,7 @@ char linebuf[BUFSZ]; char * itoa(a) int a; { static char buf[12]; - Sprintf(buf,"%d",a); + snprintf(buf,sizeof buf,"%d",a); return(buf); } diff --git a/games/hack/hack.fight.c b/games/hack/hack.fight.c index 7f14ae36cc1..757d0b12545 100644 --- a/games/hack/hack.fight.c +++ b/games/hack/hack.fight.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.fight.c,v 1.5 2003/03/16 21:22:35 camield Exp $ */ +/* $OpenBSD: hack.fight.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.fight.c,v 1.5 2003/03/16 21:22:35 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.fight.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" @@ -93,7 +93,7 @@ boolean vis; char buf[BUFSZ]; if(mdef->mimic) seemimic(mdef); if(magr->mimic) seemimic(magr); - (void) sprintf(buf,"%s %s", Monnam(magr), + (void) snprintf(buf,sizeof buf,"%s %s", Monnam(magr), hit ? "hits" : "misses"); pline("%s %s.", buf, monnam(mdef)); } else { diff --git a/games/hack/hack.invent.c b/games/hack/hack.invent.c index f6396056a11..a192096776d 100644 --- a/games/hack/hack.invent.c +++ b/games/hack/hack.invent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.invent.c,v 1.6 2003/03/16 21:22:35 camield Exp $ */ +/* $OpenBSD: hack.invent.c,v 1.7 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.invent.c,v 1.6 2003/03/16 21:22:35 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.invent.c,v 1.7 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" @@ -398,7 +398,7 @@ register char *let,*word; } bp[foo] = 0; if(foo == 0 && bp > buf && bp[-1] == ' ') *--bp = 0; - (void) strcpy(lets, bp); /* necessary since we destroy buf */ + (void) strlcpy(lets, bp, sizeof lets); /* necessary since we destroy buf */ if(foo > 5) { /* compactify string */ foo = foo2 = 1; ilet2 = bp[0]; @@ -649,7 +649,7 @@ register char let; { static char li[BUFSZ]; - (void) sprintf(li, "%c - %s.", + (void) snprintf(li, sizeof li, "%c - %s.", flags.invlet_constant ? obj->invlet : let, doname(obj)); return(li); @@ -804,7 +804,7 @@ dolook() { if(gold) { char gbuf[30]; - (void) sprintf(gbuf, "%ld gold piece%s", + (void) snprintf(gbuf, sizeof gbuf, "%ld gold piece%s", gold->amount, plur(gold->amount)); if(!ct++) pline("You %s here %s.", verb, gbuf); diff --git a/games/hack/hack.main.c b/games/hack/hack.main.c index 0043018f098..5a0acc8a4d7 100644 --- a/games/hack/hack.main.c +++ b/games/hack/hack.main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.main.c,v 1.9 2003/03/16 21:22:35 camield Exp $ */ +/* $OpenBSD: hack.main.c,v 1.10 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.main.c,v 1.9 2003/03/16 21:22:35 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.main.c,v 1.10 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include @@ -259,7 +259,7 @@ char *argv[]; getmailstatus(); #endif #ifdef WIZARD - if(wizard) (void) strcpy(plname, "wizard"); else + if(wizard) (void) strlcpy(plname, "wizard", sizeof plname); else #endif if(!*plname || !strncmp(plname, "player", 4) || !strncmp(plname, "games", 4)) @@ -308,7 +308,7 @@ char *argv[]; } #endif setftty(); - (void) sprintf(SAVEF, "save/%u%s", getuid(), plname); + (void) snprintf(SAVEF, sizeof SAVEF, "save/%u%s", getuid(), plname); regularize(SAVEF+5); /* avoid . or / in name */ if((fd = open(SAVEF, O_RDONLY)) >= 0 && (uptodate(fd) || unlink(SAVEF) == 666)) { diff --git a/games/hack/hack.objnam.c b/games/hack/hack.objnam.c index 2c338bf5060..d671260acba 100644 --- a/games/hack/hack.objnam.c +++ b/games/hack/hack.objnam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.objnam.c,v 1.5 2003/03/16 21:22:36 camield Exp $ */ +/* $OpenBSD: hack.objnam.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,13 +62,10 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.objnam.c,v 1.5 2003/03/16 21:22:36 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.objnam.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" -#define Sprintf (void) sprintf -#define Strcat (void) strcat -#define Strcpy (void) strcpy #define PREFIX 15 extern char *eos(); extern int bases[]; @@ -88,7 +85,7 @@ register int i = strlen(pref); char * sitoa(a) int a; { static char buf[13]; - Sprintf(buf, (a < 0) ? "%d" : "+%d", a); + snprintf(buf, sizeof buf, (a < 0) ? "%d" : "+%d", a); return(buf); } @@ -104,42 +101,42 @@ register char *un = ocl->oc_uname; register int nn = ocl->oc_name_known; switch(ocl->oc_olet) { case POTION_SYM: - Strcpy(buf, "potion"); + strlcpy(buf, "potion", sizeof buf); break; case SCROLL_SYM: - Strcpy(buf, "scroll"); + strlcpy(buf, "scroll", sizeof buf); break; case WAND_SYM: - Strcpy(buf, "wand"); + strlcpy(buf, "wand", sizeof buf); break; case RING_SYM: - Strcpy(buf, "ring"); + strlcpy(buf, "ring", sizeof buf); break; default: if(nn) { - Strcpy(buf, an); + strlcpy(buf, an, sizeof buf); if(otyp >= TURQUOISE && otyp <= JADE) - Strcat(buf, " stone"); + strlcat(buf, " stone", sizeof buf); if(un) - Sprintf(eos(buf), " called %s", un); + sprintf(eos(buf), " called %s", un); if(dn) - Sprintf(eos(buf), " (%s)", dn); + sprintf(eos(buf), " (%s)", dn); } else { - Strcpy(buf, dn ? dn : an); + strlcpy(buf, dn ? dn : an, sizeof buf); if(ocl->oc_olet == GEM_SYM) - Strcat(buf, " gem"); + strlcat(buf, " gem", sizeof buf); if(un) - Sprintf(eos(buf), " called %s", un); + sprintf(eos(buf), " called %s", un); } return(buf); } /* here for ring/scroll/potion/wand */ if(nn) - Sprintf(eos(buf), " of %s", an); + sprintf(eos(buf), " of %s", an); if(un) - Sprintf(eos(buf), " called %s", un); + sprintf(eos(buf), " called %s", un); if(dn) - Sprintf(eos(buf), " (%s)", dn); + sprintf(eos(buf), " (%s)", dn); return(buf); } @@ -157,21 +154,21 @@ register int pl = (obj->quan != 1); if(!obj->dknown && !Blind) obj->dknown = 1; /* %% doesn't belong here */ switch(obj->olet) { case AMULET_SYM: - Strcpy(buf, (obj->spe < 0 && obj->known) + strcpy(buf, (obj->spe < 0 && obj->known) ? "cheap plastic imitation of the " : ""); - Strcat(buf,"Amulet of Yendor"); + strcat(buf,"Amulet of Yendor"); break; case TOOL_SYM: if(!nn) { - Strcpy(buf, dn); + strcpy(buf, dn); break; } - Strcpy(buf,an); + strcpy(buf,an); break; case FOOD_SYM: if(obj->otyp == DEAD_HOMUNCULUS && pl) { pl = 0; - Strcpy(buf, "dead homunculi"); + strcpy(buf, "dead homunculi"); break; } /* fungis ? */ @@ -179,97 +176,97 @@ register int pl = (obj->quan != 1); case WEAPON_SYM: if(obj->otyp == WORM_TOOTH && pl) { pl = 0; - Strcpy(buf, "worm teeth"); + strcpy(buf, "worm teeth"); break; } if(obj->otyp == CRYSKNIFE && pl) { pl = 0; - Strcpy(buf, "crysknives"); + strcpy(buf, "crysknives"); break; } /* fall into next case */ case ARMOR_SYM: case CHAIN_SYM: case ROCK_SYM: - Strcpy(buf,an); + strcpy(buf,an); break; case BALL_SYM: - Sprintf(buf, "%sheavy iron ball", + sprintf(buf, "%sheavy iron ball", (obj->owt > objects[obj->otyp].oc_weight) ? "very " : ""); break; case POTION_SYM: if(nn || un || !obj->dknown) { - Strcpy(buf, "potion"); + strcpy(buf, "potion"); if(pl) { pl = 0; - Strcat(buf, "s"); + strcat(buf, "s"); } if(!obj->dknown) break; if(un) { - Strcat(buf, " called "); - Strcat(buf, un); + strcat(buf, " called "); + strcat(buf, un); } else { - Strcat(buf, " of "); - Strcat(buf, an); + strcat(buf, " of "); + strcat(buf, an); } } else { - Strcpy(buf, dn); - Strcat(buf, " potion"); + strcpy(buf, dn); + strcat(buf, " potion"); } break; case SCROLL_SYM: - Strcpy(buf, "scroll"); + strcpy(buf, "scroll"); if(pl) { pl = 0; - Strcat(buf, "s"); + strcat(buf, "s"); } if(!obj->dknown) break; if(nn) { - Strcat(buf, " of "); - Strcat(buf, an); + strcat(buf, " of "); + strcat(buf, an); } else if(un) { - Strcat(buf, " called "); - Strcat(buf, un); + strcat(buf, " called "); + strcat(buf, un); } else { - Strcat(buf, " labeled "); - Strcat(buf, dn); + strcat(buf, " labeled "); + strcat(buf, dn); } break; case WAND_SYM: if(!obj->dknown) - Sprintf(buf, "wand"); + sprintf(buf, "wand"); else if(nn) - Sprintf(buf, "wand of %s", an); + sprintf(buf, "wand of %s", an); else if(un) - Sprintf(buf, "wand called %s", un); + sprintf(buf, "wand called %s", un); else - Sprintf(buf, "%s wand", dn); + sprintf(buf, "%s wand", dn); break; case RING_SYM: if(!obj->dknown) - Sprintf(buf, "ring"); + sprintf(buf, "ring"); else if(nn) - Sprintf(buf, "ring of %s", an); + sprintf(buf, "ring of %s", an); else if(un) - Sprintf(buf, "ring called %s", un); + sprintf(buf, "ring called %s", un); else - Sprintf(buf, "%s ring", dn); + sprintf(buf, "%s ring", dn); break; case GEM_SYM: if(!obj->dknown) { - Strcpy(buf, "gem"); + strcpy(buf, "gem"); break; } if(!nn) { - Sprintf(buf, "%s gem", dn); + sprintf(buf, "%s gem", dn); break; } - Strcpy(buf, an); + strcpy(buf, an); if(obj->otyp >= TURQUOISE && obj->otyp <= JADE) - Strcat(buf, " stone"); + strcat(buf, " stone"); break; default: - Sprintf(buf,"glorkum %c (0%o) %u %d", + sprintf(buf,"glorkum %c (0%o) %u %d", obj->olet,obj->olet,obj->otyp,obj->spe); } if(pl) { @@ -289,16 +286,16 @@ register int pl = (obj->quan != 1); p = eos(buf)-1; if(*p == 's' || *p == 'z' || *p == 'x' || (*p == 'h' && p[-1] == 's')) - Strcat(buf, "es"); /* boxes */ + strcat(buf, "es"); /* boxes */ else if(*p == 'y' && !strchr(vowels, p[-1])) - Strcpy(p, "ies"); /* rubies, zruties */ + strcpy(p, "ies"); /* rubies, zruties */ else - Strcat(buf, "s"); + strcat(buf, "s"); } nopl: if(obj->onamelth) { - Strcat(buf, " named "); - Strcat(buf, ONAME(obj)); + strcat(buf, " named "); + strcat(buf, ONAME(obj)); } return(buf); } @@ -310,43 +307,43 @@ register struct obj *obj; char prefix[PREFIX]; register char *bp = xname(obj); if(obj->quan != 1) - Sprintf(prefix, "%u ", obj->quan); + snprintf(prefix, sizeof prefix, "%u ", obj->quan); else - Strcpy(prefix, "a "); + strlcpy(prefix, "a ", sizeof prefix); switch(obj->olet) { case AMULET_SYM: if(strncmp(bp, "cheap ", 6)) - Strcpy(prefix, "the "); + strlcpy(prefix, "the ", sizeof prefix); break; case ARMOR_SYM: if(obj->owornmask & W_ARMOR) - Strcat(bp, " (being worn)"); + strcat(bp, " (being worn)"); /* fall into next case */ case WEAPON_SYM: if(obj->known) { - Strcat(prefix, sitoa(obj->spe)); - Strcat(prefix, " "); + strlcat(prefix, sitoa(obj->spe), sizeof prefix); + strlcat(prefix, " ", sizeof prefix); } break; case WAND_SYM: if(obj->known) - Sprintf(eos(bp), " (%d)", obj->spe); + sprintf(eos(bp), " (%d)", obj->spe); break; case RING_SYM: - if(obj->owornmask & W_RINGR) Strcat(bp, " (on right hand)"); - if(obj->owornmask & W_RINGL) Strcat(bp, " (on left hand)"); + if(obj->owornmask & W_RINGR) strcat(bp, " (on right hand)"); + if(obj->owornmask & W_RINGL) strcat(bp, " (on left hand)"); if(obj->known && (objects[obj->otyp].bits & SPEC)) { - Strcat(prefix, sitoa(obj->spe)); - Strcat(prefix, " "); + strlcat(prefix, sitoa(obj->spe), sizeof prefix); + strlcat(prefix, " ", sizeof prefix); } break; } if(obj->owornmask & W_WEP) - Strcat(bp, " (weapon in hand)"); + strcat(bp, " (weapon in hand)"); if(obj->unpaid) - Strcat(bp, " (unpaid)"); + strcat(bp, " (unpaid)"); if(!strcmp(prefix, "a ") && strchr(vowels, *bp)) - Strcpy(prefix, "an "); + strlcpy(prefix, "an ", sizeof prefix); bp = strprepend(bp, prefix); return(bp); } @@ -356,9 +353,9 @@ setan(str,buf) register char *str,*buf; { if(strchr(vowels,*str)) - Sprintf(buf, "an %s", str); + sprintf(buf, "an %s", str); else - Sprintf(buf, "a %s", str); + sprintf(buf, "a %s", str); } char * @@ -366,20 +363,20 @@ aobjnam(otmp,verb) register struct obj *otmp; register char *verb; { register char *bp = xname(otmp); char prefix[PREFIX]; if(otmp->quan != 1) { - Sprintf(prefix, "%u ", otmp->quan); + snprintf(prefix, sizeof prefix, "%u ", otmp->quan); bp = strprepend(bp, prefix); } if(verb) { /* verb is given in plural (i.e., without trailing s) */ - Strcat(bp, " "); + strcat(bp, " "); if(otmp->quan != 1) - Strcat(bp, verb); + strcat(bp, verb); else if(!strcmp(verb, "are")) - Strcat(bp, "is"); + strcat(bp, "is"); else { - Strcat(bp, verb); - Strcat(bp, "s"); + strcat(bp, verb); + strcat(bp, "s"); } } return(bp); @@ -482,13 +479,13 @@ char *un, *dn, *an; if(p[-3] == 'i') { if(!strcmp(p-7, "cookies")) goto mins; - Strcpy(p-3, "y"); + strcpy(p-3, "y"); goto sing; } /* note: cloves / knives from clove / knife */ if(!strcmp(p-6, "knives")) { - Strcpy(p-3, "fe"); + strcpy(p-3, "fe"); goto sing; } @@ -502,11 +499,11 @@ char *un, *dn, *an; p[-1] = 0; } else { if(!strcmp(p-9, "homunculi")) { - Strcpy(p-1, "us"); /* !! makes string longer */ + strcpy(p-1, "us"); /* !! makes string longer */ goto sing; } if(!strcmp(p-5, "teeth")) { - Strcpy(p-5, "tooth"); + strcpy(p-5, "tooth"); goto sing; } /* here we cannot find the plural suffix */ diff --git a/games/hack/hack.options.c b/games/hack/hack.options.c index 29ca80f1c28..7972e619fc8 100644 --- a/games/hack/hack.options.c +++ b/games/hack/hack.options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.options.c,v 1.5 2003/03/16 21:22:36 camield Exp $ */ +/* $OpenBSD: hack.options.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.options.c,v 1.5 2003/03/16 21:22:36 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.options.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "config.h" @@ -243,19 +243,20 @@ doset() pline("What options do you want to set? "); getlin(buf); if(!buf[0] || buf[0] == '\033') { - (void) strcpy(buf,"HACKOPTIONS="); - (void) strcat(buf, flags.female ? "female," : "male,"); - if(flags.standout) (void) strcat(buf,"standout,"); - if(flags.nonull) (void) strcat(buf,"nonull,"); - if(flags.nonews) (void) strcat(buf,"nonews,"); - if(flags.time) (void) strcat(buf,"time,"); - if(flags.notombstone) (void) strcat(buf,"notombstone,"); + (void) strlcpy(buf,"HACKOPTIONS=", sizeof buf); + (void) strlcat(buf, flags.female ? "female," : "male,", sizeof buf); + if(flags.standout) (void) strlcat(buf,"standout,", sizeof buf); + if(flags.nonull) (void) strlcat(buf,"nonull,", sizeof buf); + if(flags.nonews) (void) strlcat(buf,"nonews,", sizeof buf); + if(flags.time) (void) strlcat(buf,"time,", sizeof buf); + if(flags.notombstone) (void) strlcat(buf,"notombstone,", sizeof buf); if(flags.no_rest_on_space) - (void) strcat(buf,"!rest_on_space,"); + (void) strlcat(buf,"!rest_on_space,", sizeof buf); if(flags.end_top != 5 || flags.end_around != 4 || flags.end_own){ - (void) sprintf(eos(buf), "endgame: %u topscores/%u around me", + (void) snprintf(eos(buf), buf + sizeof buf - eos(buf), + "endgame: %u topscores/%u around me", flags.end_top, flags.end_around); - if(flags.end_own) (void) strcat(buf, "/own scores"); + if(flags.end_own) (void) strlcat(buf, "/own scores", sizeof buf); } else { register char *eop = eos(buf); if(*--eop == ',') *eop = 0; diff --git a/games/hack/hack.pri.c b/games/hack/hack.pri.c index c4b5c580293..b2a432e8941 100644 --- a/games/hack/hack.pri.c +++ b/games/hack/hack.pri.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.pri.c,v 1.5 2003/03/16 21:22:36 camield Exp $ */ +/* $OpenBSD: hack.pri.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.pri.c,v 1.5 2003/03/16 21:22:36 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.pri.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" @@ -661,17 +661,17 @@ extern char *eos(); if(flags.botlx) *ob = 0; flags.botl = flags.botlx = 0; #ifdef GOLD_ON_BOTL - (void) sprintf(newbot, + (void) snprintf(newbot, sizeof newbot, "Level %-2d Gold %-5lu Hp %3d(%d) Ac %-2d Str ", dlevel, u.ugold, u.uhp, u.uhpmax, u.uac); #else - (void) sprintf(newbot, + (void) snprintf(newbot, sizeof newbot, "Level %-2d Hp %3d(%d) Ac %-2d Str ", dlevel, u.uhp, u.uhpmax, u.uac); #endif /* GOLD_ON_BOTL */ if(u.ustr>18) { if(u.ustr>117) - (void) strcat(newbot,"18/**"); + (void) strlcat(newbot,"18/**",sizeof newbot); else (void) sprintf(eos(newbot), "18/%02d",u.ustr-18); } else @@ -681,7 +681,7 @@ extern char *eos(); #else (void) sprintf(eos(newbot), " Exp %2u ", u.ulevel); #endif /* EXP_ON_BOTL */ - (void) strcat(newbot, hu_stat[u.uhs]); + (void) strlcat(newbot, hu_stat[u.uhs], sizeof newbot); if(flags.time) (void) sprintf(eos(newbot), " %ld", moves); if(strlen(newbot) >= COLNO) { @@ -701,7 +701,7 @@ extern char *eos(); if(*ob) ob++; if(*nb) nb++; } - (void) strcpy(oldbot, newbot); + (void) strlcpy(oldbot, newbot, sizeof oldbot); } #ifdef WAN_PROBING diff --git a/games/hack/hack.rip.c b/games/hack/hack.rip.c index a60481efb23..f1c83ba494b 100644 --- a/games/hack/hack.rip.c +++ b/games/hack/hack.rip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.rip.c,v 1.4 2003/03/16 21:22:36 camield Exp $ */ +/* $OpenBSD: hack.rip.c,v 1.5 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.rip.c,v 1.4 2003/03/16 21:22:36 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.rip.c,v 1.5 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include @@ -90,17 +90,17 @@ outrip(){ cls(); curs(1, 8); puts(riptop); - (void) strcpy(buf, plname); + (void) strlcpy(buf, plname, sizeof buf); buf[16] = 0; center(6, buf); - (void) sprintf(buf, "%ld AU", u.ugold); + (void) snprintf(buf, sizeof buf, "%ld AU", u.ugold); center(7, buf); - (void) sprintf(buf, "killed by%s", + (void) snprintf(buf, sizeof buf, "killed by%s", !strncmp(killer, "the ", 4) ? "" : !strcmp(killer, "starvation") ? "" : strchr(vowels, *killer) ? " an" : " a"); center(8, buf); - (void) strcpy(buf, killer); + (void) strlcpy(buf, killer, sizeof buf); { register int i1; if((i1 = strlen(buf)) > 16) { @@ -115,7 +115,7 @@ outrip(){ center(9, buf); center(10, buf+i1); } - (void) sprintf(buf, "%4d", getyear()); + (void) snprintf(buf, sizeof buf, "%4d", getyear()); center(11, buf); puts(ripbot); getret(); diff --git a/games/hack/hack.shk.c b/games/hack/hack.shk.c index bada4061a8d..cf032b1f52e 100644 --- a/games/hack/hack.shk.c +++ b/games/hack/hack.shk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.shk.c,v 1.7 2003/03/16 21:22:36 camield Exp $ */ +/* $OpenBSD: hack.shk.c,v 1.8 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.shk.c,v 1.7 2003/03/16 21:22:36 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.shk.c,v 1.8 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" @@ -736,17 +736,18 @@ int mode; /* 0: deliver count 1: paged */ thisused = bp->price * uquan; totused += thisused; obj->quan = uquan; /* cheat doname */ - (void) sprintf(buf, "x - %s", doname(obj)); + (void) snprintf(buf, sizeof buf, "x - %s", doname(obj)); obj->quan = oquan; /* restore value */ for(cnt = 0; buf[cnt]; cnt++); while(cnt < 50) buf[cnt++] = ' '; - (void) sprintf(&buf[cnt], " %5ld zorkmids", thisused); + (void) snprintf(&buf[cnt], sizeof buf - cnt, + " %5ld zorkmids", thisused); if(page_line(buf)) goto quit; } } - (void) sprintf(buf, "Total:%50ld zorkmids", totused); + (void) snprintf(buf, sizeof buf, "Total:%50ld zorkmids", totused); if(page_line("") || page_line(buf)) goto quit; set_pager(1); diff --git a/games/hack/hack.topl.c b/games/hack/hack.topl.c index db2335348e5..fa703d16bec 100644 --- a/games/hack/hack.topl.c +++ b/games/hack/hack.topl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.topl.c,v 1.5 2003/03/16 21:22:36 camield Exp $ */ +/* $OpenBSD: hack.topl.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.topl.c,v 1.5 2003/03/16 21:22:36 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.topl.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" @@ -85,7 +85,7 @@ doredotopl(){ if(!last_redone_topl) last_redone_topl = old_toplines; if(last_redone_topl){ - (void) strcpy(toplines, last_redone_topl->topl_text); + (void) strlcpy(toplines, last_redone_topl->topl_text, sizeof toplines); } redotoplin(); return(0); @@ -188,8 +188,8 @@ register char *line,*arg1,*arg2,*arg3,*arg4,*arg5,*arg6; register int n,n0; if(!line || !*line) return; - if(!strchr(line, '%')) (void) strcpy(pbuf,line); else - (void) sprintf(pbuf,line,arg1,arg2,arg3,arg4,arg5,arg6); + if(!strchr(line, '%')) (void) strlcpy(pbuf,line,sizeof pbuf); else + (void) snprintf(pbuf,sizeof pbuf,line,arg1,arg2,arg3,arg4,arg5,arg6); if(flags.toplin == 1 && !strcmp(pbuf, toplines)) return; nscr(); /* %% */ @@ -199,8 +199,8 @@ register char *line,*arg1,*arg2,*arg3,*arg4,*arg5,*arg6; if(flags.toplin == 1 && tly == 1 && n0 + strlen(toplines) + 3 < CO-8 && /* leave room for --More-- */ strncmp(bp, "You ", 4)) { - (void) strcat(toplines, " "); - (void) strcat(toplines, bp); + (void) strlcat(toplines, " ", sizeof toplines); + (void) strlcat(toplines, bp, sizeof toplines); tlx += 2; addtopl(bp); return; diff --git a/games/hack/hack.u_init.c b/games/hack/hack.u_init.c index 259125c8445..28daffb4b2a 100644 --- a/games/hack/hack.u_init.c +++ b/games/hack/hack.u_init.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.u_init.c,v 1.5 2003/03/16 21:22:36 camield Exp $ */ +/* $OpenBSD: hack.u_init.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,14 +62,12 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.u_init.c,v 1.5 2003/03/16 21:22:36 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.u_init.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ #include "hack.h" #include #include -#define Strcpy (void) strcpy -#define Strcat (void) strcat #define UNDEF_TYP 0 #define UNDEF_SPE '\177' extern struct obj *addinv(); diff --git a/games/hack/hack.unix.c b/games/hack/hack.unix.c index edc38b60eca..1c0f890f38e 100644 --- a/games/hack/hack.unix.c +++ b/games/hack/hack.unix.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hack.unix.c,v 1.10 2003/03/16 21:22:36 camield Exp $ */ +/* $OpenBSD: hack.unix.c,v 1.11 2003/04/06 18:50:37 deraadt Exp $ */ /* * Copyright (c) 1985, Stichting Centrum voor Wiskunde en Informatica, @@ -62,7 +62,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: hack.unix.c,v 1.10 2003/03/16 21:22:36 camield Exp $"; +static char rcsid[] = "$OpenBSD: hack.unix.c,v 1.11 2003/04/06 18:50:37 deraadt Exp $"; #endif /* not lint */ /* This file collects some Unix dependencies; hack.pager.c contains some more */ @@ -178,7 +178,7 @@ char filename[MAXPATHLEN+1]; if ((np = strchr(path, ':')) == NULL) np = path + strlen(path); /* point to end str */ if (np - path <= 1) /* %% */ - (void) strcpy(filename, name); + (void) strlcpy(filename, name, sizeof filename); else { (void) strncpy(filename, path, np - path); filename[np - path] = '/'; diff --git a/games/mille/mille.h b/games/mille/mille.h index 73ac2234ae1..915e4db4247 100644 --- a/games/mille/mille.h +++ b/games/mille/mille.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mille.h,v 1.7 2002/02/17 19:42:20 millert Exp $ */ +/* $OpenBSD: mille.h,v 1.8 2003/04/06 18:50:37 deraadt Exp $ */ /* $NetBSD: mille.h,v 1.5 1995/03/24 05:01:51 cgd Exp $ */ /* @@ -208,7 +208,7 @@ typedef struct { extern bool Debug, Finished, Next, On_exit, Order, Saved; -extern char Initstr[], *C_fmt; +extern char Initstr[100], *C_fmt; extern const char *const *C_name, *Fromfile; extern int Card_no, End, Handstart, Movetype, Numgos, diff --git a/games/mille/save.c b/games/mille/save.c index 1bd00fb978a..6e99fabfa30 100644 --- a/games/mille/save.c +++ b/games/mille/save.c @@ -1,4 +1,4 @@ -/* $OpenBSD: save.c,v 1.5 2001/09/03 21:36:12 pjanzen Exp $ */ +/* $OpenBSD: save.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $ */ /* $NetBSD: save.c,v 1.4 1995/03/24 05:02:13 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)save.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: save.c,v 1.5 2001/09/03 21:36:12 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: save.c,v 1.6 2003/04/06 18:50:37 deraadt Exp $"; #endif #endif /* not lint */ @@ -124,7 +124,7 @@ over: if (!rv) unlink(buf); else { - strcpy(buf, ctime(tp)); + strlcpy(buf, ctime(tp), sizeof buf); for (sp = buf; *sp != '\n'; sp++) continue; *sp = '\0'; @@ -155,14 +155,14 @@ rest_f(file) err(1, "%s", file); varpush(inf, readv); close(inf); - strcpy(buf, ctime(&sbuf.st_mtime)); + strlcpy(buf, ctime(&sbuf.st_mtime), sizeof buf); for (sp = buf; *sp != '\n'; sp++) continue; *sp = '\0'; /* * initialize some necessary values */ - (void)sprintf(Initstr, "%s [%s]\n", file, buf); + (void)snprintf(Initstr, sizeof Initstr, "%s [%s]\n", file, buf); Fromfile = file; return !On_exit; } diff --git a/games/monop/execute.c b/games/monop/execute.c index 5b82eca5c1d..e78519dec1a 100644 --- a/games/monop/execute.c +++ b/games/monop/execute.c @@ -1,4 +1,4 @@ -/* $OpenBSD: execute.c,v 1.6 2002/07/28 08:44:14 pjanzen Exp $ */ +/* $OpenBSD: execute.c,v 1.7 2003/04/06 18:50:37 deraadt Exp $ */ /* $NetBSD: execute.c,v 1.3 1995/03/23 08:34:38 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)execute.c 8.1 (Berkeley) 5/31/93"; #else -static const char rcsid[] = "$OpenBSD: execute.c,v 1.6 2002/07/28 08:44:14 pjanzen Exp $"; +static const char rcsid[] = "$OpenBSD: execute.c,v 1.7 2003/04/06 18:50:37 deraadt Exp $"; #endif #endif /* not lint */ @@ -255,7 +255,7 @@ save() } fclose(outf); - strcpy(buf, ctime(&t)); + strlcpy(buf, ctime(&t), sizeof buf); for (sp = buf; *sp != '\n'; sp++) continue; *sp = '\0'; @@ -443,7 +443,7 @@ badness: return(FALSE); } - strcpy(buf, ctime(&sbuf.st_mtime)); + strlcpy(buf, ctime(&sbuf.st_mtime), sizeof buf); for (sp = buf; *sp != '\n'; sp++) continue; *sp = '\0'; diff --git a/games/phantasia/convert.c b/games/phantasia/convert.c index 141d7f808eb..53b247c3a5e 100644 --- a/games/phantasia/convert.c +++ b/games/phantasia/convert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: convert.c,v 1.4 2002/12/06 21:48:51 millert Exp $ */ +/* $OpenBSD: convert.c,v 1.5 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: convert.c,v 1.2 1995/03/24 03:58:34 cgd Exp $ */ /* @@ -166,9 +166,12 @@ FILE *oldcharac, *newcharac; /* to open old and new files */ Newplayer.p_virgin = Oldplayer.o_virgin; Newplayer.p_blindness = Oldplayer.o_blindness; - strcpy(Newplayer.p_name, Oldplayer.o_name); - strcpy(Newplayer.p_password, Oldplayer.o_password); - strcpy(Newplayer.p_login, Oldplayer.o_login); + strlcpy(Newplayer.p_name, Oldplayer.o_name, + sizeof Newplayer.p_name); + strlcpy(Newplayer.p_password, Oldplayer.o_password, + sizeof Newplayer.p_password); + strlcpy(Newplayer.p_login, Oldplayer.o_login, + sizeof Newplayer.p_login); /* write new structure */ fwrite((char *) &Newplayer, sizeof(Newplayer), 1, newcharac); diff --git a/games/phantasia/fight.c b/games/phantasia/fight.c index bac020cf490..d8ad552bd25 100644 --- a/games/phantasia/fight.c +++ b/games/phantasia/fight.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fight.c,v 1.7 2002/01/16 01:28:54 millert Exp $ */ +/* $OpenBSD: fight.c,v 1.8 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: fight.c,v 1.2 1995/03/24 03:58:39 cgd Exp $ */ /* @@ -1058,7 +1058,8 @@ callmonster(which) } else /* make Modnar into Morgoth */ { - strcpy(Curmonster.m_name, "Morgoth"); + strlcpy(Curmonster.m_name, "Morgoth", + sizeof Curmonster.m_name); Curmonster.m_strength = drandom() * (Player.p_maxenergy + Player.p_shield) / 1.4 + drandom() * (Player.p_maxenergy + Player.p_shield) / 1.5; Curmonster.m_brains = Player.p_brains; @@ -1077,7 +1078,8 @@ callmonster(which) which = (int) ROLL(0.0, 100.0); fseek(Monstfp, (long) which * (long) SZ_MONSTERSTRUCT, SEEK_SET); fread(&Othermonster, SZ_MONSTERSTRUCT, 1, Monstfp); - strcpy(Curmonster.m_name, Othermonster.m_name); + strlcpy(Curmonster.m_name, Othermonster.m_name, + sizeof Curmonster.m_name); } truncstring(Curmonster.m_name); diff --git a/games/phantasia/gamesupport.c b/games/phantasia/gamesupport.c index 2c9eaf6d098..0ab75d617ed 100644 --- a/games/phantasia/gamesupport.c +++ b/games/phantasia/gamesupport.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gamesupport.c,v 1.4 2000/06/29 07:39:43 pjanzen Exp $ */ +/* $OpenBSD: gamesupport.c,v 1.5 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: gamesupport.c,v 1.3 1995/04/24 12:24:28 cgd Exp $ */ /* @@ -231,7 +231,8 @@ changestats(ingameflag) truncstring(Databuf); if (Databuf[0] != '\0') if (Wizard || findname(Databuf, &Other) < 0L) - strcpy(playerp->p_name, Databuf); + strlcpy(playerp->p_name, Databuf, + sizeof playerp->p_name); } else /* get new password */ { @@ -705,10 +706,13 @@ enterscore() if ((!found) || Player.p_level > sbuf.sb_level) /* put new entry in for this login */ { - strcpy(sbuf.sb_login, Player.p_login); - strcpy(sbuf.sb_name, Player.p_name); + strlcpy(sbuf.sb_login, Player.p_login, + sizeof sbuf.sb_login); + strlcpy(sbuf.sb_name, Player.p_name, + sizeof sbuf.sb_name); sbuf.sb_level = Player.p_level; - strcpy(sbuf.sb_type, descrtype(&Player, TRUE)); + strlcpy(sbuf.sb_type, descrtype(&Player, TRUE), + sizeof sbuf.sb_type); } /* update entry */ fseek(fp, loc, SEEK_SET); diff --git a/games/phantasia/main.c b/games/phantasia/main.c index 3bfed797ffa..03b87df4a10 100644 --- a/games/phantasia/main.c +++ b/games/phantasia/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.11 2002/12/06 21:48:51 millert Exp $ */ +/* $OpenBSD: main.c,v 1.12 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: main.c,v 1.3 1995/04/24 12:24:37 cgd Exp $ */ /* @@ -793,7 +793,8 @@ titlelist() Other.p_status != S_NOTUSED) /* found the king */ { - sprintf(Databuf, "The present ruler is %s Level:%.0f", + snprintf(Databuf, sizeof Databuf, + "The present ruler is %s Level:%.0f", Other.p_name, Other.p_level); mvaddstr(4, 40 - strlen(Databuf) / 2, Databuf); kingfound = TRUE; @@ -808,7 +809,9 @@ titlelist() if (Other.p_specialtype == SC_VALAR && Other.p_status != S_NOTUSED) /* found the valar */ { - sprintf(Databuf, "The Valar is %s Login: %s", Other.p_name, Other.p_login); + snprintf(Databuf, sizeof Databuf, + "The Valar is %s Login: %s", Other.p_name, + Other.p_login); mvaddstr(6, 40 - strlen(Databuf) / 2, Databuf); break; } @@ -824,7 +827,8 @@ titlelist() councilfound = TRUE; } /* This assumes a finite (<=5) number of C.O.W.: */ - sprintf(Databuf, "%s Login: %s", Other.p_name, Other.p_login); + snprintf(Databuf, sizeof Databuf, + "%s Login: %s", Other.p_name, Other.p_login); mvaddstr(Lines++, 40 - strlen(Databuf) / 2, Databuf); } /* search for the two highest players */ @@ -841,8 +845,8 @@ titlelist() hiexp = Other.p_experience; nxtlvl = hilvl; hilvl = Other.p_level; - strcpy(nxtname, hiname); - strcpy(hiname, Other.p_name); + strlcpy(nxtname, hiname, sizeof nxtname); + strlcpy(hiname, Other.p_name, sizeof hiname); } else if (Other.p_experience > nxtexp && Other.p_specialtype <= SC_KING @@ -851,10 +855,11 @@ titlelist() { nxtexp = Other.p_experience; nxtlvl = Other.p_level; - strcpy(nxtname, Other.p_name); + strlcpy(nxtname, Other.p_name, sizeof nxtname); } mvaddstr(15, 28, "Highest characters are:"); - sprintf(Databuf, "%s Level:%.0f and %s Level:%.0f", + snprintf(Databuf, sizeof Databuf, + "%s Level:%.0f and %s Level:%.0f", hiname, hilvl, nxtname, nxtlvl); mvaddstr(17, 40 - strlen(Databuf) / 2, Databuf); diff --git a/games/phantasia/misc.c b/games/phantasia/misc.c index e756d7c850c..7f895d00db8 100644 --- a/games/phantasia/misc.c +++ b/games/phantasia/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.10 2003/03/11 04:47:39 david Exp $ */ +/* $OpenBSD: misc.c,v 1.11 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: misc.c,v 1.2 1995/03/24 03:59:03 cgd Exp $ */ /* @@ -161,9 +161,10 @@ descrlocation(playerp, shortflag) } if (shortflag) - sprintf(Databuf, "%.29s", label); + snprintf(Databuf, sizeof Databuf, "%.29s", label); else - sprintf(Databuf, " is in %s (%.0f,%.0f)", label, playerp->p_x, playerp->p_y); + snprintf(Databuf, sizeof Databuf, + " is in %s (%.0f,%.0f)", label, playerp->p_x, playerp->p_y); return (Databuf); } @@ -638,7 +639,7 @@ descrtype(playerp, shortflag) ++type; if (playerp->p_crowns > 0) { - strcpy(Databuf, results[type]); + strlcpy(Databuf, results[type], sizeof Databuf); Databuf[0] = '*'; return (Databuf); } else @@ -901,7 +902,8 @@ death(how) "Your ring has taken control of you and turned you into a monster!\n"); fseek(Monstfp, 13L * SZ_MONSTERSTRUCT, SEEK_SET); fread((char *) &Curmonster, SZ_MONSTERSTRUCT, 1, Monstfp); - strcpy(Curmonster.m_name, Player.p_name); + strlcpy(Curmonster.m_name, Player.p_name, + sizeof Curmonster.m_name); fseek(Monstfp, 13L * SZ_MONSTERSTRUCT, SEEK_SET); fwrite((char *) &Curmonster, SZ_MONSTERSTRUCT, 1, Monstfp); fflush(Monstfp); diff --git a/games/phantasia/phantglobs.h b/games/phantasia/phantglobs.h index 81d187d9c1f..41700ea20d5 100644 --- a/games/phantasia/phantglobs.h +++ b/games/phantasia/phantglobs.h @@ -1,4 +1,4 @@ -/* $OpenBSD: phantglobs.h,v 1.4 2002/02/16 21:27:11 millert Exp $ */ +/* $OpenBSD: phantglobs.h,v 1.5 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: phantglobs.h,v 1.3 1995/04/24 12:24:39 cgd Exp $ */ /* @@ -52,7 +52,7 @@ extern FILE *Monstfp; /* pointer to open monster file */ extern FILE *Messagefp; /* pointer to open message file */ extern FILE *Energyvoidfp; /* pointer to open energy void file */ -extern char Databuf[]; /* a place to read data into */ +extern char Databuf[SZ_DATABUF]; /* a place to read data into */ /* some canned strings for messages */ extern char Illcmd[]; diff --git a/games/phantasia/setup.c b/games/phantasia/setup.c index dfdad09a1b3..2434e609122 100644 --- a/games/phantasia/setup.c +++ b/games/phantasia/setup.c @@ -1,4 +1,4 @@ -/* $OpenBSD: setup.c,v 1.7 2002/12/06 21:48:51 millert Exp $ */ +/* $OpenBSD: setup.c,v 1.8 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: setup.c,v 1.4 1995/04/24 12:24:41 cgd Exp $ */ /* @@ -167,7 +167,7 @@ main(argc, argv) &Curmonster.m_experience, &Curmonster.m_treasuretype, &Curmonster.m_type, &Curmonster.m_flock); Databuf[24] = '\0'; - strcpy(Curmonster.m_name, Databuf); + strlcpy(Curmonster.m_name, Databuf, sizeof Curmonster.m_name); fwrite((char *) &Curmonster, SZ_MONSTERSTRUCT, 1, Monstfp); } fclose(fp); diff --git a/games/quiz/quiz.c b/games/quiz/quiz.c index a403a468850..ec60350dbfb 100644 --- a/games/quiz/quiz.c +++ b/games/quiz/quiz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: quiz.c,v 1.12 2002/12/06 21:48:51 millert Exp $ */ +/* $OpenBSD: quiz.c,v 1.13 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: quiz.c,v 1.9 1995/04/22 10:16:58 cgd Exp $ */ /*- @@ -48,7 +48,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)quiz.c 8.3 (Berkeley) 5/4/95"; #else -static char rcsid[] = "$OpenBSD: quiz.c,v 1.12 2002/12/06 21:48:51 millert Exp $"; +static char rcsid[] = "$OpenBSD: quiz.c,v 1.13 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -265,7 +265,7 @@ quiz() qp->q_answered = TRUE; continue; } - (void)strcpy(question, t); + (void)strlcpy(question, t, sizeof question); s = qp->q_text; for (i = 0; i < cattwo - 1; i++) s = next_cat(s); diff --git a/games/rogue/pack.c b/games/rogue/pack.c index d041214153a..801a872c455 100644 --- a/games/rogue/pack.c +++ b/games/rogue/pack.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pack.c,v 1.7 2002/07/18 07:13:57 pjanzen Exp $ */ +/* $OpenBSD: pack.c,v 1.8 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: pack.c,v 1.3 1995/04/22 10:27:54 cgd Exp $ */ /* @@ -41,7 +41,7 @@ #if 0 static char sccsid[] = "@(#)pack.c 8.1 (Berkeley) 5/31/93"; #else -static const char rcsid[] = "$OpenBSD: pack.c,v 1.7 2002/07/18 07:13:57 pjanzen Exp $"; +static const char rcsid[] = "$OpenBSD: pack.c,v 1.8 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -365,7 +365,7 @@ wear() return; } obj->identified = 1; - (void) strcpy(desc, "wearing "); + (void) strlcpy(desc, "wearing ", sizeof desc); get_desc(obj, desc, sizeof(desc)); messagef(0, "wearing %s", desc); do_wear(obj); diff --git a/games/rogue/save.c b/games/rogue/save.c index 9013fd4f76e..36aad72b36a 100644 --- a/games/rogue/save.c +++ b/games/rogue/save.c @@ -1,4 +1,4 @@ -/* $OpenBSD: save.c,v 1.7 2002/07/26 19:56:07 pjanzen Exp $ */ +/* $OpenBSD: save.c,v 1.8 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: save.c,v 1.3 1995/04/22 10:28:21 cgd Exp $ */ /* @@ -41,7 +41,7 @@ #if 0 static char sccsid[] = "@(#)save.c 8.1 (Berkeley) 5/31/93"; #else -static const char rcsid[] = "$OpenBSD: save.c,v 1.7 2002/07/26 19:56:07 pjanzen Exp $"; +static const char rcsid[] = "$OpenBSD: save.c,v 1.8 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -107,8 +107,10 @@ save_into_file(sfile) if (sfile[0] == '~') { if ((hptr = md_getenv("HOME"))) { if (strlen(hptr) + strlen(sfile+1) < sizeof(name_buffer)) { - (void) strcpy(name_buffer, hptr); - (void) strcat(name_buffer, sfile+1); + (void) strlcpy(name_buffer, hptr, + sizeof name_buffer); + (void) strlcat(name_buffer, sfile+1, + sizeof name_buffer); sfile = name_buffer; } else { messagef(0, "homedir is too long"); diff --git a/games/sail/dr_1.c b/games/sail/dr_1.c index c03b5b51bab..b034b99f41f 100644 --- a/games/sail/dr_1.c +++ b/games/sail/dr_1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dr_1.c,v 1.2 1999/01/18 06:20:51 pjanzen Exp $ */ +/* $OpenBSD: dr_1.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: dr_1.c,v 1.4 1995/04/24 12:25:10 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)dr_1.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: dr_1.c,v 1.2 1999/01/18 06:20:51 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: dr_1.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -190,7 +190,8 @@ fightitout(from, to, key) subtract(from, totalfrom, crewfrom, fromcap, pcfrom); subtract(to, totalto, crewto, tocap, pcto); makemsg(from, "boarders from %s repelled", to->shipname); - (void) sprintf(message, "killed in melee: %d. %s: %d", + (void) snprintf(message, sizeof message, + "killed in melee: %d. %s: %d", totalto, from->shipname, totalfrom); Writestr(W_SIGNAL, to, message); if (key) @@ -222,10 +223,12 @@ fightitout(from, to, key) subtract(to, mento, crewto, tocap, pcto); subtract(from, - mento, crewfrom, to, 0); } - (void) sprintf(message, "captured by the %s!", + (void) snprintf(message, sizeof message, + "captured by the %s!", to->shipname); Writestr(W_SIGNAL, from, message); - (void) sprintf(message, "killed in melee: %d. %s: %d", + (void) snprintf(message, sizeof message, + "killed in melee: %d. %s: %d", totalto, from->shipname, totalfrom); Writestr(W_SIGNAL, to, message); mento = 0; diff --git a/games/sail/dr_2.c b/games/sail/dr_2.c index 209f5be2c41..69bff447c30 100644 --- a/games/sail/dr_2.c +++ b/games/sail/dr_2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dr_2.c,v 1.2 1999/01/18 06:20:52 pjanzen Exp $ */ +/* $OpenBSD: dr_2.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: dr_2.c,v 1.4 1995/04/24 12:25:12 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)dr_2.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: dr_2.c,v 1.2 1999/01/18 06:20:52 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: dr_2.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -139,9 +139,10 @@ str_end(str) } void -closeon(from, to, command, ta, ma, af) +closeon(from, to, command, commandl, ta, ma, af) struct ship *from, *to; char command[]; + size_t commandl; int ma, ta, af; { int high; @@ -149,14 +150,16 @@ closeon(from, to, command, ta, ma, af) temp[0] = command[0] = '\0'; high = -30000; - try(command, temp, ma, ta, af, ma, from->file->dir, from, to, &high, 0); + try(command, commandl, temp, sizeof temp, ma, ta, af, ma, from->file->dir, + from, to, &high, 0); } const int dtab[] = {0,1,1,2,3,4,4,5}; /* diagonal distances in x==y */ int -score(movement, ship, to, onlytemp) +score(movement, movementl, ship, to, onlytemp) char movement[]; + size_t movementl; struct ship *ship, *to; char onlytemp; { @@ -171,7 +174,7 @@ score(movement, ship, to, onlytemp) drift = fp->drift; move_ship(movement, ship, &fp->dir, &fp->row, &fp->col, &drift); if (!*movement) - (void) strcpy(movement, "d"); + (void) strlcpy(movement, "d", movementl); ran = range(ship, to); total = -50 * ran; @@ -234,10 +237,14 @@ move_ship(p, ship, dir, row, col, drift) } void -try(command, temp, ma, ta, af, vma, dir, f, t, high, rakeme) +try(command, commandl, temp, templ, ma, ta, af, vma, dir, f, t, high, rakeme) + char command[]; + size_t commandl; + char temp[]; + size_t templ; + int ma, ta, af, vma, dir; struct ship *f, *t; - int ma, ta, af, vma, dir, *high, rakeme; - char command[], temp[]; + int *high, rakeme; { int new, n; char st[4]; @@ -245,35 +252,35 @@ try(command, temp, ma, ta, af, vma, dir, f, t, high, rakeme) if ((n = str_end(temp)) < '1' || n > '9') for (n = 1; vma - n >= 0; n++) { - (void) sprintf(st, "%d", n); - (void) strcat(temp, st); - new = score(temp, f, t, rakeme); + (void) snprintf(st, sizeof st, "%d", n); + (void) strlcat(temp, st, templ); + new = score(temp, templ, f, t, rakeme); if (new > *high && (!rakeme || rakeyou)) { *high = new; - (void) strcpy(command, temp); + (void) strlcpy(command, temp, commandl); } - try(command, temp, ma-n, ta, af, vma-n, + try(command, commandl, temp, templ, ma-n, ta, af, vma-n, dir, f, t, high, rakeme); rmend(temp); } if ((ma > 0 && ta > 0 && (n = str_end(temp)) != 'l' && n != 'r') || !strlen(temp)) { - (void) strcat(temp, "r"); - new = score(temp, f, t, rakeme); + (void) strlcat(temp, "r", templ); + new = score(temp, templ, f, t, rakeme); if (new > *high && (!rakeme || (gunsbear(f, t) && !gunsbear(t, f)))) { *high = new; - (void) strcpy(command, temp); + (void) strlcpy(command, temp, commandl); } - try(command, temp, ma-1, ta-1, af, min(ma-1, maxmove(f, (dir == 8 ? 1 : dir+1), 0)), (dir == 8 ? 1 : dir+1),f,t,high,rakeme); + try(command, commandl, temp, templ, ma-1, ta-1, af, min(ma-1, maxmove(f, (dir == 8 ? 1 : dir+1), 0)), (dir == 8 ? 1 : dir+1),f,t,high,rakeme); rmend(temp); } if ((ma > 0 && ta > 0 && (n = str_end(temp)) != 'l' && n != 'r') || !strlen(temp)){ - (void) strcat(temp, "l"); - new = score(temp, f, t, rakeme); + (void) strlcat(temp, "l", templ); + new = score(temp, templ, f, t, rakeme); if (new > *high && (!rakeme || (gunsbear(f, t) && !gunsbear(t, f)))){ *high = new; - (void) strcpy(command, temp); + (void) strlcpy(command, temp, commandl); } - try(command, temp, ma-1, ta-1, af, (min(ma-1,maxmove(f, (dir-1 ? dir-1 : 8), 0))), (dir-1 ? dir -1 : 8), f, t, high, rakeme); + try(command, commandl, temp, templ, ma-1, ta-1, af, (min(ma-1,maxmove(f, (dir-1 ? dir-1 : 8), 0))), (dir-1 ? dir -1 : 8), f, t, high, rakeme); rmend(temp); } } diff --git a/games/sail/dr_3.c b/games/sail/dr_3.c index f7e84d8f5fc..cadabd06722 100644 --- a/games/sail/dr_3.c +++ b/games/sail/dr_3.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dr_3.c,v 1.2 1999/01/18 06:20:52 pjanzen Exp $ */ +/* $OpenBSD: dr_3.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: dr_3.c,v 1.3 1995/04/22 10:36:49 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)dr_3.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: dr_3.c,v 1.2 1999/01/18 06:20:52 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: dr_3.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -73,6 +73,7 @@ moveall() /* move all comp ships */ *sp->file->movebuf = '\0'; else closeon(sp, closest, sp->file->movebuf, + sizeof sp->file->movebuf, ta, ma, af); } else *sp->file->movebuf = '\0'; @@ -86,10 +87,12 @@ moveall() /* move all comp ships */ n = 0; foreachship(sp) { if (snagged(sp)) - (void) strcpy(sp->file->movebuf, "d"); + (void) strlcpy(sp->file->movebuf, "d", + sizeof sp->file->movebuf); else if (*sp->file->movebuf != 'd') - (void) strcat(sp->file->movebuf, "d"); + (void) strlcat(sp->file->movebuf, "d", + sizeof sp->file->movebuf); row[n] = sp->file->row; col[n] = sp->file->col; dir[n] = sp->file->dir; diff --git a/games/sail/extern.h b/games/sail/extern.h index 23760ac305d..55d20707e82 100644 --- a/games/sail/extern.h +++ b/games/sail/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.6 2002/02/17 19:42:21 millert Exp $ */ +/* $OpenBSD: extern.h,v 1.7 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: extern.h,v 1.8 1998/09/13 15:27:30 hubertf Exp $ */ /* @@ -321,10 +321,10 @@ void thinkofgrapples(void); void checkup(void); void prizecheck(void); int str_end(const char *); -void closeon(struct ship *, struct ship *, char[], int, int, int); -int score(char[], struct ship *, struct ship *, int); +void closeon(struct ship *, struct ship *, char[], size_t, int, int, int); +int score(char[], size_t, struct ship *, struct ship *, int); void move_ship(const char *, struct ship *, unsigned char *, short *, short *, char *); -void try(char[], char [], int, int, int, int, int, struct ship *, +void try(char[], size_t, char [], size_t, int, int, int, int, int, struct ship *, struct ship *, int *, int); void rmend(char *); diff --git a/games/sail/lo_main.c b/games/sail/lo_main.c index ea79e0e8b6d..918f72ed894 100644 --- a/games/sail/lo_main.c +++ b/games/sail/lo_main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lo_main.c,v 1.3 2001/03/09 08:36:24 pjanzen Exp $ */ +/* $OpenBSD: lo_main.c,v 1.4 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: lo_main.c,v 1.3 1995/04/22 10:36:59 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)lo_main.c 8.2 (Berkeley) 4/28/95"; #else -static char rcsid[] = "$OpenBSD: lo_main.c,v 1.3 2001/03/09 08:36:24 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: lo_main.c,v 1.4 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -86,10 +86,10 @@ lo_main() while (fread((char *)&log, sizeof log, 1, fp) == 1 && log.l_name[0] != '\0') { if (longfmt && (pass = getpwuid(log.l_uid)) != NULL) - (void) sprintf(sbuf, "%10.10s (%s)", + (void) snprintf(sbuf, sizeof sbuf, "%10.10s (%s)", log.l_name, pass->pw_name); else - (void) sprintf(sbuf, "%20.20s", log.l_name); + (void) snprintf(sbuf, sizeof sbuf, "%20.20s", log.l_name); ship = &scene[log.l_gamenum].ship[log.l_shipnum]; printf("%-10s %21s of the %15s %3d points, %5.2f equiv\n", title[n++], sbuf, ship->shipname, log.l_netpoints, diff --git a/games/sail/misc.c b/games/sail/misc.c index bea2d896ace..e31c486fe54 100644 --- a/games/sail/misc.c +++ b/games/sail/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.2 1999/01/18 06:20:53 pjanzen Exp $ */ +/* $OpenBSD: misc.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: misc.c,v 1.3 1995/04/22 10:37:03 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)misc.c 8.2 (Berkeley) 4/28/95"; #else -static char rcsid[] = "$OpenBSD: misc.c,v 1.2 1999/01/18 06:20:53 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: misc.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -235,7 +235,8 @@ logger(s) / scene[lp->l_gamenum].ship[lp->l_shipnum].specs->pts) { (void) fwrite((char *)log, sizeof (struct logs), lp - log, fp); - (void) strcpy(log[NLOG-1].l_name, s->file->captain); + (void) strlcpy(log[NLOG-1].l_name, s->file->captain, + sizeof log[NLOG-1].l_name); log[NLOG-1].l_uid = getuid(); log[NLOG-1].l_shipnum = s->file->index; log[NLOG-1].l_gamenum = game; diff --git a/games/sail/pl_5.c b/games/sail/pl_5.c index fd78af65bd5..cc68b648d0d 100644 --- a/games/sail/pl_5.c +++ b/games/sail/pl_5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pl_5.c,v 1.2 1999/01/18 06:20:53 pjanzen Exp $ */ +/* $OpenBSD: pl_5.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: pl_5.c,v 1.4 1995/04/24 12:25:21 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)pl_5.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: pl_5.c,v 1.2 1999/01/18 06:20:53 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: pl_5.c,v 1.3 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -65,7 +65,8 @@ acceptmove() ta = maxturns(ms, &af); ma = maxmove(ms, mf->dir, 0); - (void) sprintf(prompt, "move (%d,%c%d): ", ma, af ? '\'' : ' ', ta); + (void) snprintf(prompt, sizeof prompt, + "move (%d,%c%d): ", ma, af ? '\'' : ' ', ta); sgetstr(prompt, buf, sizeof buf); dir = mf->dir; vma = ma; @@ -140,9 +141,9 @@ acceptmove() } } if (*buf) - (void) strcpy(movebuf, buf); + (void) strlcpy(movebuf, buf, sizeof movebuf); else - (void) strcpy(movebuf, "d"); + (void) strlcpy(movebuf, "d", sizeof movebuf); Writestr(W_MOVE, ms, movebuf); Msg("Helm: %s.", movebuf); } diff --git a/games/sail/pl_main.c b/games/sail/pl_main.c index 22ff6e9cf45..a369ca0da30 100644 --- a/games/sail/pl_main.c +++ b/games/sail/pl_main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pl_main.c,v 1.7 2001/02/17 20:15:00 pjanzen Exp $ */ +/* $OpenBSD: pl_main.c,v 1.8 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: pl_main.c,v 1.5 1995/04/24 12:25:25 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)pl_main.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: pl_main.c,v 1.7 2001/02/17 20:15:00 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: pl_main.c,v 1.8 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -203,7 +203,7 @@ reprint: (void) fflush(stdout); (void) fgets(captain, sizeof captain, stdin); if (!*captain || *captain == '\n') - (void) strcpy(captain, "no name"); + (void) strlcpy(captain, "no name", sizeof captain); else if (captain[strlen(captain) - 1] == '\n') captain[strlen(captain) - 1] = '\0'; } diff --git a/games/sail/sync.c b/games/sail/sync.c index e0832531838..458b57be061 100644 --- a/games/sail/sync.c +++ b/games/sail/sync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sync.c,v 1.3 2002/02/19 19:39:36 millert Exp $ */ +/* $OpenBSD: sync.c,v 1.4 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: sync.c,v 1.9 1998/08/30 09:19:40 veego Exp $ */ /* @@ -39,7 +39,7 @@ #if 0 static char sccsid[] = "@(#)sync.c 8.2 (Berkeley) 4/28/95"; #else -static char rcsid[] = "$OpenBSD: sync.c,v 1.3 2002/02/19 19:39:36 millert Exp $"; +static char rcsid[] = "$OpenBSD: sync.c,v 1.4 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -104,7 +104,7 @@ makesignal(struct ship *from, const char *fmt, struct ship *ship, ...) va_start(ap, ship); fmtship(format, sizeof(format), fmt, ship); - (void) vsprintf(message, format, ap); + (void) vsnprintf(message, sizeof message, format, ap); va_end(ap); Writestr(W_SIGNAL, from, message); } @@ -116,7 +116,7 @@ makemsg(struct ship *from, const char *fmt, ...) va_list ap; va_start(ap, fmt); - (void) vsprintf(message, fmt, ap); + (void) vsnprintf(message, sizeof message, fmt, ap); va_end(ap); Writestr(W_SIGNAL, from, message); } @@ -129,7 +129,7 @@ sync_exists(game) struct stat s; time_t t; - (void) sprintf(buf, SF, game); + (void) snprintf(buf, sizeof buf, SF, game); (void) time(&t); setegid(egid); if (stat(buf, &s) < 0) { @@ -138,7 +138,7 @@ sync_exists(game) } if (s.st_mtime < t - 60*60*2) { /* 2 hours */ (void) unlink(buf); - (void) sprintf(buf, LF, game); + (void) snprintf(buf, sizeof buf, LF, game); (void) unlink(buf); setegid(gid); return 0; @@ -154,8 +154,8 @@ sync_open() if (sync_fp != NULL) (void) fclose(sync_fp); - (void) sprintf(sync_lock, LF, game); - (void) sprintf(sync_file, SF, game); + (void) snprintf(sync_lock, sizeof sync_lock, LF, game); + (void) snprintf(sync_file, sizeof sync_file, SF, game); setegid(egid); if (stat(sync_file, &tmp) < 0) { mode_t omask = umask(002); @@ -189,8 +189,9 @@ Write(type, ship, a, b, c, d) struct ship *ship; long a, b, c, d; { - (void) sprintf(sync_bp, "%d %d 0 %ld %ld %ld %ld\n", - type, ship->file->index, a, b, c, d); + (void) snprintf(sync_bp, sync_buf + sizeof sync_buf - sync_bp, + "%d %d 0 %ld %ld %ld %ld\n", + type, ship->file->index, a, b, c, d); while (*sync_bp++) ; sync_bp--; @@ -205,8 +206,9 @@ Writestr(type, ship, a) struct ship *ship; const char *a; { - (void) sprintf(sync_bp, "%d %d 1 %s\n", - type, ship->file->index, a); + (void) snprintf(sync_bp, sync_buf + sizeof sync_buf - sync_bp, + "%d %d 1 %s\n", + type, ship->file->index, a); while (*sync_bp++) ; sync_bp--; diff --git a/games/tetris/scores.c b/games/tetris/scores.c index 2afcfe4b36c..affbe22e7c3 100644 --- a/games/tetris/scores.c +++ b/games/tetris/scores.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scores.c,v 1.7 2002/05/31 04:21:30 pjanzen Exp $ */ +/* $OpenBSD: scores.c,v 1.8 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: scores.c,v 1.2 1995/04/22 07:42:38 cgd Exp $ */ /*- @@ -193,7 +193,7 @@ savescore(level) break; } if (i >= nscores) { - strcpy(sp->hs_name, me); + strlcpy(sp->hs_name, me, sizeof sp->hs_name); sp->hs_level = level; sp->hs_score = score; sp->hs_time = now; diff --git a/games/tetris/tetris.c b/games/tetris/tetris.c index 59b89f2a355..88d33187b87 100644 --- a/games/tetris/tetris.c +++ b/games/tetris/tetris.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tetris.c,v 1.15 2002/12/06 21:48:51 millert Exp $ */ +/* $OpenBSD: tetris.c,v 1.16 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: tetris.c,v 1.2 1995/04/22 07:42:47 cgd Exp $ */ /*- @@ -210,7 +210,7 @@ main(argc, argv) } } - sprintf(key_msg, + snprintf(key_msg, sizeof key_msg, "%s - left %s - rotate %s - right %s - drop %s - pause %s - quit", key_write[0], key_write[1], key_write[2], key_write[3], key_write[4], key_write[5]); diff --git a/games/trek/getpar.c b/games/trek/getpar.c index 1ee21389923..38e5f3fa262 100644 --- a/games/trek/getpar.c +++ b/games/trek/getpar.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getpar.c,v 1.9 2002/05/31 04:21:30 pjanzen Exp $ */ +/* $OpenBSD: getpar.c,v 1.10 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: getpar.c,v 1.4 1995/04/24 12:25:57 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)getpar.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: getpar.c,v 1.9 2002/05/31 04:21:30 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: getpar.c,v 1.10 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -157,8 +157,8 @@ getcodpar(s, tab) c = 4; for (r = tab; r->abrev; r++) { - strcpy(input, r->abrev); - strcat(input, r->full); + strlcpy(input, r->abrev, sizeof input); + strlcat(input, r->full, sizeof input); printf("%14.14s", input); if (--c > 0) continue; @@ -215,7 +215,7 @@ getstrpar(s, r, l, t) if (t == 0) t = " \t\n;"; - (void)sprintf(format, "%%%d[^%s]", l, t); + (void)snprintf(format, sizeof format, "%%%d[^%s]", l, t); while (1) { if ((f = testnl()) && s) diff --git a/games/trek/shield.c b/games/trek/shield.c index b9e8d60d302..1bad07eb1e3 100644 --- a/games/trek/shield.c +++ b/games/trek/shield.c @@ -1,4 +1,4 @@ -/* $OpenBSD: shield.c,v 1.4 2002/05/31 04:21:30 pjanzen Exp $ */ +/* $OpenBSD: shield.c,v 1.5 2003/04/06 18:50:38 deraadt Exp $ */ /* $NetBSD: shield.c,v 1.4 1995/04/24 12:26:09 cgd Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)shield.c 8.1 (Berkeley) 5/31/93"; #else -static char rcsid[] = "$OpenBSD: shield.c,v 1.4 2002/05/31 04:21:30 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: shield.c,v 1.5 2003/04/06 18:50:38 deraadt Exp $"; #endif #endif /* not lint */ @@ -125,9 +125,11 @@ shield(f) else { if (*stat) - (void)sprintf(s, "%s %s up. Do you want %s down", device, dev2, dev3); + (void)snprintf(s, sizeof s, + "%s %s up. Do you want %s down", device, dev2, dev3); else - (void)sprintf(s, "%s %s down. Do you want %s up", device, dev2, dev3); + (void)snprintf(s, sizeof s, + "%s %s down. Do you want %s up", device, dev2, dev3); if (!getynpar(s)) return; i = !*stat; -- cgit v1.2.3