From 01acd14e84aa80dc43b4a04c42224541bf77a5ec Mon Sep 17 00:00:00 2001 From: Peter Valchev Date: Sat, 2 Jun 2007 01:29:13 +0000 Subject: safer snprintf construct with more paranoid length calculation ok millert --- sbin/isakmpd/log.c | 4 ++-- sbin/isakmpd/message.c | 4 ++-- sbin/isakmpd/sa.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) (limited to 'sbin/isakmpd') diff --git a/sbin/isakmpd/log.c b/sbin/isakmpd/log.c index 77376d47148..c52086f5dcf 100644 --- a/sbin/isakmpd/log.c +++ b/sbin/isakmpd/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.59 2006/09/19 10:48:41 otto Exp $ */ +/* $OpenBSD: log.c,v 1.60 2007/06/02 01:29:11 pvalchev Exp $ */ /* $EOM: log.c,v 1.30 2000/09/29 08:19:23 niklas Exp $ */ /* @@ -259,7 +259,7 @@ log_debug_buf(int cls, int level, const char *header, const u_int8_t *buf, log_debug(cls, level, "%s:", header); for (i = j = 0; i < sz;) { snprintf(s + j, sizeof s - j, "%02x", buf[i++]); - j += 2; + j += strlen(s + j); if (i % 4 == 0) { if (i % 32 == 0) { s[j] = '\0'; diff --git a/sbin/isakmpd/message.c b/sbin/isakmpd/message.c index 1ce3900cf49..e71015d3bd8 100644 --- a/sbin/isakmpd/message.c +++ b/sbin/isakmpd/message.c @@ -1,4 +1,4 @@ -/* $OpenBSD: message.c,v 1.125 2007/04/16 13:01:39 moritz Exp $ */ +/* $OpenBSD: message.c,v 1.126 2007/06/02 01:29:11 pvalchev Exp $ */ /* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */ /* @@ -1931,7 +1931,7 @@ message_dump_raw(char *header, struct message *msg, int class) for (j = 0; j < msg->iov[i].iov_len; j++) { snprintf(p, sizeof buf - (int) (p - buf), "%02x", ((u_int8_t *) msg->iov[i].iov_base)[j]); - p += 2; + p += strlen(p); if (++k % 32 == 0) { *p = '\0'; LOG_DBG((class, 70, "%s: %s", header, buf)); diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c index f8556a04a42..bf7c7b0f551 100644 --- a/sbin/isakmpd/sa.c +++ b/sbin/isakmpd/sa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sa.c,v 1.111 2007/04/16 13:01:39 moritz Exp $ */ +/* $OpenBSD: sa.c,v 1.112 2007/06/02 01:29:12 pvalchev Exp $ */ /* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */ /* @@ -463,7 +463,7 @@ report_spi(FILE *fd, const u_int8_t *buf, size_t sz, int spi) for (i = j = 0; i < sz;) { snprintf(s + j, sizeof s - j, "%02x", buf[i++]); - j += 2; + j += strlen(s + j); if (i % 4 == 0) { if (i % 32 == 0) { s[j] = '\0'; -- cgit v1.2.3