From 614d3b268363cdee32aba3cafe8e123fe69ac75d Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Fri, 24 May 2002 21:22:38 +0000 Subject: try to use strlcpy and snprintf more; ok various --- lib/libc/gen/auth_subr.c | 4 ++-- lib/libc/gen/authenticate.c | 8 ++++---- lib/libc/gen/basename.c | 8 ++++---- lib/libc/gen/dirname.c | 8 ++++---- lib/libc/gen/disklabel.c | 14 +++++++------- lib/libc/gen/getgrent.c | 18 ++++++++++-------- lib/libc/gen/getpwent.c | 4 ++-- lib/libc/gen/glob.c | 4 ++-- 8 files changed, 35 insertions(+), 33 deletions(-) (limited to 'lib/libc/gen') diff --git a/lib/libc/gen/auth_subr.c b/lib/libc/gen/auth_subr.c index 15b1f3a9591..c99233d62c9 100644 --- a/lib/libc/gen/auth_subr.c +++ b/lib/libc/gen/auth_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth_subr.c,v 1.9 2002/03/13 21:39:41 millert Exp $ */ +/* $OpenBSD: auth_subr.c,v 1.10 2002/05/24 21:22:37 deraadt Exp $ */ /*- * Copyright (c) 1995,1996,1997 Berkeley Software Design, Inc. @@ -981,7 +981,7 @@ _add_rmlist(auth_session_t *as, char *file) } rm->file = (char *)(rm + 1); rm->next = as->rmlist; - strcpy(rm->file, file); + strlcpy(rm->file, file, i); as->rmlist = rm; } diff --git a/lib/libc/gen/authenticate.c b/lib/libc/gen/authenticate.c index 9aaba58253e..a7903d3c0d0 100644 --- a/lib/libc/gen/authenticate.c +++ b/lib/libc/gen/authenticate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authenticate.c,v 1.9 2002/03/20 17:17:15 mpech Exp $ */ +/* $OpenBSD: authenticate.c,v 1.10 2002/05/24 21:22:37 deraadt Exp $ */ /*- * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. @@ -208,7 +208,7 @@ auth_approval(auth_session_t *as, login_cap_t *lc, char *name, char *type) return (0); } if (pwd == NULL && (approve = strchr(name, '.')) != NULL) { - strcpy(path, name); + strlcpy(path, name, sizeof path); path[approve-name] = '\0'; pwd = getpwnam(name); } @@ -301,7 +301,7 @@ auth_usercheck(char *name, char *style, char *type, char *password) if (strlen(name) >= sizeof(namebuf)) return (NULL); - strcpy(namebuf, name); + strlcpy(namebuf, name, sizeof namebuf); name = namebuf; /* @@ -367,7 +367,7 @@ auth_userchallenge(char *name, char *style, char *type, char **challengep) if (strlen(name) >= sizeof(namebuf)) return (NULL); - strcpy(namebuf, name); + strlcpy(namebuf, name, sizeof namebuf); name = namebuf; /* diff --git a/lib/libc/gen/basename.c b/lib/libc/gen/basename.c index 7707cdb52bf..9aa31be2473 100644 --- a/lib/libc/gen/basename.c +++ b/lib/libc/gen/basename.c @@ -1,4 +1,4 @@ -/* $OpenBSD: basename.c,v 1.6 2001/06/28 04:27:19 pjanzen Exp $ */ +/* $OpenBSD: basename.c,v 1.7 2002/05/24 21:22:37 deraadt Exp $ */ /* * Copyright (c) 1997 Todd C. Miller @@ -28,7 +28,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: basename.c,v 1.6 2001/06/28 04:27:19 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: basename.c,v 1.7 2002/05/24 21:22:37 deraadt Exp $"; #endif /* not lint */ #include @@ -45,7 +45,7 @@ basename(path) /* Empty or NULL string gets treated as "." */ if (path == NULL || *path == '\0') { - (void)strcpy(bname, "."); + (void)strlcpy(bname, ".", sizeof bname); return(bname); } @@ -56,7 +56,7 @@ basename(path) /* All slashes becomes "/" */ if (endp == path && *endp == '/') { - (void)strcpy(bname, "/"); + (void)strlcpy(bname, "/", sizeof bname); return(bname); } diff --git a/lib/libc/gen/dirname.c b/lib/libc/gen/dirname.c index 839c785348c..ade0f97410c 100644 --- a/lib/libc/gen/dirname.c +++ b/lib/libc/gen/dirname.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dirname.c,v 1.6 2001/06/28 04:27:19 pjanzen Exp $ */ +/* $OpenBSD: dirname.c,v 1.7 2002/05/24 21:22:37 deraadt Exp $ */ /* * Copyright (c) 1997 Todd C. Miller @@ -28,7 +28,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: dirname.c,v 1.6 2001/06/28 04:27:19 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: dirname.c,v 1.7 2002/05/24 21:22:37 deraadt Exp $"; #endif /* not lint */ #include @@ -45,7 +45,7 @@ dirname(path) /* Empty or NULL string gets treated as "." */ if (path == NULL || *path == '\0') { - (void)strcpy(bname, "."); + (void)strlcpy(bname, ".", sizeof bname); return(bname); } @@ -60,7 +60,7 @@ dirname(path) /* Either the dir is "/" or there are no slashes */ if (endp == path) { - (void)strcpy(bname, *endp == '/' ? "/" : "."); + (void)strlcpy(bname, *endp == '/' ? "/" : ".", sizeof bname); return(bname); } else { do { diff --git a/lib/libc/gen/disklabel.c b/lib/libc/gen/disklabel.c index f6c8fce726c..b55e7e63c08 100644 --- a/lib/libc/gen/disklabel.c +++ b/lib/libc/gen/disklabel.c @@ -32,7 +32,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$OpenBSD: disklabel.c,v 1.6 2002/02/16 21:27:22 millert Exp $"; +static char rcsid[] = "$OpenBSD: disklabel.c,v 1.7 2002/05/24 21:22:37 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -114,11 +114,11 @@ getdiskbyname(name) getnumdflt(dp->d_trkseek, "ts", 0); getnumdflt(dp->d_bbsize, "bs", BBSIZE); getnumdflt(dp->d_sbsize, "sb", SBSIZE); - strcpy(psize, "px"); - strcpy(pbsize, "bx"); - strcpy(pfsize, "fx"); - strcpy(poffset, "ox"); - strcpy(ptype, "tx"); + strlcpy(psize, "px", sizeof psize); + strlcpy(pbsize, "bx", sizeof pbsize); + strlcpy(pfsize, "fx", sizeof pfsize); + strlcpy(poffset, "ox", sizeof poffset); + strlcpy(ptype, "tx", sizeof ptype); max = 'a' - 1; pp = &dp->d_partitions[0]; for (p = 'a'; p < 'a' + MAXPARTITIONS; p++, pp++) { @@ -146,7 +146,7 @@ getdiskbyname(name) } } dp->d_npartitions = max + 1 - 'a'; - (void)strcpy(psize, "dx"); + (void)strlcpy(psize, "dx", sizeof psize); dx = dp->d_drivedata; for (p = '0'; p < '0' + NDDATA; p++, dx++) { psize[1] = p; diff --git a/lib/libc/gen/getgrent.c b/lib/libc/gen/getgrent.c index 28c5024b5e8..e977e7a8d52 100644 --- a/lib/libc/gen/getgrent.c +++ b/lib/libc/gen/getgrent.c @@ -33,7 +33,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$OpenBSD: getgrent.c,v 1.15 2002/02/16 21:27:22 millert Exp $"; +static char rcsid[] = "$OpenBSD: getgrent.c,v 1.16 2002/05/24 21:22:37 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -386,16 +386,18 @@ grscan(search, gid, name, p_gr, gs) continue; if (name) { r = yp_match(__ypdomain, - "group.byname", - name, strlen(name), - &data, &datalen); + "group.byname", + name, strlen(name), + &data, &datalen); } else { char buf[20]; - sprintf(buf, "%u", gid); + + snprintf(buf, sizeof buf, + "%u", gid); r = yp_match(__ypdomain, - "group.bygid", - buf, strlen(buf), - &data, &datalen); + "group.bygid", + buf, strlen(buf), + &data, &datalen); } if (r != 0) continue; diff --git a/lib/libc/gen/getpwent.c b/lib/libc/gen/getpwent.c index 0ddc32e44b4..f82e8b5f689 100644 --- a/lib/libc/gen/getpwent.c +++ b/lib/libc/gen/getpwent.c @@ -33,7 +33,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$OpenBSD: getpwent.c,v 1.24 2002/02/19 19:39:36 millert Exp $"; +static char rcsid[] = "$OpenBSD: getpwent.c,v 1.25 2002/05/24 21:22:37 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -767,7 +767,7 @@ getpwuid(uid_t uid) int s = -1; const char *host, *user, *dom; - sprintf(uidbuf, "%u", uid); + snprintf(uidbuf, sizeof uidbuf, "%u", uid); for (_pw_keynum=1; _pw_keynum; _pw_keynum++) { bf[0] = _PW_KEYBYNUM; bcopy((char *)&_pw_keynum, bf + 1, sizeof(_pw_keynum)); diff --git a/lib/libc/gen/glob.c b/lib/libc/gen/glob.c index aa918f41a8a..23ca3d55108 100644 --- a/lib/libc/gen/glob.c +++ b/lib/libc/gen/glob.c @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)glob.c 8.3 (Berkeley) 10/13/93"; #else -static char rcsid[] = "$OpenBSD: glob.c,v 1.18 2002/02/17 19:42:22 millert Exp $"; +static char rcsid[] = "$OpenBSD: glob.c,v 1.19 2002/05/24 21:22:37 deraadt Exp $"; #endif #endif /* LIBC_SCCS and not lint */ @@ -812,7 +812,7 @@ g_opendir(str, pglob) char buf[MAXPATHLEN]; if (!*str) - strcpy(buf, "."); + strlcpy(buf, ".", sizeof buf); else { if (g_Ctoc(str, buf, sizeof(buf))) return(NULL); -- cgit v1.2.3