diff --git a/appl/ftp/common/glob.c b/appl/ftp/common/glob.c index 8f19d7ca4..7dd69514e 100644 --- a/appl/ftp/common/glob.c +++ b/appl/ftp/common/glob.c @@ -748,7 +748,7 @@ g_opendir(Char *str, glob_t *pglob) char buf[MaxPathLen]; if (!*str) - strcpy(buf, "."); + strcpy_truncate(buf, ".", sizeof(buf)); else g_Ctoc(str, buf); diff --git a/appl/ftp/ftp/Makefile.in b/appl/ftp/ftp/Makefile.in index 15cc5cdd3..7944e3f1c 100644 --- a/appl/ftp/ftp/Makefile.in +++ b/appl/ftp/ftp/Makefile.in @@ -42,7 +42,7 @@ ftp_SOURCES = \ domacro.c \ ftp.c \ globals.c \ - kauth.c + kauth.c \ krb4.c \ main.c \ ruserpass.c \ @@ -54,7 +54,7 @@ ftp_OBJS = \ domacro.o \ ftp.o \ globals.o \ - kauth.o + kauth.o \ krb4.o \ main.o \ ruserpass.o \ diff --git a/appl/ftp/ftp/cmds.c b/appl/ftp/ftp/cmds.c index 85ede7c2d..cbb9e66de 100644 --- a/appl/ftp/ftp/cmds.c +++ b/appl/ftp/ftp/cmds.c @@ -119,12 +119,17 @@ setpeer(int argc, char **argv) /* * Set up defaults for FTP. */ - strcpy(typename, "ascii"), type = TYPE_A; + strcpy_truncate(typename, "ascii", sizeof(typename)); + type = TYPE_A; curtype = TYPE_A; - strcpy(formname, "non-print"), form = FORM_N; - strcpy(modename, "stream"), mode = MODE_S; - strcpy(structname, "file"), stru = STRU_F; - strcpy(bytename, "8"), bytesize = 8; + strcpy_truncate(formname, "non-print", sizeof(formname)); + form = FORM_N; + strcpy_truncate(modename, "stream", sizeof(modename)); + mode = MODE_S; + strcpy_truncate(structname, "file", sizeof(structname)); + stru = STRU_F; + strcpy_truncate(bytename, "8", sizeof(bytename)); + bytesize = 8; if (autologin) login(argv[1]); @@ -165,7 +170,7 @@ setpeer(int argc, char **argv) * for text files unless changed by the user. */ type = 0; - strcpy(typename, "binary"); + strcpy_truncate(typename, "binary", sizeof(typename)); if (overbose) printf("Using %s mode to transfer files.\n", typename); @@ -238,7 +243,7 @@ settype(int argc, char **argv) else comret = command("TYPE %s", p->t_mode); if (comret == COMPLETE) { - strcpy(typename, p->t_name); + strcpy_truncate(typename, p->t_name, sizeof(typename)); curtype = type = p->t_type; } } @@ -754,7 +759,7 @@ remglob(char **argv, int doswitch) } if (ftemp == NULL) { int fd; - strcpy(temp, _PATH_TMP_XXX); + strcpy_truncate(temp, _PATH_TMP_XXX, sizeof(temp)); fd = mkstemp(temp); if(fd < 0){ warn("unable to create temporary file %s", temp); @@ -1210,8 +1215,8 @@ shell(int argc, char **argv) namep = strrchr(shell,'/'); if (namep == NULL) namep = shell; - strcpy(shellnam,"-"); - strcat(shellnam, ++namep); + snprintf (shellnam, sizeof(shellnam), + "-%s", ++namep); if (strcmp(namep, "sh") != 0) shellnam[0] = '+'; if (debug) { @@ -1386,17 +1391,14 @@ site(int argc, char **argv) void quote1(char *initial, int argc, char **argv) { - int i, len; + int i; char buf[BUFSIZ]; /* must be >= sizeof(line) */ - strcpy(buf, initial); - if (argc > 1) { - len = strlen(buf); - len += strlen(strcpy(&buf[len], argv[1])); - for (i = 2; i < argc; i++) { - buf[len++] = ' '; - len += strlen(strcpy(&buf[len], argv[i])); - } + strcpy_truncate(buf, initial, sizeof(buf)); + for(i = 1; i < argc; i++) { + if(i > 1) + strcat_truncate(buf, " ", sizeof(buf)); + strcat_truncate(buf, argv[i], sizeof(buf)); } if (command(buf) == PRELIM) { while (getreply(0) == PRELIM) @@ -1548,12 +1550,11 @@ account(int argc, char **argv) if (argc > 1) { ++argv; --argc; - strncpy(acct,*argv,49); - acct[49] = '\0'; + strcpy_truncate (acct, *argv, sizeof(acct)); while (argc > 1) { --argc; ++argv; - strncat(acct,*argv, 49-strlen(acct)); + strcat_truncate(acct, *argv, sizeof(acct)); } } else { @@ -1665,14 +1666,12 @@ setntrans(int argc, char **argv) } ntflag++; code = ntflag; - strncpy(ntin, argv[1], 16); - ntin[16] = '\0'; + strcpy_truncate (ntin, argv[1], 17); if (argc == 2) { ntout[0] = '\0'; return; } - strncpy(ntout, argv[2], 16); - ntout[16] = '\0'; + strcpy_truncate (ntout, argv[2], 17); } char * @@ -1729,10 +1728,10 @@ setnmap(int argc, char **argv) cp = strchr(altarg, ' '); } *cp = '\0'; - strncpy(mapin, altarg, MaxPathLen - 1); + strcpy_truncate(mapin, altarg, MaxPathLen); while (*++cp == ' ') continue; - strncpy(mapout, cp, MaxPathLen - 1); + strcpy_truncate(mapout, cp, MaxPathLen); } char * @@ -1984,7 +1983,9 @@ macdef(int argc, char **argv) if (interactive) { printf("Enter macro line by line, terminating it with a null line\n"); } - strncpy(macros[macnum].mac_name, argv[1], 8); + strcpy_truncate(macros[macnum].mac_name, + argv[1], + sizeof(macros[macnum].mac_name)); if (macnum == 0) { macros[macnum].mac_start = macbuf; } diff --git a/appl/ftp/ftp/domacro.c b/appl/ftp/ftp/domacro.c index 3d26d5d31..47af7f696 100644 --- a/appl/ftp/ftp/domacro.c +++ b/appl/ftp/ftp/domacro.c @@ -56,7 +56,7 @@ domacro(int argc, char **argv) code = -1; return; } - strcpy(line2, line); + strcpy_truncate(line2, line, sizeof(line2)); TOP: cp1 = macros[i].mac_start; while (cp1 != macros[i].mac_end) { diff --git a/appl/ftp/ftp/ftp.c b/appl/ftp/ftp/ftp.c index c5f1c15de..28926f87c 100644 --- a/appl/ftp/ftp/ftp.c +++ b/appl/ftp/ftp/ftp.c @@ -53,13 +53,13 @@ char * hookup(char *host, int port) { struct hostent *hp = 0; - int s, len, tos; - static char hostnamebuf[80]; + int s, len; + static char hostnamebuf[MaxHostNameLen]; memset(&hisctladdr, 0, sizeof (hisctladdr)); if(inet_aton(host, &hisctladdr.sin_addr)){ hisctladdr.sin_family = AF_INET; - strncpy(hostnamebuf, host, sizeof(hostnamebuf)); + strcpy_truncate (hostnamebuf, host, sizeof (hostnamebuf)); } else { hp = gethostbyname(host); if (hp == NULL) { @@ -71,8 +71,7 @@ hookup(char *host, int port) memmove(&hisctladdr.sin_addr, hp->h_addr_list[0], sizeof(hisctladdr.sin_addr)); - strncpy(hostnamebuf, hp->h_name, sizeof(hostnamebuf)); - hostnamebuf[sizeof(hostnamebuf) - 1] = '\0'; + strcpy_truncate (hostnamebuf, hp->h_name, sizeof (hostnamebuf)); } hostname = hostnamebuf; s = socket(hisctladdr.sin_family, SOCK_STREAM, 0); @@ -116,9 +115,12 @@ hookup(char *host, int port) goto bad; } #if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - tos = IPTOS_LOWDELAY; + { + int tos = IPTOS_LOWDELAY; + if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos, sizeof(int)) < 0) warn("setsockopt TOS (ignored)"); + } #endif cin = fdopen(s, "r"); cout = fdopen(s, "w"); @@ -168,6 +170,7 @@ login(char *host) char *myname = NULL; struct passwd *pw = k_getpwuid(getuid()); + if (pw != NULL) myname = pw->pw_name; @@ -195,7 +198,7 @@ login(char *host) else user = tmp; } - strcpy(username, user); + strcpy_truncate(username, user, sizeof(username)); n = command("USER %s", user); if (n == CONTINUE) { if(sec_complete) @@ -204,10 +207,12 @@ login(char *host) char prompt[128]; if(myname && (!strcmp(user, "ftp") || !strcmp(user, "anonymous"))){ - snprintf(defaultpass, sizeof(defaultpass), "%s@%s", myname, mydomain); - snprintf(prompt, sizeof(prompt), "Password (%s): ", defaultpass); + snprintf(defaultpass, sizeof(defaultpass), + "%s@%s", myname, mydomain); + snprintf(prompt, sizeof(prompt), + "Password (%s): ", defaultpass); }else{ - strcpy(defaultpass, ""); + *defaultpass = '\0'; snprintf(prompt, sizeof(prompt), "Password: "); } pass = defaultpass; @@ -233,7 +238,7 @@ login(char *host) return (1); for (n = 0; n < macnum; ++n) { if (!strcmp("init", macros[n].mac_name)) { - strcpy(line, "$init"); + strcpy_truncate (line, "$init", sizeof (line)); makeargv(); domacro(margc, margv); break; @@ -337,7 +342,7 @@ getreply(int expecteof) fprintf(cout, "%c%c%c", IAC, WONT, getc(cin)); continue; case '\n': - *p++ = 0; + *p++ = '\0'; if(isdigit(buf[0])){ sscanf(buf, "%d", &code); if(code == 631){ @@ -373,13 +378,14 @@ getreply(int expecteof) #endif if(code == 227){ char *p, *q; + pasv[0] = 0; p = strchr(reply_string, '('); if(p){ p++; q = strchr(p, ')'); if(q){ - strncpy(pasv, p, q - p); + memcpy (pasv, p, q - p); pasv[q - p] = 0; } } @@ -503,7 +509,6 @@ getreply(int expecteof) sec_read_msg(reply_string, prot_confidential); n = code / 100 + '0'; } - if (n != '1') cpend = 0; signal(SIGINT,oldintr); @@ -514,6 +519,7 @@ getreply(int expecteof) return (n - '0'); } } + #endif int @@ -608,6 +614,7 @@ sendrequest(char *cmd, char *local, char *remote, int printnames) int c, d; FILE *fin, *dout = 0; int (*closefunc) (FILE *); + RETSIGTYPE (*oldintr)(), (*oldintp)(); long bytes = 0, hashbytes = HASHBYTES; char *lmode; @@ -726,8 +733,7 @@ sendrequest(char *cmd, char *local, char *remote, int printnames) (*closefunc)(fin); return; } - } else - if (command("%s", cmd) != PRELIM) { + } else if (command ("%s", cmd) != PRELIM) { signal(SIGINT, oldintr); if (oldintp) signal(SIGPIPE, oldintp); @@ -906,8 +912,7 @@ recvrequest(char *cmd, char *local, char *remote, code = -1; return; } - } - else if (runique && (local = gunique(local)) == NULL) { + } else if (runique && (local = gunique (local)) == NULL) { signal(SIGINT, oldintr); code = -1; return; @@ -1031,7 +1036,6 @@ recvrequest(char *cmd, char *local, char *remote, return; } } - while ((c = sec_getc(din)) != EOF) { if (c == '\n') bare_lfs++; @@ -1102,7 +1106,6 @@ abort: signal(SIGINT, oldintr); return; } - abort_remote(din); code = -1; if (data >= 0) { @@ -1148,11 +1151,10 @@ initconn(void) } /* - * What we've got at this point is a string of comma - * separated one-byte unsigned integer values. - * The first four are the an IP address. The fifth is - * the MSB of the port number, the sixth is the LSB. - * From that we'll prepare a sockaddr_in. + * What we've got at this point is a string of comma separated + * one-byte unsigned integer values. The first four are the an IP + * address. The fifth is the MSB of the port number, the sixth is the + * LSB. From that we'll prepare a sockaddr_in. */ if (sscanf(pasv,"%d,%d,%d,%d,%d,%d", @@ -1170,7 +1172,6 @@ initconn(void) printf("Can't parse passive mode string.\n"); goto bad; } - memset(&data_addr, 0, sizeof(data_addr)); data_addr.sin_family = AF_INET; data_addr.sin_addr.s_addr = htonl((a0 << 24) | (a1 << 16) | @@ -1190,7 +1191,6 @@ initconn(void) #endif return(0); } - noport: data_addr = myctladdr; if (sendport) @@ -1230,6 +1230,7 @@ noport: if (sendport) { unsigned int a = ntohl(data_addr.sin_addr.s_addr); unsigned int p = ntohs(data_addr.sin_port); + result = command("PORT %d,%d,%d,%d,%d,%d", (a >> 24) & 0xff, (a >> 16) & 0xff, @@ -1372,8 +1373,7 @@ pswitch(int flag) ip->connect = connected; connected = op->connect; if (hostname) { - strncpy(ip->name, hostname, sizeof(ip->name) - 1); - ip->name[strlen(ip->name)] = '\0'; + strcpy_truncate (ip->name, hostname, sizeof (ip->name)); } else ip->name[0] = 0; hostname = op->name; @@ -1399,20 +1399,16 @@ pswitch(int flag) mcase = op->mcse; ip->ntflg = ntflag; ntflag = op->ntflg; - strncpy(ip->nti, ntin, 16); - (ip->nti)[strlen(ip->nti)] = '\0'; - strcpy(ntin, op->nti); - strncpy(ip->nto, ntout, 16); - (ip->nto)[strlen(ip->nto)] = '\0'; - strcpy(ntout, op->nto); + strcpy_truncate (ip->nti, ntin, sizeof (ip->nti)); + strcpy_truncate (ntin, op->nti, 17); + strcpy_truncate (ip->nto, ntout, sizeof (ip->nto)); + strcpy_truncate (ntout, op->nto, 17); ip->mapflg = mapflag; mapflag = op->mapflg; - strncpy(ip->mi, mapin, MaxPathLen - 1); - (ip->mi)[strlen(ip->mi)] = '\0'; - strcpy(mapin, op->mi); - strncpy(ip->mo, mapout, MaxPathLen - 1); - (ip->mo)[strlen(ip->mo)] = '\0'; - strcpy(mapout, op->mo); + strcpy_truncate (ip->mi, mapin, MaxPathLen); + strcpy_truncate (mapin, op->mi, MaxPathLen); + strcpy_truncate (ip->mo, mapout, MaxPathLen); + strcpy_truncate (mapout, op->mo, MaxPathLen); signal(SIGINT, oldintr); if (abrtflag) { abrtflag = 0; @@ -1563,8 +1559,7 @@ reset(int argc, char **argv) warn("reset"); code = -1; lostpeer(0); - } - else if (nfnd) { + } else if (nfnd) { getreply(0); } } @@ -1587,7 +1582,7 @@ gunique(char *local) warn("local: %s", local); return NULL; } - strcpy(new, local); + strcpy_truncate (new, local, sizeof(new)); cp = new + strlen(new); *cp++ = '.'; while (!d) { diff --git a/appl/ftp/ftp/krb4.c b/appl/ftp/ftp/krb4.c index 3e00d3af5..c84810353 100644 --- a/appl/ftp/ftp/krb4.c +++ b/appl/ftp/ftp/krb4.c @@ -146,14 +146,14 @@ krb4_adat(void *app_data, void *buf, size_t len) memcpy(d->key, auth_dat.session, sizeof(d->key)); des_set_key(&d->key, d->schedule); - strcpy(d->name, auth_dat.pname); - strcpy(d->instance, auth_dat.pinst); - strcpy(d->realm, auth_dat.prealm); + strcpy_truncate(d->name, auth_dat.pname, sizeof(d->name)); + strcpy_truncate(d->instance, auth_dat.pinst, sizeof(d->instance)); + strcpy_truncate(d->realm, auth_dat.prealm, sizeof(d->instance)); cs = auth_dat.checksum + 1; { unsigned char tmp[4]; - krb_put_int(cs, tmp, 4); + krb_put_int(cs, tmp, 4, sizeof(tmp)); len = krb_mk_safe(tmp, msg, 4, &d->key, &LOCAL_ADDR, &REMOTE_ADDR); } if(len < 0){ @@ -203,15 +203,15 @@ mk_auth(struct krb4_data *d, KTEXT adat, int ret; CREDENTIALS cred; char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ]; - strcpy(sname, service); - strcpy(inst, krb_get_phost(host)); - strcpy(realm, krb_realmofhost(host)); + strcpy_truncate(sname, service, sizeof(sname)); + strcpy_truncate(inst, krb_get_phost(host), sizeof(inst)); + strcpy_truncate(realm, krb_realmofhost(host), sizeof(realm)); ret = krb_mk_req(adat, sname, inst, realm, checksum); if(ret) return ret; - strcpy(sname, service); - strcpy(inst, krb_get_phost(host)); - strcpy(realm, krb_realmofhost(host)); + strcpy_truncate(sname, service, sizeof(sname)); + strcpy_truncate(inst, krb_get_phost(host), sizeof(inst)); + strcpy_truncate(realm, krb_realmofhost(host), sizeof(realm)); ret = krb_get_cred(sname, inst, realm, &cred); memmove(&d->key, &cred.session, sizeof(des_cblock)); des_key_sched(&d->key, d->schedule); diff --git a/appl/ftp/ftp/main.c b/appl/ftp/ftp/main.c index 2b8b9af4f..fdf3d1a62 100644 --- a/appl/ftp/ftp/main.c +++ b/appl/ftp/ftp/main.c @@ -104,8 +104,8 @@ main(int argc, char **argv) */ pw = k_getpwuid(getuid()); if (pw != NULL) { + strcpy_truncate(homedir, pw->pw_dir, sizeof(homedir)); home = homedir; - strcpy(home, pw->pw_dir); } if (argc > 0) { char *xargv[5]; @@ -243,8 +243,7 @@ cmdscanner(int top) p = readline("ftp> "); if(p == NULL) quit(0, 0); - strncpy(line, p, sizeof(line)); - line[sizeof(line) - 1] = 0; + strcpy_truncate(line, p, sizeof(line)); add_history(p); free(p); } else{ diff --git a/appl/ftp/ftp/ruserpass.c b/appl/ftp/ftp/ruserpass.c index eea5b0320..0a375de56 100644 --- a/appl/ftp/ftp/ruserpass.c +++ b/appl/ftp/ftp/ruserpass.c @@ -71,7 +71,7 @@ ruserpass(char *host, char **aname, char **apass, char **aacct) struct stat stb; if(gethostname(myhostname, MaxHostNameLen) < 0) - strcpy(myhostname, ""); + strcpy_truncate(myhostname, "", MaxHostNameLen); if((mydomain = strchr(myhostname, '.')) == NULL) mydomain = myhostname; else diff --git a/appl/ftp/ftpd/Makefile.in b/appl/ftp/ftpd/Makefile.in index fc8a16e08..dc87bbc03 100644 --- a/appl/ftp/ftpd/Makefile.in +++ b/appl/ftp/ftpd/Makefile.in @@ -23,6 +23,8 @@ MKINSTALLDIRS = $(top_srcdir)/mkinstalldirs INSTALL = @INSTALL@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ +LN_S = @LN_S@ + prefix = @prefix@ exec_prefix = @exec_prefix@ libdir = @libdir@ @@ -64,7 +66,7 @@ gssapi.c: $(LN_S) $(srcdir)/../ftp/gssapi.c . .c.o: - $(CC) -c -DFTP_SERVER -I$(srcdir) -I$(srcdir)/../common -I$(INCTOP) $(DEFS) $(CFLAGS) $(CPPFLAGS) $< + $(CC) -c -DFTP_SERVER -I. -I$(srcdir) -I$(srcdir)/../common -I$(INCTOP) $(DEFS) $(CFLAGS) $(CPPFLAGS) $< install: all $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir) diff --git a/appl/ftp/ftpd/ftpcmd.y b/appl/ftp/ftpd/ftpcmd.y index a008a87d2..f1e97e4a0 100644 --- a/appl/ftp/ftpd/ftpcmd.y +++ b/appl/ftp/ftpd/ftpcmd.y @@ -326,11 +326,11 @@ cmd { if(oobflag){ if (file_size != (off_t) -1) - reply(213, "Status: %ld of %ld bytes transferred", + reply(213, "Status: %lu of %lu bytes transferred", (unsigned long)byte_count, (unsigned long)file_size); else - reply(213, "Status: %ld bytes transferred", + reply(213, "Status: %lu bytes transferred", (unsigned long)byte_count); }else statcmd(); @@ -999,7 +999,7 @@ getline(char *s, int n) cs = s; /* tmpline may contain saved command from urgent mode interruption */ if(ftp_command){ - strncpy(s, ftp_command, n); + strcpy_truncate(s, ftp_command, n); if (debug) syslog(LOG_DEBUG, "command: %s", s); #ifdef XXX @@ -1338,16 +1338,21 @@ help(struct tab *ctab, char *s) columns = 1; lines = (NCMDS + columns - 1) / columns; for (i = 0; i < lines; i++) { - strcpy (buf, " "); + strcpy_truncate (buf, " ", sizeof(buf)); for (j = 0; j < columns; j++) { c = ctab + j * lines + i; - snprintf (buf + strlen(buf), sizeof(buf) - strlen(buf), - "%s%c", c->name, c->implemented ? ' ' : '*'); + snprintf (buf + strlen(buf), + sizeof(buf) - strlen(buf), + "%s%c", + c->name, + c->implemented ? ' ' : '*'); if (c + lines >= &ctab[NCMDS]) break; w = strlen(c->name) + 1; while (w < width) { - strcat(buf, " "); + strcat_truncate (buf, + " ", + sizeof(buf)); w++; } } @@ -1405,7 +1410,7 @@ sizecmd(char *filename) } fclose(fin); - reply(213, "%ld", (unsigned long)count); + reply(213, "%lu", (unsigned long)count); break; } default: reply(504, "SIZE not implemented for Type %c.", "?AEIL"[type]); diff --git a/appl/ftp/ftpd/ftpd.c b/appl/ftp/ftpd/ftpd.c index bcef44068..5caea8b17 100644 --- a/appl/ftp/ftpd/ftpd.c +++ b/appl/ftp/ftpd/ftpd.c @@ -135,12 +135,12 @@ static void usage(void); static char * curdir(void) { - static char path[MaxPathLen+1+1]; /* path + '/' + '\0' */ + static char path[MaxPathLen+1]; /* path + '/' + '\0' */ - if (getcwd(path, sizeof(path)-2) == NULL) + if (getcwd(path, sizeof(path)-1) == NULL) return (""); if (path[1] != '\0') /* special case for root dir. */ - strcat(path, "/"); + strcat_truncate(path, "/", sizeof(path)); /* For guest account, skip / since it's chrooted */ return (guest ? path+1 : path); } @@ -530,7 +530,7 @@ user(char *name) } } if (logging) - strncpy(curname, name, sizeof(curname)-1); + strcpy_truncate(curname, name, sizeof(curname)); if(sec_complete) { if(sec_userok(name) == 0) do_login(232, name); @@ -1092,14 +1092,14 @@ dataconn(char *name, off_t size, char *mode) { char sizebuf[32]; FILE *file; - int retry = 0, tos; + int retry = 0; file_size = size; byte_count = 0; if (size >= 0) snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", (long)size); else - strcpy(sizebuf, ""); + *sizebuf = '\0'; if (pdata >= 0) { struct sockaddr_in from; int s, fromlen = sizeof(from); @@ -1114,9 +1114,12 @@ dataconn(char *name, off_t size, char *mode) close(pdata); pdata = s; #if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - tos = IPTOS_THROUGHPUT; - setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos, - sizeof(int)); + { + int tos = IPTOS_THROUGHPUT; + + setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos, + sizeof(tos)); + } #endif reply(150, "Opening %s mode data connection for '%s'%s.", type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf); @@ -1608,7 +1611,7 @@ removedir(char *name) void pwd(void) { - char path[MaxPathLen + 1]; + char path[MaxPathLen]; char *ret; /* SunOS has a broken getcwd that does popen(pwd) (!!!), this diff --git a/appl/ftp/ftpd/kauth.c b/appl/ftp/ftpd/kauth.c index 49a02b58b..908e69390 100644 --- a/appl/ftp/ftpd/kauth.c +++ b/appl/ftp/ftpd/kauth.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -66,7 +66,7 @@ store_ticket(KTEXT cip) unsigned char kvno; KTEXT_ST tkt; int left = cip->length; - + int len; int kerror; ptr = (char *) cip->dat; @@ -76,29 +76,32 @@ store_ticket(KTEXT cip) ptr += 8; left -= 8; - if (strnlen(ptr, left) == left) + len = strnlen(ptr, left); + if (len == left) return(INTK_BADPW); /* extract server's name */ - strcpy(sp.name, ptr); - ptr += strlen(sp.name) + 1; - left -= strlen(sp.name) + 1; + strcpy_truncate(sp.name, ptr, sizeof(sp.name)); + ptr += len + 1; + left -= len + 1; - if (strnlen(ptr, left) == left) + len = strnlen(ptr, left); + if (len == left) return(INTK_BADPW); /* extract server's instance */ - strcpy(sp.instance, ptr); - ptr += strlen(sp.instance) + 1; - left -= strlen(sp.instance) + 1; + strcpy_truncate(sp.instance, ptr, sizeof(sp.instance)); + ptr += len + 1; + left -= len + 1; - if (strnlen(ptr, left) == left) + len = strnlen(ptr, left); + if (len == left) return(INTK_BADPW); /* extract server's realm */ - strcpy(sp.realm,ptr); - ptr += strlen(sp.realm) + 1; - left -= strlen(sp.realm) + 1; + strcpy_truncate(sp.realm, ptr, sizeof(sp.realm)); + ptr += len + 1; + left -= len + 1; if(left < 3) return INTK_BADPW; @@ -297,12 +300,12 @@ klist(void) " Issued", " Expires", " Principal (kvno)"); header = 0; } - strcpy(buf1, short_date(c.issue_date)); + strcpy_truncate(buf1, short_date(c.issue_date), sizeof(buf1)); c.issue_date = krb_life_to_time(c.issue_date, c.lifetime); if (time(0) < (unsigned long) c.issue_date) - strcpy(buf2, short_date(c.issue_date)); + strcpy_truncate(buf2, short_date(c.issue_date), sizeof(buf2)); else - strcpy(buf2, ">>> Expired <<< "); + strcpy_truncate(buf2, ">>> Expired <<< ", sizeof(buf2)); lreply(200, "%s %s %s (%d)", buf1, buf2, krb_unparse_name_long(c.service, c.instance, c.realm), c.kvno); } diff --git a/appl/ftp/ftpd/popen.c b/appl/ftp/ftpd/popen.c index 62b005ec3..ce4df55ad 100644 --- a/appl/ftp/ftpd/popen.c +++ b/appl/ftp/ftpd/popen.c @@ -89,10 +89,10 @@ ftp_rooted(const char *path) if(!home[0]) if((pwd = k_getpwnam("ftp"))) - strcpy(home, pwd->pw_dir); + strcpy_truncate(home, pwd->pw_dir, sizeof(home)); snprintf(newpath, sizeof(newpath), "%s/%s", home, path); if(access(newpath, X_OK)) - strcpy(newpath, path); + strcpy_truncate(newpath, path, sizeof(newpath)); return newpath; } diff --git a/appl/kx/common.c b/appl/kx/common.c index fdafba49a..29c818153 100644 --- a/appl/kx/common.c +++ b/appl/kx/common.c @@ -325,8 +325,7 @@ create_and_write_cookie (char *xauthfile, auth.data = (char*)cookie; des_rand_data (cookie, sz); - strncpy(xauthfile, "/tmp/AXXXXXX", size); - xauthfile[size-1] = 0; + strcpy_truncate(xauthfile, "/tmp/AXXXXXX", size); fd = mkstemp(xauthfile); if(fd < 0) { syslog(LOG_ERR, "create_and_write_cookie: mkstemp: %m"); diff --git a/appl/kx/kx.c b/appl/kx/kx.c index 1364a7a47..a60152c2e 100644 --- a/appl/kx/kx.c +++ b/appl/kx/kx.c @@ -236,8 +236,8 @@ doit_passive (char *host, char *user, int debugp, int keepalivep, p = msg; *p++ = INIT; len = strlen(user); - p += krb_put_int (len, p, 4); - strncpy(p, user, len); + p += krb_put_int (len, p, sizeof(msg) - 1, 4); + memcpy(p, user, len); p += len; *p++ = PASSIVE | (keepalivep ? KEEP_ALIVE : 0); if (write_encrypted (otherside, msg, p - msg, schedule, @@ -260,12 +260,12 @@ doit_passive (char *host, char *user, int debugp, int keepalivep, } else p++; p += krb_get_int (p, &tmp, 4, 0); - strncpy(display, p, tmp); + memcpy(display, p, tmp); display[tmp] = '\0'; p += tmp; p += krb_get_int (p, &tmp, 4, 0); - strncpy(xauthfile, p, tmp); + memcpy(xauthfile, p, tmp); xauthfile[tmp] = '\0'; p += tmp; @@ -358,6 +358,8 @@ doit_active (char *host, char *user, int tmp2; char *s; int i; + size_t rem; + u_int32_t other_port; otherside = connect_host (host, user, &key, schedule, port, &me, &him); @@ -372,28 +374,46 @@ doit_active (char *host, char *user, } #endif p = msg; + rem = sizeof(msg); *p++ = INIT; + --rem; len = strlen(user); - p += krb_put_int (len, p, 4); - strncpy(p, user, len); + tmp = krb_put_int (len, p, rem, 4); + if (tmp < 0) + return 1; + p += tmp; + rem -= tmp; + memcpy(p, user, len); p += len; + rem -= len; *p++ = (keepalivep ? KEEP_ALIVE : 0); + --rem; s = getenv("DISPLAY"); if (s == NULL || (s = strchr(s, ':')) == NULL) s = ":0"; len = strlen (s); - p += krb_put_int (len, p, 4); - strncpy (p, s, len); + tmp = krb_put_int (len, p, rem, 4); + if (tmp < 0) + return 1; + rem -= tmp; + p += tmp; + memcpy (p, s, len); p += len; + rem -= len; s = getenv("XAUTHORITY"); if (s == NULL) s = ""; len = strlen (s); - p += krb_put_int (len, p, 4); - strncpy (p, s, len); + tmp = krb_put_int (len, p, rem, 4); + if (tmp < 0) + return 1; p += len; + rem -= len; + memcpy (p, s, len); + p += len; + rem -= len; if (write_encrypted (otherside, msg, p - msg, schedule, &key, &me, &him) < 0) @@ -405,9 +425,11 @@ doit_active (char *host, char *user, err (1, "read from %s", host); p = (u_char *)ret; if (*p == ERROR) { + u_int32_t u32; + p++; - p += krb_get_int (p, &tmp, 4, 0); - errx (1, "%s: %.*s", host, (int)tmp, p); + p += krb_get_int (p, &u32, 4, 0); + errx (1, "%s: %.*s", host, (int)u32, p); } else if (*p != ACK) { errx (1, "%s: strange msg %d", host, *p); } else @@ -458,14 +480,16 @@ doit_active (char *host, char *user, err (1, "read from %s", host); p = (u_char *)ret; if (*p == ERROR) { + u_int32_t val; + p++; - p += krb_get_int (p, &tmp, 4, 0); - errx (1, "%s: %.*s", host, (int)tmp, p); + p += krb_get_int (p, &val, 4, 0); + errx (1, "%s: %.*s", host, (int)val, p); } else if (*p != NEW_CONN) { errx (1, "%s: strange msg %d", host, *p); } else { p++; - p += krb_get_int (p, &tmp, 4, 0); + p += krb_get_int (p, &other_port, 4, 0); } ++nchild; @@ -483,7 +507,7 @@ doit_active (char *host, char *user, addr = him; close (otherside); - addr.sin_port = htons(tmp); + addr.sin_port = htons(other_port); s = socket (AF_INET, SOCK_STREAM, 0); if (s < 0) err(1, "socket"); diff --git a/appl/kx/kxd.c b/appl/kx/kxd.c index 9ff50a396..472c5b61a 100644 --- a/appl/kx/kxd.c +++ b/appl/kx/kxd.c @@ -83,7 +83,7 @@ fatal (int fd, des_cblock *key, des_key_schedule schedule, vsnprintf (p + 4, sizeof(msg) - 5, format, args); syslog (LOG_ERR, p + 4); len = strlen (p + 4); - p += krb_put_int (len, p, 4); + p += krb_put_int (len, p, 4, 4); p += len; write_encrypted (fd, msg, p - msg, schedule, key, thisaddr, thataddr); va_end(args); @@ -113,8 +113,8 @@ recv_conn (int sock, des_cblock *key, des_key_schedule schedule, int status; KTEXT_ST ticket; AUTH_DAT auth; - char user[ANAME_SZ + 1]; - char instance[INST_SZ + 1]; + char user[ANAME_SZ]; + char instance[INST_SZ]; int addrlen; char version[KRB_SENDAUTH_VLEN + 1]; struct passwd *passwd; @@ -177,7 +177,7 @@ recv_conn (int sock, des_cblock *key, des_key_schedule schedule, p++; p += krb_get_int (p, &tmp, 4, 0); len = min(sizeof(user), tmp); - strncpy (user, p, len); + memcpy (user, p, len); p += tmp; user[len] = '\0'; @@ -208,12 +208,13 @@ recv_conn (int sock, des_cblock *key, des_key_schedule schedule, if (!(flags & PASSIVE)) { p += krb_get_int (p, &tmp, 4, 0); len = min(tmp, display_size); - strncpy (display, p, len); + memcpy (display, p, len); display[len] = '\0'; p += tmp; p += krb_get_int (p, &tmp, 4, 0); len = min(tmp, xauthfile_size); - strncpy (xauthfile, p, len); + memcpy (xauthfile, p, len); + xauthfile[len] = '\0'; p += tmp; } #if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) @@ -301,7 +302,7 @@ doit_conn (int fd, int meta_sock, int flags, } p = msg; *p++ = NEW_CONN; - p += krb_put_int (ntohs(addr.sin_port), p, 4); + p += krb_put_int (ntohs(addr.sin_port), p, 4, 4); if (write_encrypted (meta_sock, msg, p - msg, schedule, key, thisaddr, thataddr) < 0) { @@ -362,6 +363,7 @@ doit(int sock, int tcpp) if (flags & PASSIVE) { int tmp; int len; + size_t rem; tmp = get_xsockets (&nsockets, &sockets, tcpp); if (tmp < 0) { @@ -385,15 +387,37 @@ doit(int sock, int tcpp) } p = msg; + rem = sizeof(msg); *p++ = ACK; + --rem; + len = strlen (display); - p += krb_put_int (len, p, 4); - strncpy (p, display, len); + tmp = krb_put_int (len, p, rem, 4); + if (tmp < 0 || rem < len + 4) { + syslog (LOG_ERR, "doit: buffer too small"); + cleanup(nsockets, sockets); + return 1; + } + p += tmp; + rem -= tmp; + + memcpy (p, display, len); p += len; + rem -= len; + len = strlen (xauthfile); - p += krb_put_int (len, p, 4); - strncpy (p, xauthfile, len); + tmp = krb_put_int (len, p, rem, 4); + if (tmp < 0 || rem < len + 4) { + syslog (LOG_ERR, "doit: buffer too small"); + cleanup(nsockets, sockets); + return 1; + } + p += tmp; + rem -= tmp; + + memcpy (p, xauthfile, len); p += len; + rem -= len; if(write_encrypted (sock, msg, p - msg, schedule, &key, &me, &him) < 0) { diff --git a/appl/kx/rxterm.in b/appl/kx/rxterm.in index 8d4e9e2d8..4cc77676d 100644 --- a/appl/kx/rxterm.in +++ b/appl/kx/rxterm.in @@ -34,4 +34,4 @@ pid=$1 disp=${2}${screen} auth=$3 kill -USR1 $pid -rsh -n $rsh_args $host "env DISPLAY=$disp XAUTHORITY=$auth $term -T $title -n $title $xterm_args &" +rsh -n $rsh_args $host "/bin/sh -c 'DISPLAY=$disp XAUTHORITY=$auth $term -T $title -n $title $xterm_args /dev/null 2>/dev/null &'" diff --git a/appl/otp/otp.c b/appl/otp/otp.c index f889e727a..0c7fe0156 100644 --- a/appl/otp/otp.c +++ b/appl/otp/otp.c @@ -92,8 +92,7 @@ renew (int argc, char **argv, OtpAlgorithm *alg, char *user) newctx.alg = alg; newctx.user = user; newctx.n = atoi (argv[0]); - strncpy (newctx.seed, argv[1], sizeof(newctx.seed)); - newctx.seed[sizeof(newctx.seed) - 1] = '\0'; + strcpy_truncate (newctx.seed, argv[1], sizeof(newctx.seed)); strlwr(newctx.seed); snprintf (prompt, sizeof(prompt), "[ otp-%s %u %s ]", @@ -161,8 +160,7 @@ set (int argc, char **argv, OtpAlgorithm *alg, char *user) err (1, "out of memory"); ctx.n = atoi (argv[0]); - strncpy (ctx.seed, argv[1], sizeof(ctx.seed)); - ctx.seed[sizeof(ctx.seed) - 1] = '\0'; + strcpy_truncate (ctx.seed, argv[1], sizeof(ctx.seed)); strlwr(ctx.seed); do { if (des_read_pw_string (pw, sizeof(pw), "Pass-phrase: ", 1)) diff --git a/appl/popper/ChangeLog b/appl/popper/ChangeLog index 70e15a4cb..3480a143e 100644 --- a/appl/popper/ChangeLog +++ b/appl/popper/ChangeLog @@ -35,6 +35,11 @@ Sat Apr 4 15:13:56 1998 Assar Westerlund * popper.h: include +Sat Feb 7 10:07:39 1998 Assar Westerlund + + * pop_pass.c(krb4_verify_password: Don't use REALM_SZ + 1, just + REALM_SZ + Mon Dec 29 16:37:26 1997 Assar Westerlund * pop_updt.c (pop_updt): lseek before ftruncating the file. From diff --git a/appl/popper/pop_debug.c b/appl/popper/pop_debug.c index cdf35c7f3..ea01d1b39 100644 --- a/appl/popper/pop_debug.c +++ b/appl/popper/pop_debug.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -55,7 +55,8 @@ loop(int s) err(1, "select"); if(FD_ISSET(0, &fds)){ fgets(cmd, sizeof(cmd), stdin); - strcpy(cmd + strlen(cmd) - 1, "\r\n"); + cmd[strlen(cmd) - 1] = '\0'; + strcat_truncate (cmd, "\r\n", sizeof(cmd)); write(s, cmd, strlen(cmd)); } if(FD_ISSET(s, &fds)){ diff --git a/appl/popper/pop_dropcopy.c b/appl/popper/pop_dropcopy.c index 7e3502719..7abbbc8ca 100644 --- a/appl/popper/pop_dropcopy.c +++ b/appl/popper/pop_dropcopy.c @@ -73,7 +73,7 @@ pop_dropcopy(POP *p, struct passwd *pwp) * running as root. */ - strcpy(template, POP_TMPDROP); + strcpy_truncate(template, POP_TMPDROP, sizeof(template)); if ((tf_fd = mkstemp(template)) < 0 || (tf = fdopen(tf_fd, "w+")) == NULL) { pop_log(p,POP_PRIORITY, diff --git a/appl/popper/pop_get_command.c b/appl/popper/pop_get_command.c index 61d7fffb8..9c8918cb9 100644 --- a/appl/popper/pop_get_command.c +++ b/appl/popper/pop_get_command.c @@ -46,7 +46,7 @@ pop_get_command(POP *p, char *mp) /* Save a copy of the original client line */ #ifdef DEBUG - if(p->debug) strcpy (buf,mp); + if(p->debug) strcpy_truncate (buf, mp, sizeof(buf)); #endif /* DEBUG */ /* Parse the message into the parameter array */ diff --git a/appl/popper/pop_init.c b/appl/popper/pop_init.c index 5b76bc84e..5971e8289 100644 --- a/appl/popper/pop_init.c +++ b/appl/popper/pop_init.c @@ -307,8 +307,7 @@ pop_init(POP *p,int argcount,char **argmessage) /* Save the dotted decimal form of the client's IP address in the POP parameter block */ - strncpy (p->ipaddr, inet_ntoa(cs.sin_addr), sizeof(p->ipaddr)); - p->ipaddr[sizeof(p->ipaddr) - 1] = '\0'; + strcpy_truncate (p->ipaddr, inet_ntoa(cs.sin_addr), sizeof(p->ipaddr)); /* Save the client's port */ p->ipport = ntohs(cs.sin_port); @@ -320,7 +319,7 @@ pop_init(POP *p,int argcount,char **argmessage) if (ch == NULL){ pop_log(p,POP_PRIORITY, "Unable to get canonical name of client, err = %d",errno); - strcpy (p->client, p->ipaddr); + strcpy_truncate (p->client, p->ipaddr, sizeof(p->client)); } /* Save the cannonical name of the client host in the POP parameter block */ @@ -335,13 +334,12 @@ pop_init(POP *p,int argcount,char **argmessage) pop_log(p,POP_PRIORITY, "Client at \"%s\" resolves to an unknown host name \"%s\"", p->ipaddr,ch->h_name); - strcpy (p->client, p->ipaddr); + strcpy_truncate (p->client, p->ipaddr, sizeof(p->client)); } else { /* Save the host name (the previous value was destroyed by gethostbyname) */ - strncpy (p->client, ch_again->h_name, sizeof(p->client)); - p->client[sizeof(p->client) - 1] = '\0'; + strcpy_truncate (p->client, ch_again->h_name, sizeof(p->client)); /* Look for the client's IP address in the list returned for its name */ @@ -354,7 +352,7 @@ pop_init(POP *p,int argcount,char **argmessage) pop_log (p,POP_PRIORITY, "Client address \"%s\" not listed for its host name \"%s\"", p->ipaddr,ch->h_name); - strcpy (p->client, p->ipaddr); + strcpy_truncate (p->client, p->ipaddr, sizeof(p->client)); } } } diff --git a/appl/popper/pop_msg.c b/appl/popper/pop_msg.c index ea79afaab..b8bd2a5e6 100644 --- a/appl/popper/pop_msg.c +++ b/appl/popper/pop_msg.c @@ -46,7 +46,7 @@ pop_msg(POP *p, int stat, char *format, ...) pop_log(p,POP_PRIORITY,"%s",message); /* Append the */ - strncat(message, "\r\n", sizeof(message) - strlen(message)); + strcat_truncate(message, "\r\n", sizeof(message)); /* Send the message to the client */ fputs(message, p->output); diff --git a/appl/popper/pop_pass.c b/appl/popper/pop_pass.c index 1d48d366e..e1c3d21b5 100644 --- a/appl/popper/pop_pass.c +++ b/appl/popper/pop_pass.c @@ -12,7 +12,7 @@ static int krb4_verify_password (POP *p) { int status; - char lrealm[REALM_SZ + 1]; + char lrealm[REALM_SZ]; char tkt[MaxPathLen]; status = krb_get_lrealm(lrealm,1); diff --git a/appl/popper/pop_send.c b/appl/popper/pop_send.c index f8ca4bc50..0a0bf650a 100644 --- a/appl/popper/pop_send.c +++ b/appl/popper/pop_send.c @@ -115,10 +115,10 @@ pop_send(POP *p) *return_path_end = '\0'; if (strlen(return_path_adr) != 0 && *return_path_adr != '\n') { static char tmpbuf[MAXMSGLINELEN + 20]; - strcpy(tmpbuf, "Return-Path: "); - strcat(tmpbuf, return_path_adr); - strcat(tmpbuf, "\n"); - if (strlen(tmpbuf) < MAXMSGLINELEN) { + if (snprintf (tmpbuf, + sizeof(tmpbuf), + "Return-Path: %s\n", + return_path_adr) < MAXMSGLINELEN) { pop_sendline (p,tmpbuf); if (hangup) return pop_msg (p, POP_FAILURE, diff --git a/appl/popper/pop_user.c b/appl/popper/pop_user.c index 8bff168a6..c8cf08a69 100644 --- a/appl/popper/pop_user.c +++ b/appl/popper/pop_user.c @@ -16,7 +16,7 @@ pop_user (POP *p) { char ss[256]; - strcpy(p->user, p->pop_parm[1]); + strcpy_truncate(p->user, p->pop_parm[1], sizeof(p->user)); #ifdef OTP if (otp_challenge (&p->otp_ctx, p->user, ss, sizeof(ss)) == 0) { diff --git a/appl/telnet/ChangeLog b/appl/telnet/ChangeLog index 97ea49ea6..ace788370 100644 --- a/appl/telnet/ChangeLog +++ b/appl/telnet/ChangeLog @@ -20,6 +20,36 @@ Thu Mar 12 02:33:48 1998 Assar Westerlund * telnet/telnet_locl.h: include . From Gregory S. Stark +Sat Feb 21 15:12:38 1998 Assar Westerlund + + * telnetd/ext.h: add prototype for login_tty + + * telnet/utilities.c (printsub): `direction' is now an int. + + * libtelnet/misc-proto.h: add prototype for `printsub' + +Tue Feb 17 02:45:01 1998 Assar Westerlund + + * libtelnet/kerberos.c (kerberos4_is): cred.pname should be + cred.pinst. From + +Sun Feb 15 02:46:39 1998 Assar Westerlund + + * telnet/*/*.c: renamed `telnet' to `my_telnet' to avoid + conflicts with system header files on mklinux. + +Tue Feb 10 02:09:03 1998 Assar Westerlund + + * telnetd/telnetd.c: new signature for `getterminaltype' and + `auth_wait' + + * libtelnet: changed the signature of the authentication method + `status' + +Sat Feb 7 07:21:29 1998 Assar Westerlund + + * */*.c: replace HAS_GETTOS by HAVE_PARSETOS and HAVE_GETTOSBYNAME + Fri Dec 26 16:17:10 1997 Assar Westerlund * telnet/commands.c (tn): repair support for numeric addresses diff --git a/appl/telnet/libtelnet/auth-proto.h b/appl/telnet/libtelnet/auth-proto.h index e462fb4a3..bd2ba24c5 100644 --- a/appl/telnet/libtelnet/auth-proto.h +++ b/appl/telnet/libtelnet/auth-proto.h @@ -58,7 +58,7 @@ #ifdef AUTHENTICATION Authenticator *findauthenticator (int, int); -int auth_wait (char *); +int auth_wait (char *, size_t); void auth_disable_name (char *); void auth_finished (Authenticator *, int); void auth_gen_printsub (unsigned char *, int, unsigned char *, int); @@ -105,7 +105,7 @@ int kerberos4_send_mutual (Authenticator *); int kerberos4_send_oneway (Authenticator *); void kerberos4_is (Authenticator *, unsigned char *, int); void kerberos4_reply (Authenticator *, unsigned char *, int); -int kerberos4_status (Authenticator *, char *, int); +int kerberos4_status (Authenticator *, char *, size_t, int); void kerberos4_printsub (unsigned char *, int, unsigned char *, int); int kerberos4_forward(Authenticator *ap, void *); #endif @@ -116,7 +116,7 @@ int kerberos5_send_mutual (Authenticator *); int kerberos5_send_oneway (Authenticator *); void kerberos5_is (Authenticator *, unsigned char *, int); void kerberos5_reply (Authenticator *, unsigned char *, int); -int kerberos5_status (Authenticator *, char *, int); +int kerberos5_status (Authenticator *, char *, size_t, int); void kerberos5_printsub (unsigned char *, int, unsigned char *, int); #endif #endif diff --git a/appl/telnet/libtelnet/auth.c b/appl/telnet/libtelnet/auth.c index 203b84585..d258e3aa8 100644 --- a/appl/telnet/libtelnet/auth.c +++ b/appl/telnet/libtelnet/auth.c @@ -584,7 +584,7 @@ auth_intr(int sig) } int -auth_wait(char *name) +auth_wait(char *name, size_t name_sz) { if (auth_debug_mode) printf(">>>%s: in auth_wait.\r\n", Name); @@ -611,7 +611,8 @@ auth_wait(char *name) if (authenticated->status) validuser = (*authenticated->status)(authenticated, - name, validuser); + name, name_sz, + validuser); return(validuser); } diff --git a/appl/telnet/libtelnet/auth.h b/appl/telnet/libtelnet/auth.h index 6d136a186..0fb6eabd9 100644 --- a/appl/telnet/libtelnet/auth.h +++ b/appl/telnet/libtelnet/auth.h @@ -71,7 +71,7 @@ typedef struct XauthP { int (*send) (struct XauthP *); void (*is) (struct XauthP *, unsigned char *, int); void (*reply) (struct XauthP *, unsigned char *, int); - int (*status) (struct XauthP *, char *, int); + int (*status) (struct XauthP *, char *, size_t, int); void (*printsub) (unsigned char *, int, unsigned char *, int); } Authenticator; diff --git a/appl/telnet/libtelnet/kerberos.c b/appl/telnet/libtelnet/kerberos.c index cc780e139..c8686262e 100644 --- a/appl/telnet/libtelnet/kerberos.c +++ b/appl/telnet/libtelnet/kerberos.c @@ -180,10 +180,9 @@ kerberos4_send(char *name, Authenticator *ap) memset(instance, 0, sizeof(instance)); - if ((realm = krb_get_phost(RemoteHostName))) - strncpy(instance, realm, sizeof(instance)); - - instance[sizeof(instance)-1] = '\0'; + strcpy_truncate (instance, + krb_get_phost(RemoteHostName), + INST_SZ); realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName); @@ -410,7 +409,7 @@ kerberos4_is(Authenticator *ap, unsigned char *data, int cnt) cred.issue_date < 0 || cred.issue_date > time(0) + CLOCK_SKEW || strncmp(cred.pname, adat.pname, sizeof(cred.pname)) || - strncmp(cred.pinst, adat.pinst, sizeof(cred.pname))){ + strncmp(cred.pinst, adat.pinst, sizeof(cred.pinst))){ Data(ap, KRB_FORWARD_REJECT, "Bad credentials", -1); }else{ if((ret = tf_setup(&cred, @@ -508,13 +507,13 @@ kerberos4_reply(Authenticator *ap, unsigned char *data, int cnt) } int -kerberos4_status(Authenticator *ap, char *name, int level) +kerberos4_status(Authenticator *ap, char *name, size_t name_sz, int level) { if (level < AUTH_USER) return(level); if (UserNameRequested && !kuserok(&adat, UserNameRequested)) { - strcpy(name, UserNameRequested); + strcpy_truncate(name, UserNameRequested, name_sz); return(AUTH_VALID); } else return(AUTH_USER); @@ -526,7 +525,6 @@ kerberos4_status(Authenticator *ap, char *name, int level) void kerberos4_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) { - char lbuf[32]; int i; buf[buflen-1] = '\0'; /* make sure its NULL terminated */ @@ -534,11 +532,11 @@ kerberos4_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) switch(data[3]) { case KRB_REJECT: /* Rejected (reason might follow) */ - strncpy((char *)buf, " REJECT ", buflen); + strcpy_truncate((char *)buf, " REJECT ", buflen); goto common; case KRB_ACCEPT: /* Accepted (name might follow) */ - strncpy((char *)buf, " ACCEPT ", buflen); + strcpy_truncate((char *)buf, " ACCEPT ", buflen); common: BUMP(buf, buflen); if (cnt <= 4) @@ -551,25 +549,23 @@ kerberos4_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) break; case KRB_AUTH: /* Authentication data follows */ - strncpy((char *)buf, " AUTH", buflen); + strcpy_truncate((char *)buf, " AUTH", buflen); goto common2; case KRB_CHALLENGE: - strncpy((char *)buf, " CHALLENGE", buflen); + strcpy_truncate((char *)buf, " CHALLENGE", buflen); goto common2; case KRB_RESPONSE: - strncpy((char *)buf, " RESPONSE", buflen); + strcpy_truncate((char *)buf, " RESPONSE", buflen); goto common2; default: - snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d (unknown)", data[3]); common2: BUMP(buf, buflen); for (i = 4; i < cnt; i++) { - snprintf(lbuf, sizeof(lbuf), " %d", data[i]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d", data[i]); BUMP(buf, buflen); } break; @@ -624,13 +620,13 @@ pack_cred(CREDENTIALS *cred, unsigned char *buf) p += REALM_SZ; memcpy(p, cred->session, 8); p += 8; - p += krb_put_int(cred->lifetime, p, 4); - p += krb_put_int(cred->kvno, p, 4); - p += krb_put_int(cred->ticket_st.length, p, 4); + p += krb_put_int(cred->lifetime, p, 4, 4); + p += krb_put_int(cred->kvno, p, 4, 4); + p += krb_put_int(cred->ticket_st.length, p, 4, 4); memcpy(p, cred->ticket_st.dat, cred->ticket_st.length); p += cred->ticket_st.length; - p += krb_put_int(0, p, 4); - p += krb_put_int(cred->issue_date, p, 4); + p += krb_put_int(0, p, 4, 4); + p += krb_put_int(cred->issue_date, p, 4, 4); memcpy (p, cred->pname, ANAME_SZ); p += ANAME_SZ; memcpy (p, cred->pinst, INST_SZ); diff --git a/appl/telnet/libtelnet/kerberos5.c b/appl/telnet/libtelnet/kerberos5.c index b80102d67..fccd95b6a 100644 --- a/appl/telnet/libtelnet/kerberos5.c +++ b/appl/telnet/libtelnet/kerberos5.c @@ -608,7 +608,7 @@ kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt) } int -kerberos5_status(Authenticator *ap, char *name, int level) +kerberos5_status(Authenticator *ap, char *name, size_t name_sz, int level) { if (level < AUTH_USER) return(level); @@ -618,7 +618,7 @@ kerberos5_status(Authenticator *ap, char *name, int level) ticket->client, UserNameRequested)) { - strcpy(name, UserNameRequested); + strcpy_truncate(name, UserNameRequested, name_sz); return(AUTH_VALID); } else return(AUTH_USER); @@ -630,7 +630,6 @@ kerberos5_status(Authenticator *ap, char *name, int level) void kerberos5_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) { - char lbuf[32]; int i; buf[buflen-1] = '\0'; /* make sure its NULL terminated */ @@ -638,11 +637,11 @@ kerberos5_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) switch(data[3]) { case KRB_REJECT: /* Rejected (reason might follow) */ - strncpy((char *)buf, " REJECT ", buflen); + strcpy_truncate((char *)buf, " REJECT ", buflen); goto common; case KRB_ACCEPT: /* Accepted (name might follow) */ - strncpy((char *)buf, " ACCEPT ", buflen); + strcpy_truncate((char *)buf, " ACCEPT ", buflen); common: BUMP(buf, buflen); if (cnt <= 4) @@ -656,36 +655,34 @@ kerberos5_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) case KRB_AUTH: /* Authentication data follows */ - strncpy((char *)buf, " AUTH", buflen); + strcpy_truncate((char *)buf, " AUTH", buflen); goto common2; case KRB_RESPONSE: - strncpy((char *)buf, " RESPONSE", buflen); + strcpy_truncate((char *)buf, " RESPONSE", buflen); goto common2; #ifdef FORWARD case KRB_FORWARD: /* Forwarded credentials follow */ - strncpy((char *)buf, " FORWARD", buflen); + strcpy_truncate((char *)buf, " FORWARD", buflen); goto common2; case KRB_FORWARD_ACCEPT: /* Forwarded credentials accepted */ - strncpy((char *)buf, " FORWARD_ACCEPT", buflen); + strcpy_truncate((char *)buf, " FORWARD_ACCEPT", buflen); goto common2; case KRB_FORWARD_REJECT: /* Forwarded credentials rejected */ /* (reason might follow) */ - strncpy((char *)buf, " FORWARD_REJECT", buflen); + strcpy_truncate((char *)buf, " FORWARD_REJECT", buflen); goto common2; #endif /* FORWARD */ default: - snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d (unknown)", data[3]); common2: BUMP(buf, buflen); for (i = 4; i < cnt; i++) { - snprintf(lbuf, sizeof(lbuf), " %d", data[i]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d", data[i]); BUMP(buf, buflen); } break; diff --git a/appl/telnet/libtelnet/krb4encpwd.c b/appl/telnet/libtelnet/krb4encpwd.c index c96b319d8..d7e5d05cb 100644 --- a/appl/telnet/libtelnet/krb4encpwd.c +++ b/appl/telnet/libtelnet/krb4encpwd.c @@ -308,7 +308,7 @@ krb4encpwd_reply(ap, data, cnt) des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0); UserPassword = user_passwd; Challenge = challenge; - strcpy(instance, RemoteHostName); + strcpy_truncate(instance, RemoteHostName, sizeof(instance)); if ((cp = strchr(instance, '.')) != 0) *cp = '\0'; if (r = krb_mk_encpwd_req(&krb_token, KRB_SERVICE_NAME, instance, realm, Challenge, UserNameRequested, user_passwd)) { @@ -327,9 +327,10 @@ krb4encpwd_reply(ap, data, cnt) } int -krb4encpwd_status(ap, name, level) +krb4encpwd_status(ap, name, name_sz, level) Authenticator *ap; char *name; + size_t name_sz; int level; { @@ -337,7 +338,7 @@ krb4encpwd_status(ap, name, level) return(level); if (UserNameRequested && passwdok(UserNameRequested, UserPassword)) { - strcpy(name, UserNameRequested); + strcpy_truncate(name, UserNameRequested, name_sz); return(AUTH_VALID); } else { return(AUTH_USER); @@ -352,7 +353,6 @@ krb4encpwd_printsub(data, cnt, buf, buflen) unsigned char *data, *buf; int cnt, buflen; { - char lbuf[32]; int i; buf[buflen-1] = '\0'; /* make sure its NULL terminated */ @@ -360,11 +360,11 @@ krb4encpwd_printsub(data, cnt, buf, buflen) switch(data[3]) { case KRB4_ENCPWD_REJECT: /* Rejected (reason might follow) */ - strncpy((char *)buf, " REJECT ", buflen); + strcpy_truncate((char *)buf, " REJECT ", buflen); goto common; case KRB4_ENCPWD_ACCEPT: /* Accepted (name might follow) */ - strncpy((char *)buf, " ACCEPT ", buflen); + strcpy_truncate((char *)buf, " ACCEPT ", buflen); common: BUMP(buf, buflen); if (cnt <= 4) @@ -377,25 +377,23 @@ krb4encpwd_printsub(data, cnt, buf, buflen) break; case KRB4_ENCPWD_AUTH: /* Authentication data follows */ - strncpy((char *)buf, " AUTH", buflen); + strcpy_truncate((char *)buf, " AUTH", buflen); goto common2; case KRB4_ENCPWD_CHALLENGE: - strncpy((char *)buf, " CHALLENGE", buflen); + strcpy_truncate((char *)buf, " CHALLENGE", buflen); goto common2; case KRB4_ENCPWD_ACK: - strncpy((char *)buf, " ACK", buflen); + strcpy_truncate((char *)buf, " ACK", buflen); goto common2; default: - snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d (unknown)", data[3]); common2: BUMP(buf, buflen); for (i = 4; i < cnt; i++) { - snprintf(lbuf, sizeof(lbuf), " %d", data[i]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d", data[i]); BUMP(buf, buflen); } break; diff --git a/appl/telnet/libtelnet/misc-proto.h b/appl/telnet/libtelnet/misc-proto.h index c610c5efa..a42139090 100644 --- a/appl/telnet/libtelnet/misc-proto.h +++ b/appl/telnet/libtelnet/misc-proto.h @@ -75,4 +75,5 @@ void net_encrypt (void); int telnet_spin (void); char *telnet_getenv (char *); char *telnet_gets (char *, char *, int, int); +void printsub(int direction, unsigned char *pointer, int length); #endif diff --git a/appl/telnet/libtelnet/misc.c b/appl/telnet/libtelnet/misc.c index c45b9ff07..00eecda19 100644 --- a/appl/telnet/libtelnet/misc.c +++ b/appl/telnet/libtelnet/misc.c @@ -35,14 +35,15 @@ RCSID("$Id$"); -#include "misc.h" -#include "auth.h" -#include "encrypt.h" #include +#include #include #ifdef SOCKS #include #endif +#include "misc.h" +#include "auth.h" +#include "encrypt.h" #include diff --git a/appl/telnet/libtelnet/rsaencpwd.c b/appl/telnet/libtelnet/rsaencpwd.c index 765296728..60b9abad4 100644 --- a/appl/telnet/libtelnet/rsaencpwd.c +++ b/appl/telnet/libtelnet/rsaencpwd.c @@ -159,9 +159,8 @@ rsaencpwd_init(ap, server) memset(key_file, 0, sizeof(key_file)); gethostname(lhostname, sizeof(lhostname)); if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0'; - strcpy(key_file, "/etc/."); - strcat(key_file, lhostname); - strcat(key_file, "_privkey"); + snprintf(key_file, sizeof(key_file), + "/etc/.%s_privkey", lhostname); if ((fp=fopen(key_file, "r"))==NULL) return(0); fclose(fp); } else { @@ -261,7 +260,7 @@ rsaencpwd_is(ap, data, cnt) snprintf(challenge, sizeof(challenge), "%x", now); challenge_len = strlen(challenge); } else { - strcpy(challenge, "randchal"); + strcpy_truncate(challenge, "randchal", sizeof(challenge)); challenge_len = 8; } @@ -382,9 +381,10 @@ rsaencpwd_reply(ap, data, cnt) } int -rsaencpwd_status(ap, name, level) +rsaencpwd_status(ap, name, name_sz, level) Authenticator *ap; char *name; + size_t name_sz; int level; { @@ -392,7 +392,7 @@ rsaencpwd_status(ap, name, level) return(level); if (UserNameRequested && rsaencpwd_passwdok(UserNameRequested, UserPassword)) { - strcpy(name, UserNameRequested); + strcpy_truncate(name, UserNameRequested, name_sz); return(AUTH_VALID); } else { return(AUTH_USER); @@ -407,7 +407,6 @@ rsaencpwd_printsub(data, cnt, buf, buflen) unsigned char *data, *buf; int cnt, buflen; { - char lbuf[32]; int i; buf[buflen-1] = '\0'; /* make sure its NULL terminated */ @@ -415,11 +414,11 @@ rsaencpwd_printsub(data, cnt, buf, buflen) switch(data[3]) { case RSA_ENCPWD_REJECT: /* Rejected (reason might follow) */ - strncpy((char *)buf, " REJECT ", buflen); + strcpy_truncate((char *)buf, " REJECT ", buflen); goto common; case RSA_ENCPWD_ACCEPT: /* Accepted (name might follow) */ - strncpy((char *)buf, " ACCEPT ", buflen); + strcpy_truncate((char *)buf, " ACCEPT ", buflen); common: BUMP(buf, buflen); if (cnt <= 4) @@ -432,21 +431,19 @@ rsaencpwd_printsub(data, cnt, buf, buflen) break; case RSA_ENCPWD_AUTH: /* Authentication data follows */ - strncpy((char *)buf, " AUTH", buflen); + strcpy_truncate((char *)buf, " AUTH", buflen); goto common2; case RSA_ENCPWD_CHALLENGEKEY: - strncpy((char *)buf, " CHALLENGEKEY", buflen); + strcpy_truncate((char *)buf, " CHALLENGEKEY", buflen); goto common2; default: - snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d (unknown)", data[3]); common2: BUMP(buf, buflen); for (i = 4; i < cnt; i++) { - snprintf(lbuf, sizeof(lbuf), " %d", data[i]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d", data[i]); BUMP(buf, buflen); } break; diff --git a/appl/telnet/libtelnet/spx.c b/appl/telnet/libtelnet/spx.c index 5832e99ba..73eaddf7a 100644 --- a/appl/telnet/libtelnet/spx.c +++ b/appl/telnet/libtelnet/spx.c @@ -173,8 +173,8 @@ spx_init(ap, server) if (server) { str_data[3] = TELQUAL_REPLY; gethostname(lhostname, sizeof(lhostname)); - strcpy(targ_printable, "SERVICE:rcmd@"); - strcat(targ_printable, lhostname); + snprintf (targ_printable, sizeof(targ_printable), + "SERVICE:rcmd@%s", lhostname); input_name_buffer.length = strlen(targ_printable); input_name_buffer.value = targ_printable; major_status = gss_import_name(&status, @@ -216,8 +216,8 @@ spx_send(ap) char *address; printf("[ Trying SPX ... ]\r\n"); - strcpy(targ_printable, "SERVICE:rcmd@"); - strcat(targ_printable, RemoteHostName); + snprintf (targ_printable, sizeof(targ_printable), + "SERVICE:rcmd@%s", RemoteHostName); input_name_buffer.length = strlen(targ_printable); input_name_buffer.value = targ_printable; @@ -324,8 +324,8 @@ spx_is(ap, data, cnt) gethostname(lhostname, sizeof(lhostname)); - strcpy(targ_printable, "SERVICE:rcmd@"); - strcat(targ_printable, lhostname); + snprintf(targ_printable, sizeof(targ_printable), + "SERVICE:rcmd@%s", lhostname); input_name_buffer.length = strlen(targ_printable); input_name_buffer.value = targ_printable; @@ -472,9 +472,10 @@ spx_reply(ap, data, cnt) } int -spx_status(ap, name, level) +spx_status(ap, name, name_sz, level) Authenticator *ap; char *name; + size_t name_sz; int level; { @@ -495,8 +496,9 @@ spx_status(ap, name, level) return(AUTH_USER); /* not authenticated */ } - strcpy(acl_file, pwd->pw_dir); - strcat(acl_file, "/.sphinx"); + snprintf (acl_file, sizeof(acl_file), + "%s/.sphinx", pwd->pw_dir); + acl_file_buffer.value = acl_file; acl_file_buffer.length = strlen(acl_file); @@ -512,7 +514,7 @@ spx_status(ap, name, level) &acl_file_buffer); if (major_status == GSS_S_COMPLETE) { - strcpy(name, UserNameRequested); + strcpy_truncate(name, UserNameRequested, name_sz); return(AUTH_VALID); } else { return(AUTH_USER); @@ -528,7 +530,6 @@ spx_printsub(data, cnt, buf, buflen) unsigned char *data, *buf; int cnt, buflen; { - char lbuf[32]; int i; buf[buflen-1] = '\0'; /* make sure its NULL terminated */ @@ -536,11 +537,11 @@ spx_printsub(data, cnt, buf, buflen) switch(data[3]) { case SPX_REJECT: /* Rejected (reason might follow) */ - strncpy((char *)buf, " REJECT ", buflen); + strcpy_truncate((char *)buf, " REJECT ", buflen); goto common; case SPX_ACCEPT: /* Accepted (name might follow) */ - strncpy((char *)buf, " ACCEPT ", buflen); + strcpy_truncate((char *)buf, " ACCEPT ", buflen); common: BUMP(buf, buflen); if (cnt <= 4) @@ -553,17 +554,15 @@ spx_printsub(data, cnt, buf, buflen) break; case SPX_AUTH: /* Authentication data follows */ - strncpy((char *)buf, " AUTH", buflen); + strcpy_truncate((char *)buf, " AUTH", buflen); goto common2; default: - snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d (unknown)", data[3]); common2: BUMP(buf, buflen); for (i = 4; i < cnt; i++) { - snprintf(lbuf, sizeof(lbuf), " %d", data[i]); - strncpy((char *)buf, lbuf, buflen); + snprintf(buf, buflen, " %d", data[i]); BUMP(buf, buflen); } break; diff --git a/appl/telnet/telnet/authenc.c b/appl/telnet/telnet/authenc.c index a3b08044e..a7c4d9792 100644 --- a/appl/telnet/telnet/authenc.c +++ b/appl/telnet/telnet/authenc.c @@ -84,7 +84,7 @@ telnet_gets(char *prompt, char *result, int length, int echo) printf("%s", prompt); res = fgets(result, length, stdin); } else if ((res = getpass(prompt))) { - strncpy(result, res, length); + strcpy_truncate(result, res, length); res = result; } TerminalNewMode(om); diff --git a/appl/telnet/telnet/commands.c b/appl/telnet/telnet/commands.c index 70ef871d6..de32830fb 100644 --- a/appl/telnet/telnet/commands.c +++ b/appl/telnet/telnet/commands.c @@ -66,7 +66,8 @@ makeargv() margc = 0; cp = line; if (*cp == '!') { /* Special case shell escape */ - strcpy(saveline, line); /* save for shell command */ + /* save for shell command */ + strcpy_truncate(saveline, line, sizeof(saveline)); *argp++ = "!"; /* No room in string to get this */ margc++; cp++; @@ -1561,9 +1562,8 @@ env_init(void) /* If this is not the full name, try to get it via DNS */ if (strchr(hbuf, '.') == 0) { struct hostent *he = roken_gethostbyname(hbuf); - if (he != 0) - strncpy(hbuf, he->h_name, 256); - hbuf[256] = '\0'; + if (he != NULL) + strcpy_truncate(hbuf, he->h_name, 256); } asprintf (&cp, "%s%s", hbuf, cp2); @@ -1939,7 +1939,7 @@ status(int argc, char **argv) * Function that gets called when SIGINFO is received. */ void -ayt_status(void) +ayt_status(int ignore) { call(status, "status", "notmuch", 0); } @@ -1961,7 +1961,7 @@ cmdrc(char *m1, char *m2) if (skiprc) return; - strcpy(m1save, m1); + strcpy_truncate(m1save, m1, sizeof(m1save)); m1 = m1save; if (rcname[0] == 0) { @@ -2033,8 +2033,8 @@ tn(int argc, char **argv) struct sockaddr_in6 sin6; #endif struct sockaddr_in sin; - struct sockaddr *sa; - int sa_size; + struct sockaddr *sa = NULL; + int sa_size = 0; struct servent *sp = 0; unsigned long temp; extern char *inet_ntoa(); @@ -2042,8 +2042,9 @@ tn(int argc, char **argv) char *srp = 0; int srlen; #endif - char *cmd, *hostp = 0, *portp = 0, *user = 0; - int family, port; + char *cmd, *hostp = 0, *portp = 0; + char *user = 0; + int family, port = 0; /* clear the socket address prior to use */ @@ -2053,7 +2054,7 @@ tn(int argc, char **argv) return 0; } if (argc < 2) { - strcpy(line, "open "); + strcpy_truncate(line, "open ", sizeof(line)); printf("(to) "); fgets(&line[strlen(line)], sizeof(line) - strlen(line), stdin); makeargv(); @@ -2124,7 +2125,7 @@ tn(int argc, char **argv) sin6.sin6_family = family = AF_INET6; sa = (struct sockaddr *)&sin6; sa_size = sizeof(sin6); - strcpy(_hostname, hostp); + strcpy_truncate(_hostname, hostp, sizeof(_hostname)); hostname =_hostname; } else #endif @@ -2132,7 +2133,7 @@ tn(int argc, char **argv) sin.sin_family = family = AF_INET; sa = (struct sockaddr *)&sin; sa_size = sizeof(sin); - strcpy(_hostname, hostp); + strcpy_truncate(_hostname, hostp, sizeof(_hostname)); hostname = _hostname; } else { #ifdef HAVE_GETHOSTBYNAME2 @@ -2143,7 +2144,7 @@ tn(int argc, char **argv) host = roken_gethostbyname(hostp); #endif if (host) { - strncpy(_hostname, host->h_name, sizeof(_hostname)); + strcpy_truncate(_hostname, host->h_name, sizeof(_hostname)); family = host->h_addrtype; switch(family) { @@ -2253,7 +2254,7 @@ tn(int argc, char **argv) #endif #if defined(IPPROTO_IP) && defined(IP_TOS) { -# if defined(HAS_GETTOS) +# if defined(HAVE_GETTOSBYNAME) struct tosent *tp; if (tos < 0 && (tp = gettosbyname("telnet", "tcp"))) tos = tp->t_tos; @@ -2316,7 +2317,7 @@ tn(int argc, char **argv) user = getenv("USER"); if (user == NULL || - ((pw = k_getpwnam(user)) && pw->pw_uid != getuid())) { + ((pw = k_getpwnam((char *)user)) && pw->pw_uid != getuid())) { if ((pw = k_getpwuid(getuid()))) user = pw->pw_name; else @@ -2329,7 +2330,7 @@ tn(int argc, char **argv) } call(status, "status", "notmuch", 0); if (setjmp(peerdied) == 0) - telnet(user); + my_telnet((char *)user); NetClose(net); ExitString("Connection closed by foreign host.\r\n",1); /*NOTREACHED*/ diff --git a/appl/telnet/telnet/externs.h b/appl/telnet/telnet/externs.h index 183a588c5..fd834a302 100644 --- a/appl/telnet/telnet/externs.h +++ b/appl/telnet/telnet/externs.h @@ -167,7 +167,7 @@ extern int (*decrypt_input) (int); extern FILE *NetTrace; /* Where debugging output goes */ -extern unsigned char +extern char NetTraceFile[]; /* Name of file where debugging output goes */ extern void SetNetTrace (char *); /* Function to change where debugging goes */ @@ -222,7 +222,7 @@ int EncryptStatus (void); #endif #ifdef SIGINFO -void ayt_status(void); +void ayt_status(int); #endif int tn(int argc, char **argv); void command(int top, char *tbuf, int cnt); @@ -281,13 +281,13 @@ void xmitEC(void); void Dump (char, unsigned char *, int); void printoption (char *, int, int); -void printsub (char, unsigned char *, int); +void printsub (int, unsigned char *, int); void sendnaws (void); void setconnmode (int); void setcommandmode (void); void setneturg (void); void sys_telnet_init (void); -void telnet (char *); +void my_telnet (char *); void tel_enter_binary (int); void TerminalFlushOutput (void); void TerminalNewMode (int); @@ -351,7 +351,7 @@ void SetNetTrace(char *file); void Dump(char direction, unsigned char *buffer, int length); void printoption(char *direction, int cmd, int option); void optionstatus(void); -void printsub(char direction, unsigned char *pointer, int length); +void printsub(int direction, unsigned char *pointer, int length); void EmptyTerminal(void); void SetForExit(void); void Exit(int returnCode); diff --git a/appl/telnet/telnet/main.c b/appl/telnet/telnet/main.c index 0b0da9728..3e676f164 100644 --- a/appl/telnet/telnet/main.c +++ b/appl/telnet/telnet/main.c @@ -168,7 +168,7 @@ main(int argc, char **argv) break; case 'S': { -#ifdef HAS_GETTOS +#ifdef HAVE_PARSETOS extern int tos; if ((tos = parsetos(optarg, "tcp")) < 0) @@ -237,7 +237,7 @@ main(int argc, char **argv) extern char *dest_realm, dst_realm_buf[]; extern int dst_realm_sz; dest_realm = dst_realm_buf; - strncpy(dest_realm, optarg, dst_realm_sz); + strcpy_truncate(dest_realm, optarg, dst_realm_sz); } #else fprintf(stderr, diff --git a/appl/telnet/telnet/sys_bsd.c b/appl/telnet/telnet/sys_bsd.c index 7a018dd7b..eccafe885 100644 --- a/appl/telnet/telnet/sys_bsd.c +++ b/appl/telnet/telnet/sys_bsd.c @@ -713,7 +713,7 @@ ayt(int sig) if (connected) sendayt(); else - ayt_status(); + ayt_status(sig); } #endif diff --git a/appl/telnet/telnet/telnet.c b/appl/telnet/telnet/telnet.c index f3a4f8028..5869a54b6 100644 --- a/appl/telnet/telnet/telnet.c +++ b/appl/telnet/telnet/telnet.c @@ -32,6 +32,9 @@ */ #include "telnet_locl.h" +#ifdef HAVE_TERMCAP_H +#include +#endif RCSID("$Id$"); @@ -107,7 +110,7 @@ unsigned char telopt_environ = TELOPT_NEW_ENVIRON; # define telopt_environ TELOPT_NEW_ENVIRON #endif -jmp_buf toplevel = { 0 }; +jmp_buf toplevel; jmp_buf peerdied; int flushline; @@ -1550,7 +1553,7 @@ telrcv(void) { int c; int scc; - unsigned char *sbp; + unsigned char *sbp = NULL; int count; int returnValue = 0; @@ -1795,7 +1798,7 @@ telsnd() int tcc; int count; int returnValue = 0; - unsigned char *tbp; + unsigned char *tbp = NULL; tcc = 0; count = 0; @@ -1991,7 +1994,7 @@ Scheduler(int block) /* should we block in the select ? */ * Select from tty and network... */ void -telnet(char *user) +my_telnet(char *user) { sys_telnet_init(); diff --git a/appl/telnet/telnet/utilities.c b/appl/telnet/telnet/utilities.c index 7f466eace..c4fe08ad7 100644 --- a/appl/telnet/telnet/utilities.c +++ b/appl/telnet/telnet/utilities.c @@ -72,7 +72,7 @@ SetSockOpt(int fd, int level, int option, int yesno) * The following are routines used to print out debugging information. */ -unsigned char NetTraceFile[256] = "(standard output)"; +char NetTraceFile[256] = "(standard output)"; void SetNetTrace(char *file) @@ -82,13 +82,13 @@ SetNetTrace(char *file) if (file && (strcmp(file, "-") != 0)) { NetTrace = fopen(file, "w"); if (NetTrace) { - strcpy((char *)NetTraceFile, file); + strcpy_truncate(NetTraceFile, file, sizeof(NetTraceFile)); return; } fprintf(stderr, "Cannot open %s.\n", file); } NetTrace = stdout; - strcpy((char *)NetTraceFile, "(standard output)"); + strcpy_truncate(NetTraceFile, "(standard output)", sizeof(NetTraceFile)); } void @@ -250,7 +250,7 @@ optionstatus(void) } void -printsub(char direction, unsigned char *pointer, int length) +printsub(int direction, unsigned char *pointer, int length) { int i; unsigned char buf[512]; diff --git a/appl/telnet/telnetd/ext.h b/appl/telnet/telnetd/ext.h index b61770d4e..c9583394b 100644 --- a/appl/telnet/telnetd/ext.h +++ b/appl/telnet/telnetd/ext.h @@ -122,11 +122,11 @@ void start_login (char *host, int autologin, char *name); void cleanup (int sig); int main (int argc, char **argv); void usage (void); -int getterminaltype (char *name); +int getterminaltype (char *name, size_t); void _gettermname (void); int terminaltypeok (char *s); void doit (struct sockaddr_in *who); -void telnet (int f, int p, char*, int, char*); +void my_telnet (int f, int p, char*, int, char*); void interrupt (void); void sendbrk (void); void sendsusp (void); @@ -150,7 +150,7 @@ void putf (char *cp, char *where); void printoption (char *fmt, int option); void printsub (int direction, unsigned char *pointer, int length); void printdata (char *tag, char *ptr, int cnt); - +int login_tty(int t); #ifdef ENCRYPTION extern void (*encrypt_output) (unsigned char *, int); diff --git a/appl/telnet/telnetd/sys_term.c b/appl/telnet/telnetd/sys_term.c index 505272f48..391b746f6 100644 --- a/appl/telnet/telnetd/sys_term.c +++ b/appl/telnet/telnetd/sys_term.c @@ -360,7 +360,7 @@ char *line = Xline; char myline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; #endif /* CRAY */ -#ifndef HAVE_PTSNAME +#if !defined(HAVE_PTSNAME) && defined(STREAMSPTY) static char *ptsname(int fd) { #ifdef HAVE_TTYNAME @@ -388,7 +388,7 @@ int getpty(int *ptynum) p = _getpty(&master, O_RDWR, 0600, 1); if(p == NULL) return -1; - strcpy(line, p); + strcpy_truncate(line, p, sizeof(Xline)); return master; #else @@ -420,7 +420,7 @@ int getpty(int *ptynum) #ifdef HAVE_UNLOCKPT unlockpt(p); #endif - strcpy(line, ptsname(p)); + strcpy_truncate(line, ptsname(p), sizeof(Xline)); really_stream = 1; return p; } @@ -1087,6 +1087,7 @@ clean_ttyname (char *tty) * Generate a name usable as an `ut_id', typically without `tty'. */ +#ifdef HAVE_UT_ID static char * make_id (char *tty) { @@ -1098,6 +1099,7 @@ make_id (char *tty) res += 3; return res; } +#endif /* * startslave(host) @@ -1190,7 +1192,7 @@ init_env(void) char **envp; envp = envinit; - if (*envp = getenv("TZ")) + if ((*envp = getenv("TZ"))) *envp++ -= 3; #if defined(_CRAY) || defined(__hpux) else @@ -1392,7 +1394,7 @@ rmut(void) utmpx.ut_type = LOGIN_PROCESS; utxp = getutxline(&utmpx); if (utxp) { - strcpy(utxp->ut_user, ""); + utxp->ut_user[0] = '\0'; utxp->ut_type = DEAD_PROCESS; #ifdef HAVE_UT_EXIT #ifdef _STRUCT___EXIT_STATUS diff --git a/appl/telnet/telnetd/telnetd.c b/appl/telnet/telnetd/telnetd.c index 0e48c91fe..8abe5ec83 100644 --- a/appl/telnet/telnetd/telnetd.c +++ b/appl/telnet/telnetd/telnetd.c @@ -275,7 +275,7 @@ int main(int argc, char **argv) #endif /* CRAY */ case 'S': -#ifdef HAS_GETTOS +#ifdef HAVE_PARSETOS if ((tos = parsetos(optarg, "tcp")) < 0) fprintf(stderr, "%s%s%s\n", "telnetd: Bad TOS argument '", optarg, @@ -329,7 +329,7 @@ int main(int argc, char **argv) argv += optind; if (debug) { - int port; + int port = 0; struct servent *sp; if (argc > 1) { @@ -423,7 +423,7 @@ int main(int argc, char **argv) #if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT) { -# ifdef HAS_GETTOS +# ifdef HAVE_GETTOSBYNAME struct tosent *tp; if (tos < 0 && (tp = gettosbyname("telnet", "tcp"))) tos = tp->t_tos; @@ -440,6 +440,7 @@ int main(int argc, char **argv) net = 0; doit(&from); /* NOTREACHED */ + return 0; } /* end of main */ void @@ -463,7 +464,7 @@ usage() fprintf(stderr, " [-r[lowpty]-[highpty]]"); #endif fprintf(stderr, "\n\t"); -#ifdef HAS_GETTOS +#ifdef HAVE_GETTOSBYNAME fprintf(stderr, " [-S tos]"); #endif #ifdef AUTHENTICATION @@ -485,7 +486,7 @@ static unsigned char ttytype_sbbuf[] = { }; int -getterminaltype(char *name) +getterminaltype(char *name, size_t name_sz) { int retval = -1; void _gettermname(); @@ -499,7 +500,7 @@ getterminaltype(char *name) while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) ttloop(); if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name); + retval = auth_wait(name, name_sz); } #endif @@ -593,12 +594,12 @@ getterminaltype(char *name) * we have to just go with what we (might) have already gotten. */ if (his_state_is_will(TELOPT_TTYPE) && !terminaltypeok(terminaltype)) { - strncpy(first, terminaltype, sizeof(first)); + strcpy_truncate(first, terminaltype, sizeof(first)); for(;;) { /* * Save the unknown name, and request the next name. */ - strncpy(last, terminaltype, sizeof(last)); + strcpy_truncate(last, terminaltype, sizeof(last)); _gettermname(); if (terminaltypeok(terminaltype)) break; @@ -661,7 +662,7 @@ char remote_host_name[MaxHostNameLen]; void doit(struct sockaddr_in *who) { - char *host; + char *host = NULL; struct hostent *hp; int level; int ptynum; @@ -707,8 +708,7 @@ Please contact your net administrator"); * We must make a copy because Kerberos is probably going * to also do a gethost* and overwrite the static data... */ - strncpy(remote_host_name, host, sizeof(remote_host_name)-1); - remote_host_name[sizeof(remote_host_name)-1] = 0; + strcpy_truncate(remote_host_name, host, sizeof(remote_host_name)); host = remote_host_name; /* XXX - should be k_gethostname? */ @@ -732,9 +732,9 @@ Please contact your net administrator"); * If hostname still doesn't fit utmp, use ipaddr. */ if (strlen(remote_host_name) > abs(utmp_len)) - strncpy(remote_host_name, + strcpy_truncate(remote_host_name, inet_ntoa(who->sin_addr), - sizeof(remote_host_name)-1); + sizeof(remote_host_name)); #ifdef AUTHENTICATION auth_encrypt_init(hostname, host, "TELNETD", 1); @@ -745,7 +745,7 @@ Please contact your net administrator"); * get terminal type. */ *user_name = 0; - level = getterminaltype(user_name); + level = getterminaltype(user_name, sizeof(user_name)); setenv("TERM", terminaltype ? terminaltype : "network", 1); #ifdef _SC_CRAY_SECURE_SYS @@ -757,7 +757,8 @@ Please contact your net administrator"); } #endif /* _SC_CRAY_SECURE_SYS */ - telnet(net, ourpty, host, level, user_name); /* begin server processing */ + /* begin server processing */ + my_telnet(net, ourpty, host, level, user_name); /*NOTREACHED*/ } /* end of doit */ @@ -784,17 +785,11 @@ show_issue(void) * hand data to telnet receiver finite state machine. */ void -telnet(int f, int p, char *host, int level, char *autoname) +my_telnet(int f, int p, char *host, int level, char *autoname) { int on = 1; -#define TABBUFSIZ 512 - char defent[TABBUFSIZ]; - char defstrs[TABBUFSIZ]; -#undef TABBUFSIZ char *he; - char *HN; char *IM; - void netflush(); int nfd; int startslave_called = 0; time_t timeout; diff --git a/appl/telnet/telnetd/telnetd.h b/appl/telnet/telnetd/telnetd.h index c41041785..5923ce82f 100644 --- a/appl/telnet/telnetd/telnetd.h +++ b/appl/telnet/telnetd/telnetd.h @@ -175,6 +175,10 @@ #endif #endif +#ifdef HAVE_LIBUTIL_H +#include +#endif + #include /* Don't use the system login, use our version instead */ diff --git a/appl/telnet/telnetd/utility.c b/appl/telnet/telnetd/utility.c index 367083b63..bd9080d0d 100644 --- a/appl/telnet/telnetd/utility.c +++ b/appl/telnet/telnetd/utility.c @@ -391,8 +391,8 @@ void edithost(char *pat, char *host) pat++; } if (*host) - strncpy(res, host, - sizeof editedhost - (res - editedhost) -1); + strcpy_truncate (res, host, + sizeof editedhost - (res - editedhost)); else *res = '\0'; editedhost[sizeof editedhost - 1] = '\0'; @@ -527,7 +527,7 @@ printsub(int direction, unsigned char *pointer, int length) /* where suboption data sits */ /* length of suboption data */ { - int i; + int i = 0; unsigned char buf[512]; if (!(diagnostic & TD_OPTIONS)) diff --git a/appl/xnlock/ChangeLog b/appl/xnlock/ChangeLog index b0bcf86d2..41b17836e 100644 --- a/appl/xnlock/ChangeLog +++ b/appl/xnlock/ChangeLog @@ -10,6 +10,10 @@ Sat Mar 21 14:36:21 1998 Assar Westerlund * xnlock.c (init_words): recognize both `-p' and `-prog' +Sat Feb 7 10:08:07 1998 Assar Westerlund + + * xnlock.c: Don't use REALM_SZ + 1, just REALM_SZ + Sat Nov 29 04:58:19 1997 Johan Danielsson * xnlock.c: Make it build w/o krb4. diff --git a/appl/xnlock/xnlock.c b/appl/xnlock/xnlock.c index 5e3659687..4f699d361 100644 --- a/appl/xnlock/xnlock.c +++ b/appl/xnlock/xnlock.c @@ -47,7 +47,7 @@ static char userprompt[128]; #ifdef KRB4 static char name[ANAME_SZ]; static char inst[INST_SZ]; -static char realm[REALM_SZ + 1]; +static char realm[REALM_SZ]; #endif #ifdef KRB5 static krb5_context context; @@ -251,8 +251,8 @@ init_words (int argc, char **argv) errx (1, "cannot allocate memory for message"); appres.text[0] = 0; for(; i < j; i++){ - strcat(appres.text, argv[i]); - strcat(appres.text, " "); + strcat_truncate(appres.text, argv[i], len); + strcat_truncate(appres.text, " ", len); } } } @@ -798,7 +798,8 @@ talk(int force_erase) XSetForeground(dpy, gc, White); talking = 1; walk(FRONT); - p = strcpy(buf, words); + strcpy_truncate (buf, words, sizeof(buf)); + p = buf; /* possibly avoid a lot of work here * if no CR or only one, then just print the line @@ -832,7 +833,7 @@ talk(int force_erase) if ((w = XTextWidth(font, p, p2 - p)) > width) width = w; total += p2 - p; /* total chars; count to determine reading time */ - strcpy(args[height], p); + strcpy_truncate(args[height], p, sizeof(args[height])); if (height == MAXLINES - 1) { puts("Message too long!"); break; @@ -927,15 +928,14 @@ main (int argc, char **argv) struct passwd *pw; if (!(pw = k_getpwuid(0))) errx (1, "can't get root's passwd!"); - strcpy(root_cpass, pw->pw_passwd); + strcpy_truncate(root_cpass, pw->pw_passwd, sizeof(root_cpass)); if (!(pw = k_getpwuid(getuid()))) errx (1, "Can't get your password entry!"); - strcpy(user_cpass, pw->pw_passwd); + strcpy_truncate(user_cpass, pw->pw_passwd, sizeof(user_cpass)); setuid(getuid()); /* Now we're no longer running setuid root. */ - strncpy(login, pw->pw_name, sizeof(login)); - login[sizeof(login) - 1] = '\0'; + strcpy_truncate(login, pw->pw_name, sizeof(login)); } srand(getpid()); diff --git a/lib/auth/afskauthlib/verify.c b/lib/auth/afskauthlib/verify.c index b2a1a42d5..3104a0820 100644 --- a/lib/auth/afskauthlib/verify.c +++ b/lib/auth/afskauthlib/verify.c @@ -58,7 +58,7 @@ afs_verify(char *name, int quiet) { int ret = 1; - char lrealm[REALM_SZ + 1]; + char lrealm[REALM_SZ]; char tkt_string[MaxPathLen]; struct passwd *pwd; diff --git a/lib/auth/pam/pam.c b/lib/auth/pam/pam.c index 6e66c8c75..06c827f96 100644 --- a/lib/auth/pam/pam.c +++ b/lib/auth/pam/pam.c @@ -150,10 +150,10 @@ auth_su(pam_handle_t *pamh, int flags, char *user, struct pam_conv *conv) pw = getpwuid(getuid()); if(strcmp(user, "root") == 0){ - strcpy(pr.name, pw->pw_name); - strcpy(pr.instance, "root"); + strcpy_truncate(pr.name, pw->pw_name, sizeof(pr.name)); + strcpy_truncate(pr.instance, "root", sizeof(pr.instance)); }else{ - strcpy(pr.name, user); + strcpy_truncate(pr.name, user, sizeof(pr.name)); pr.instance[0] = 0; } pmsg = &msg; diff --git a/lib/auth/sia/sia.c b/lib/auth/sia/sia.c index ae514b8ef..44f9b8a44 100644 --- a/lib/auth/sia/sia.c +++ b/lib/auth/sia/sia.c @@ -363,8 +363,12 @@ siad_ses_suauthent(sia_collect_func_t *collect, return SIADFAIL; if(entity->name == NULL) return SIADFAIL; - if(entity->name[0] == 0) - strcpy(entity->name, "root"); + if(entity->name[0] == 0) { + free(entity->name); + entity->name = strdup("root"); + if (entity->name == NULL) + return SIADFAIL; + } return common_auth(collect, entity, siastat, pkgind); } diff --git a/lib/com_err/com_err.c b/lib/com_err/com_err.c index 790d76850..41a0e8dcd 100644 --- a/lib/com_err/com_err.c +++ b/lib/com_err/com_err.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -43,6 +43,7 @@ RCSID("$Id$"); #include #include #include +#include #include "com_err.h" struct et_list *_et_list; @@ -53,8 +54,7 @@ error_message (long code) static char msg[128]; const char *p = com_right(_et_list, code); if(p){ - strncpy(msg, p, sizeof(msg)); - msg[sizeof(msg)-1] = '\0'; + strcpy_truncate(msg, p, sizeof(msg)); } else{ snprintf(msg, sizeof(msg), "Unknown error %d", code); } @@ -76,18 +76,18 @@ default_proc (const char *whoami, long code, const char *fmt, va_list args) const void *arg[3], **ap = arg; if(whoami) { - strcat(f, "%s: "); + strcat_truncate(f, "%s: ", sizeof(f)); *ap++ = whoami; } if(code) { - strcat(f, "%s "); + strcat_truncate(f, "%s ", sizeof(f)); *ap++ = error_message(code); } if(fmt) { - strcat(f, "%s"); + strcat_truncate(f, "%s", sizeof(f)); *ap++ = fmt; } - strcat(f, "\r\n"); + strcat_truncate(f, "\r\n", sizeof(f)); asprintf(&x, f, arg[0], arg[1], arg[2]); vfprintf(stderr, x, args); free(x); diff --git a/lib/des/fcrypt.c b/lib/des/fcrypt.c index 3b64c9f44..cc390c3dc 100644 --- a/lib/des/fcrypt.c +++ b/lib/des/fcrypt.c @@ -203,9 +203,8 @@ crypt_md5(pw, salt) MD5Update(&ctx, pw+j, 1); /* Now make the output string */ - strcpy(passwd,magic); - strncat(passwd,sp,sl); - strcat(passwd,"$"); + snprintf (passwd, sizeof(passwd), + "%s%.*s$", magic, sl, sp); MD5Final(final,&ctx); diff --git a/lib/des/passwd_dlg.c b/lib/des/passwd_dlg.c index 8257495bc..9c42936a7 100644 --- a/lib/des/passwd_dlg.c +++ b/lib/des/passwd_dlg.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -84,12 +84,12 @@ pwd_dialog(char *buf, int size) switch(DialogBox(hInst,MAKEINTRESOURCE(IDD_PASSWD_DIALOG),wnd,pwd_dialog_proc)) { case IDOK: - strcpy(buf,passwd); - for(i=0; passwd[i] != '\0'; i++) passwd[i] = '\0'; + strcpy_truncate(buf, passwd, size); + memset (passwd, 0, sizeof(passwd)); return 0; case IDCANCEL: default: - for(i=0; passwd[i] != '\0'; i++) passwd[i] = '\0'; + memset (passwd, 0, sizeof(passwd)); return 1; } } diff --git a/lib/editline/ChangeLog b/lib/editline/ChangeLog index c71a98b33..47f7ba4a8 100644 --- a/lib/editline/ChangeLog +++ b/lib/editline/ChangeLog @@ -10,3 +10,10 @@ Sun Apr 19 09:53:46 1998 Assar Westerlund * Makefile.in: add symlink magic for linux +Sat Feb 7 07:24:30 1998 Assar Westerlund + + * editline.h: add prototypes + +Tue Feb 3 10:24:22 1998 Johan Danielsson + + * editline.c: If read returns EINTR, try again. diff --git a/lib/editline/complete.c b/lib/editline/complete.c index a806da512..b08643ef5 100644 --- a/lib/editline/complete.c +++ b/lib/editline/complete.c @@ -169,9 +169,8 @@ rl_complete(pathname, unique) if ((p = NEW(char, j + 1)) != NULL) { COPYFROMTO(p, av[0] + len, j); if ((new = NEW(char, strlen(dir) + strlen(av[0]) + 2)) != NULL) { - (void)strcpy(new, dir); - (void)strcat(new, "/"); - (void)strcat(new, av[0]); + snprintf (new, sizeof(new), + "%s/%s", dir, av[0]); rl_add_slash(new, p); DISPOSE(new); } diff --git a/lib/editline/editline.c b/lib/editline/editline.c index fada72fe7..8efe1efaf 100644 --- a/lib/editline/editline.c +++ b/lib/editline/editline.c @@ -23,6 +23,7 @@ #include #include "editline.h" #include +#include RCSID("$Id$"); @@ -177,10 +178,11 @@ TTYstring(unsigned char *p) TTYshow(*p++); } -static unsigned int +static int TTYget() { - unsigned char c; + char c; + int e; TTYflush(); if (Pushed) { @@ -189,7 +191,12 @@ TTYget() } if (*Input) return *Input++; - return read(0, &c, (size_t)1) == 1 ? c : EOF; + do { + e = read(0, &c, 1); + } while(e < 0 && errno == EINTR); + if(e == 1) + return c; + return EOF; } #define TTYback() (backspace ? TTYputs((unsigned char *)backspace) : TTYput('\b')) diff --git a/lib/editline/editline.h b/lib/editline/editline.h index 27c603107..5722b82ec 100644 --- a/lib/editline/editline.h +++ b/lib/editline/editline.h @@ -53,7 +53,7 @@ extern int rl_erase; extern int rl_intr; extern int rl_kill; extern int rl_quit; -extern char *rl_complete(); -extern int rl_list_possib(); -extern void rl_ttyset(); -extern void rl_add_slash(); +extern char *rl_complete(char *, int *); +extern int rl_list_possib(char *, char ***); +extern void rl_ttyset(int); +extern void rl_add_slash(char *, char *); diff --git a/lib/kafs/ChangeLog b/lib/kafs/ChangeLog index 5b86c02f4..b473460fa 100644 --- a/lib/kafs/ChangeLog +++ b/lib/kafs/ChangeLog @@ -26,6 +26,14 @@ Thu Feb 12 11:20:15 1998 Johan Danielsson * Makefile.in: Install/uninstall one library at a time. +Thu Feb 12 05:38:58 1998 Assar Westerlund + + * Makefile.in (install): one library at a time. + +Mon Feb 9 23:40:32 1998 Assar Westerlund + + * common.c (find_cells): ignore empty lines + Tue Jan 6 04:25:58 1998 Assar Westerlund * afssysdefs.h (AFS_SYSCALL): add FreeBSD diff --git a/lib/kafs/afskrb.c b/lib/kafs/afskrb.c index 704d920c5..1b3e53ea8 100644 --- a/lib/kafs/afskrb.c +++ b/lib/kafs/afskrb.c @@ -87,9 +87,10 @@ static char * get_realm(kafs_data *data, const char *host) { char *r = krb_realmofhost(host); - if(r) + if(r != NULL) return strdup(r); - return NULL; + else + return NULL; } int @@ -97,6 +98,7 @@ krb_afslog_uid(const char *cell, const char *realm, uid_t uid) { kafs_data kd; struct krb_kafs_data d; + kd.afslog_uid = afslog_uid_int; kd.get_cred = get_cred; kd.get_realm = get_realm; diff --git a/lib/kafs/afssys.c b/lib/kafs/afssys.c index 9b0346750..74449adc9 100644 --- a/lib/kafs/afssys.c +++ b/lib/kafs/afssys.c @@ -63,7 +63,7 @@ aix_setup(void) * If we are root or running setuid don't trust AFSLIBPATH! */ if (getuid() != 0 && !issuid() && (p = getenv("AFSLIBPATH")) != NULL) - snprintf(path, sizeof(path), "%s", p); + strcpy_truncate(path, p, sizeof(path)); else snprintf(path, sizeof(path), "%s/afslib.so", LIBDIR); diff --git a/lib/kafs/afssysdefs.h b/lib/kafs/afssysdefs.h index 9fb6f5524..c394f1bbe 100644 --- a/lib/kafs/afssysdefs.h +++ b/lib/kafs/afssysdefs.h @@ -79,7 +79,7 @@ #define AFS_SYSCALL 31 #endif -#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) +#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) #define AFS_SYSCALL 210 #endif diff --git a/lib/kafs/common.c b/lib/kafs/common.c index 196b1ad37..481fd7d44 100644 --- a/lib/kafs/common.c +++ b/lib/kafs/common.c @@ -155,8 +155,9 @@ dns_find_cell(const char *cell, char *dbserver, size_t len) struct resource_record *rr = r->head; while(rr){ if(rr->type == T_AFSDB && rr->u.afsdb->preference == 1){ - strncpy(dbserver, rr->u.afsdb->domain, len); - dbserver[len - 1] = '\0'; + strcpy_truncate(dbserver, + rr->u.afsdb->domain, + len); ok = 0; break; } @@ -184,7 +185,10 @@ find_cells(char *file, char ***cells, int *index) return; while (fgets(cell, sizeof(cell), f)) { char *nl = strchr(cell, '\n'); - if (nl) *nl = 0; + if (nl) + *nl = '\0'; + if (cell[0] == '\0') + continue; for(i = 0; i < ind; i++) if(strcmp((*cells)[i], cell) == 0) break; diff --git a/lib/kafs/dlfcn.c b/lib/kafs/dlfcn.c index 3f4de9221..98e081ceb 100644 --- a/lib/kafs/dlfcn.c +++ b/lib/kafs/dlfcn.c @@ -115,14 +115,12 @@ void *dlopen(const char *path, int mode) } if ((mp = (ModulePtr)calloc(1, sizeof(*mp))) == NULL) { errvalid++; - strcpy(errbuf, "calloc: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, "calloc: %s", strerror(errno)); return NULL; } if ((mp->name = strdup(path)) == NULL) { errvalid++; - strcpy(errbuf, "strdup: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, "strdup: %s", strerror(errno)); free(mp); return NULL; } @@ -134,9 +132,8 @@ void *dlopen(const char *path, int mode) free(mp->name); free(mp); errvalid++; - strcpy(errbuf, "dlopen: "); - strcat(errbuf, path); - strcat(errbuf, ": "); + snprintf (errbuf, sizeof(errbuf), + "dlopen: %s: ", path); /* * If AIX says the file is not executable, the error * can be further described by querying the loader about @@ -145,14 +142,18 @@ void *dlopen(const char *path, int mode) if (errno == ENOEXEC) { char *tmp[BUFSIZ/sizeof(char *)]; if (loadquery(L_GETMESSAGES, tmp, sizeof(tmp)) == -1) - strcpy(errbuf, strerror(errno)); + strcpy_truncate(errbuf, + strerror(errno), + sizeof(errbuf)); else { char **p; for (p = tmp; *p; p++) caterr(*p); } } else - strcat(errbuf, strerror(errno)); + strcat_truncate(errbuf, + strerror(errno), + sizeof(errbuf)); return NULL; } mp->refCnt = 1; @@ -161,8 +162,8 @@ void *dlopen(const char *path, int mode) if (loadbind(0, mainModule, mp->entry) == -1) { dlclose(mp); errvalid++; - strcpy(errbuf, "loadbind: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, sizeof(errbuf), + "loadbind: %s", strerror(errno)); return NULL; } /* @@ -175,8 +176,9 @@ void *dlopen(const char *path, int mode) if (loadbind(0, mp1->entry, mp->entry) == -1) { dlclose(mp); errvalid++; - strcpy(errbuf, "loadbind: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, sizeof(errbuf), + "loadbind: %s", + strerror(errno)); return NULL; } } @@ -229,29 +231,29 @@ static void caterr(char *s) p++; switch(atoi(s)) { case L_ERROR_TOOMANY: - strcat(errbuf, "to many errors"); + strcat_truncate(errbuf, "to many errors", sizeof(errbuf)); break; case L_ERROR_NOLIB: - strcat(errbuf, "can't load library"); - strcat(errbuf, p); + strcat_truncate(errbuf, "can't load library", sizeof(errbuf)); + strcat_truncate(errbuf, p, sizeof(errbuf)); break; case L_ERROR_UNDEF: - strcat(errbuf, "can't find symbol"); - strcat(errbuf, p); + strcat_truncate(errbuf, "can't find symbol", sizeof(errbuf)); + strcat_truncate(errbuf, p, sizeof(errbuf)); break; case L_ERROR_RLDBAD: - strcat(errbuf, "bad RLD"); - strcat(errbuf, p); + strcat_truncate(errbuf, "bad RLD", sizeof(errbuf)); + strcat_truncate(errbuf, p, sizeof(errbuf)); break; case L_ERROR_FORMAT: - strcat(errbuf, "bad exec format in"); - strcat(errbuf, p); + strcat_truncate(errbuf, "bad exec format in", sizeof(errbuf)); + strcat_truncate(errbuf, p, sizeof(errbuf)); break; case L_ERROR_ERRNO: - strcat(errbuf, strerror(atoi(++p))); + strcat_truncate(errbuf, strerror(atoi(++p)), sizeof(errbuf)); break; default: - strcat(errbuf, s); + strcat_truncate(errbuf, s, sizeof(errbuf)); break; } } @@ -270,8 +272,8 @@ void *dlsym(void *handle, const char *symbol) if (strcmp(ep->name, symbol) == 0) return ep->addr; errvalid++; - strcpy(errbuf, "dlsym: undefined symbol "); - strcat(errbuf, symbol); + snprintf (errbuf, sizeof(errbuf), + "dlsym: undefined symbol %s", symbol); return NULL; } @@ -311,7 +313,8 @@ int dlclose(void *handle) result = unload(mp->entry); if (result == -1) { errvalid++; - strcpy(errbuf, strerror(errno)); + snprintf (errbuf, sizeof(errbuf), + "%s", strerror(errno)); } if (mp->exports) { ExportPtr ep; @@ -360,8 +363,9 @@ static int readExports(ModulePtr mp) int size = 4*1024; if (errno != ENOENT) { errvalid++; - strcpy(errbuf, "readExports: "); - strcat(errbuf, strerror(errno)); + snprintf(errbuf, sizeof(errbuf), + "readExports: %s", + strerror(errno)); return -1; } /* @@ -371,8 +375,9 @@ static int readExports(ModulePtr mp) */ if ((buf = malloc(size)) == NULL) { errvalid++; - strcpy(errbuf, "readExports: "); - strcat(errbuf, strerror(errno)); + snprintf(errbuf, sizeof(errbuf), + "readExports: %s", + strerror(errno)); return -1; } while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { @@ -380,15 +385,17 @@ static int readExports(ModulePtr mp) size += 4*1024; if ((buf = malloc(size)) == NULL) { errvalid++; - strcpy(errbuf, "readExports: "); - strcat(errbuf, strerror(errno)); + snprintf(errbuf, sizeof(errbuf), + "readExports: %s", + strerror(errno)); return -1; } } if (i == -1) { errvalid++; - strcpy(errbuf, "readExports: "); - strcat(errbuf, strerror(errno)); + snprintf(errbuf, sizeof(errbuf), + "readExports: %s", + strerror(errno)); free(buf); return -1; } @@ -411,14 +418,14 @@ static int readExports(ModulePtr mp) free(buf); if (!ldp) { errvalid++; - strcpy(errbuf, "readExports: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, sizeof(errbuf), + "readExports: %s", strerror(errno)); return -1; } } if (TYPE(ldp) != U802TOCMAGIC) { errvalid++; - strcpy(errbuf, "readExports: bad magic"); + snprintf(errbuf, sizeof(errbuf), "readExports: bad magic"); while(ldclose(ldp) == FAILURE) ; return -1; @@ -430,14 +437,16 @@ static int readExports(ModulePtr mp) */ if (ldnshread(ldp, _DATA, &shdata) != SUCCESS) { errvalid++; - strcpy(errbuf, "readExports: cannot read data section header"); + snprintf(errbuf, sizeof(errbuf), + "readExports: cannot read data section header"); while(ldclose(ldp) == FAILURE) ; return -1; } if (ldnshread(ldp, _LOADER, &sh) != SUCCESS) { errvalid++; - strcpy(errbuf, "readExports: cannot read loader section header"); + snprintf(errbuf, sizeof(errbuf), + "readExports: cannot read loader section header"); while(ldclose(ldp) == FAILURE) ; return -1; @@ -448,15 +457,16 @@ static int readExports(ModulePtr mp) */ if ((ldbuf = (char *)malloc(sh.s_size)) == NULL) { errvalid++; - strcpy(errbuf, "readExports: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, sizeof(errbuf), + "readExports: %s", strerror(errno)); while(ldclose(ldp) == FAILURE) ; return -1; } if (FSEEK(ldp, sh.s_scnptr, BEGINNING) != OKFSEEK) { errvalid++; - strcpy(errbuf, "readExports: cannot seek to loader section"); + snprintf(errbuf, sizeof(errbuf), + "readExports: cannot seek to loader section"); free(ldbuf); while(ldclose(ldp) == FAILURE) ; @@ -464,7 +474,8 @@ static int readExports(ModulePtr mp) } if (FREAD(ldbuf, sh.s_size, 1, ldp) != 1) { errvalid++; - strcpy(errbuf, "readExports: cannot read loader section"); + snprintf(errbuf, sizeof(errbuf), + "readExports: cannot read loader section"); free(ldbuf); while(ldclose(ldp) == FAILURE) ; @@ -482,8 +493,8 @@ static int readExports(ModulePtr mp) } if ((mp->exports = (ExportPtr)calloc(mp->nExports, sizeof(*mp->exports))) == NULL) { errvalid++; - strcpy(errbuf, "readExports: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, sizeof(errbuf), + "readExports: %s", strerror(errno)); free(ldbuf); while(ldclose(ldp) == FAILURE) ; @@ -508,8 +519,8 @@ static int readExports(ModulePtr mp) * must copy the first SYMNMLEN chars and make * sure we have a zero byte at the end. */ - strncpy(tmpsym, ls->l_name, SYMNMLEN); - tmpsym[SYMNMLEN] = '\0'; + strcpy_truncate (tmpsym, ls->l_name, + SYMNMLEN + 1); symname = tmpsym; } ep->name = strdup(symname); @@ -537,8 +548,8 @@ static void * findMain(void) if ((buf = malloc(size)) == NULL) { errvalid++; - strcpy(errbuf, "findMain: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, sizeof(errbuf), + "findMail: %s", strerror(errno)); return NULL; } while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { @@ -546,15 +557,15 @@ static void * findMain(void) size += 4*1024; if ((buf = malloc(size)) == NULL) { errvalid++; - strcpy(errbuf, "findMain: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, sizeof(errbuf), + "findMail: %s", strerror(errno)); return NULL; } } if (i == -1) { errvalid++; - strcpy(errbuf, "findMain: "); - strcat(errbuf, strerror(errno)); + snprintf (errbuf, sizeof(errbuf), + "findMail: %s", strerror(errno)); free(buf); return NULL; } diff --git a/lib/otp/ChangeLog b/lib/otp/ChangeLog index 4edbabfae..9837fffb1 100644 --- a/lib/otp/ChangeLog +++ b/lib/otp/ChangeLog @@ -10,6 +10,10 @@ Sun Apr 19 09:59:46 1998 Assar Westerlund * Makefile.in: add symlink magic for linux +Sat Feb 7 07:27:18 1998 Assar Westerlund + + * otp_db.c (otp_put): make sure we don't overrun `buf' + Sun Nov 9 07:14:59 1997 Assar Westerlund * otp_locl.h: use xdbm.h diff --git a/lib/otp/otp_db.c b/lib/otp/otp_db.c index ffe9f676f..f51398d34 100644 --- a/lib/otp/otp_db.c +++ b/lib/otp/otp_db.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -145,8 +145,7 @@ otp_get_internal (void *v, OtpContext *ctx, int lockp) p += 4; memcpy (ctx->key, p, OTPKEYSIZE); p += OTPKEYSIZE; - strncpy (ctx->seed, p, sizeof(ctx->seed)); - ctx->seed[sizeof(ctx->seed) - 1] = '\0'; + strcpy_truncate (ctx->seed, p, sizeof(ctx->seed)); if (lockp) return dbm_store (dbm, key, dat, DBM_REPLACE); else @@ -184,15 +183,29 @@ otp_put (void *v, OtpContext *ctx) datum dat, key; char buf[1024], *p; time_t zero = 0; + size_t len, rem; key.dsize = strlen(ctx->user); key.dptr = ctx->user; p = buf; + rem = sizeof(buf); + + if (rem < sizeof(zero)) + return -1; memcpy (p, &zero, sizeof(zero)); p += sizeof(zero); + rem -= sizeof(zero); + len = strlen(ctx->alg->name) + 1; + + if (rem < len) + return -1; strcpy (p, ctx->alg->name); - p += strlen(p) + 1; + p += len; + rem -= len; + + if (rem < 4) + return -1; { unsigned char *up = (unsigned char *)p; *up++ = (ctx->n >> 24) & 0xFF; @@ -201,10 +214,20 @@ otp_put (void *v, OtpContext *ctx) *up++ = (ctx->n >> 0) & 0xFF; } p += 4; + rem -= 4; + + if (rem < OTPKEYSIZE) + return -1; memcpy (p, ctx->key, OTPKEYSIZE); p += OTPKEYSIZE; + rem -= OTPKEYSIZE; + + len = strlen(ctx->seed) + 1; + if (rem < len) + return -1; strcpy (p, ctx->seed); - p += strlen(p) + 1; + p += len; + rem -= len; dat.dptr = buf; dat.dsize = p - buf; return dbm_store (dbm, key, dat, DBM_REPLACE); diff --git a/lib/otp/otp_print.c b/lib/otp/otp_print.c index 21b6df01d..482e15be9 100644 --- a/lib/otp/otp_print.c +++ b/lib/otp/otp_print.c @@ -88,15 +88,17 @@ otp_print_hex (OtpKey key, char *str, size_t sz) void otp_print_hex_extended (OtpKey key, char *str, size_t sz) { - strncpy (str, OTP_HEXPREFIX, sz); - str[sz-1] = '\0'; - otp_print_hex (key, str + strlen(OTP_HEXPREFIX), sz - strlen(OTP_HEXPREFIX)); + strcpy_truncate (str, OTP_HEXPREFIX, sz); + otp_print_hex (key, + str + strlen(OTP_HEXPREFIX), + sz - strlen(OTP_HEXPREFIX)); } void otp_print_stddict_extended (OtpKey key, char *str, size_t sz) { - strncpy (str, OTP_WORDPREFIX, sz); - str[sz-1] = '\0'; - otp_print_stddict (key, str + strlen(OTP_WORDPREFIX), sz - strlen(OTP_WORDPREFIX)); + strcpy_truncate (str, OTP_WORDPREFIX, sz); + otp_print_stddict (key, + str + strlen(OTP_WORDPREFIX), + sz - strlen(OTP_WORDPREFIX)); } diff --git a/lib/roken/ChangeLog b/lib/roken/ChangeLog index 4dc04cb62..30388ae3e 100644 --- a/lib/roken/ChangeLog +++ b/lib/roken/ChangeLog @@ -64,6 +64,11 @@ Thu Feb 12 03:30:08 1998 Assar Westerlund * parse_time.c (print_time_table): don't return a void value. +Tue Feb 3 11:06:24 1998 Johan Danielsson + + * getarg.c (mandoc_template): Change date format to full month + name, and day of month without leading zero. + Thu Jan 22 21:23:23 1998 Johan Danielsson * getarg.c: Fix long form of negative flags. diff --git a/lib/roken/concat.c b/lib/roken/concat.c index 9a8ed5049..65df7c18a 100644 --- a/lib/roken/concat.c +++ b/lib/roken/concat.c @@ -64,7 +64,7 @@ roken_vconcat (char *s, size_t len, va_list args) if (n >= len) return -1; - strncpy (s, a, n); + memcpy (s, a, n); s += n; len -= n; } @@ -82,7 +82,6 @@ roken_vmconcat (char **s, size_t max_len, va_list args) p = malloc(1); if(p == NULL) return 0; - *p = 0; len = 1; while ((a = va_arg(args, const char*))) { size_t n = strlen (a); @@ -97,9 +96,10 @@ roken_vmconcat (char **s, size_t max_len, va_list args) return 0; } p = q; + memcpy (p + len - 1, a, n); len += n; - strcat(p, a); } + p[len - 1] = '\0'; *s = p; return len; } diff --git a/lib/roken/getarg.c b/lib/roken/getarg.c index 925e8d3fe..0412f9f3a 100644 --- a/lib/roken/getarg.c +++ b/lib/roken/getarg.c @@ -97,12 +97,11 @@ mandoc_template(struct getargs *args, printf(".\\\" * use better macros for arguments (like .Pa for files)\n"); printf(".\\\"\n"); t = time(NULL); - strftime(timestr, sizeof(timestr), "%b %d, %Y", localtime(&t)); + strftime(timestr, sizeof(timestr), "%B %e, %Y", localtime(&t)); printf(".Dd %s\n", timestr); p = strrchr(__progname, '/'); if(p) p++; else p = __progname; - strncpy(cmd, p, sizeof(cmd)); - cmd[sizeof(cmd)-1] = '\0'; + strcpy_truncate(cmd, p, sizeof(cmd)); strupr(cmd); printf(".Dt %s SECTION\n", cmd); diff --git a/lib/roken/getcwd.c b/lib/roken/getcwd.c index b5ff1659c..9313a6e48 100644 --- a/lib/roken/getcwd.c +++ b/lib/roken/getcwd.c @@ -57,6 +57,6 @@ getcwd(char *path, size_t size) char *ret; ret = getwd(xxx); if(ret) - strncpy(path, xxx, size); + strcpy_truncate(path, xxx, size); return ret; } diff --git a/lib/roken/gethostname.c b/lib/roken/gethostname.c index 6789eed37..9795fb32f 100644 --- a/lib/roken/gethostname.c +++ b/lib/roken/gethostname.c @@ -65,13 +65,11 @@ gethostname(char *name, int namelen) ret = uname (&utsname); if (ret < 0) return ret; - strncpy (name, utsname.nodename, namelen); - name[namelen-1] = '\0'; + strcpy_truncate (name, utsname.nodename, namelen); return 0; } #else - strncpy (name, "some.random.host", namelen); - name[namelen-1] = '\0'; + strcpy_truncate (name, "some.random.host", namelen); return 0; #endif } diff --git a/lib/roken/glob.c b/lib/roken/glob.c index 8f19d7ca4..7dd69514e 100644 --- a/lib/roken/glob.c +++ b/lib/roken/glob.c @@ -748,7 +748,7 @@ g_opendir(Char *str, glob_t *pglob) char buf[MaxPathLen]; if (!*str) - strcpy(buf, "."); + strcpy_truncate(buf, ".", sizeof(buf)); else g_Ctoc(str, buf); diff --git a/lib/roken/inaddr2str.c b/lib/roken/inaddr2str.c index f17c3d0f9..2733b8a9a 100644 --- a/lib/roken/inaddr2str.c +++ b/lib/roken/inaddr2str.c @@ -84,12 +84,10 @@ inaddr2str(struct in_addr addr, char *s, size_t len) if(h) while ((p = *(h->h_addr_list)++)) if (memcmp (p, &addr, sizeof(addr)) == 0) { - strncpy (s, h->h_name, len); - s[len - 1] = '\0'; + strcpy_truncate (s, h->h_name, len); return; } } - strncpy (s, inet_ntoa (addr), len); - s[len - 1] = '\0'; + strcpy_truncate (s, inet_ntoa (addr), len); return; } diff --git a/lib/roken/iruserok.c b/lib/roken/iruserok.c index 4d9694e40..8abcd4e8b 100644 --- a/lib/roken/iruserok.c +++ b/lib/roken/iruserok.c @@ -127,8 +127,7 @@ __ivaliduser(FILE *hostf, unsigned raddr, const char *luser, sizeof(u_long), AF_INET)) == NULL) return (-1); - strncpy(hname, hp->h_name, sizeof(hname)); - hname[sizeof(hname) - 1] = '\0'; + strcpy_truncate(hname, hp->h_name, sizeof(hname)); while (fgets(buf, sizeof(buf), hostf)) { p = buf; @@ -257,8 +256,7 @@ again: first = 0; if ((pwd = k_getpwnam((char*)luser)) == NULL) return (-1); - strcpy(pbuf, pwd->pw_dir); - strcat(pbuf, "/.rhosts"); + snprintf (pbuf, sizeof(pbuf), "%s/.rhosts", pwd->pw_dir); /* * Change effective uid while opening .rhosts. If root and diff --git a/lib/roken/roken.h.in b/lib/roken/roken.h.in index 69ef94d0a..a1328245a 100644 --- a/lib/roken/roken.h.in +++ b/lib/roken/roken.h.in @@ -193,6 +193,14 @@ char *strtok_r(char *s1, const char *s2, char **lasts); char * strupr(char *); #endif +#ifndef HAVE_STRCPY_TRUNCATE +int strcpy_truncate (char *dst, const char *src, size_t dst_sz); +#endif + +#ifndef HAVE_STRCAT_TRUNCATE +int strcat_truncate (char *dst, const char *src, size_t dst_sz); +#endif + #ifndef HAVE_GETDTABLESIZE int getdtablesize(void); #endif diff --git a/lib/roken/snprintf.c b/lib/roken/snprintf.c index 174a10875..f9b560acb 100644 --- a/lib/roken/snprintf.c +++ b/lib/roken/snprintf.c @@ -70,6 +70,7 @@ struct state { /* XXX - methods */ }; +#ifndef HAVE_VSNPRINTF static int sn_reserve (struct state *state, size_t n) { @@ -86,6 +87,7 @@ sn_append_char (struct state *state, char c) return 0; } } +#endif static int as_reserve (struct state *state, size_t n) diff --git a/lib/roken/strcpy_truncate.c b/lib/roken/strcpy_truncate.c index 9f2a9e671..5964900fe 100644 --- a/lib/roken/strcpy_truncate.c +++ b/lib/roken/strcpy_truncate.c @@ -43,6 +43,8 @@ RCSID("$Id$"); +#ifndef HAVE_STRCPY_TRUNCATE + int strcpy_truncate (char *dst, const char *src, size_t dst_sz) { @@ -59,3 +61,5 @@ strcpy_truncate (char *dst, const char *src, size_t dst_sz) else return dst_sz; } + +#endif diff --git a/lib/roken/strerror.c b/lib/roken/strerror.c index 01ec0e2da..b040912e8 100644 --- a/lib/roken/strerror.c +++ b/lib/roken/strerror.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -56,7 +56,7 @@ strerror(int eno) if(eno < 0 || eno >= sys_nerr) snprintf(emsg, sizeof(emsg), "Error %d occurred.", eno); else - strcpy(emsg, sys_errlist[eno]); + snprintf(emsg, sizeof(emsg), "%s", sys_errlist[eno]); return emsg; } diff --git a/lib/roken/strlcpy.c b/lib/roken/strlcpy.c index 9f2a9e671..5964900fe 100644 --- a/lib/roken/strlcpy.c +++ b/lib/roken/strlcpy.c @@ -43,6 +43,8 @@ RCSID("$Id$"); +#ifndef HAVE_STRCPY_TRUNCATE + int strcpy_truncate (char *dst, const char *src, size_t dst_sz) { @@ -59,3 +61,5 @@ strcpy_truncate (char *dst, const char *src, size_t dst_sz) else return dst_sz; } + +#endif diff --git a/lib/sl/ChangeLog b/lib/sl/ChangeLog index 1d21a589a..ef03b2fbd 100644 --- a/lib/sl/ChangeLog +++ b/lib/sl/ChangeLog @@ -51,6 +51,10 @@ Sun Feb 15 05:12:11 1998 Johan Danielsson * sl.c: Move command line split to function `sl_make_argv'. +Tue Feb 3 16:45:44 1998 Johan Danielsson + + * sl.c: Add sl_command_loop, that is the loop body of sl_loop. + Mon Oct 20 01:13:21 1997 Assar Westerlund * sl.c (sl_help): actually use the `help' field of `SL_cmd' diff --git a/lib/sl/sl.c b/lib/sl/sl.c index be09f89bb..37a7cf402 100644 --- a/lib/sl/sl.c +++ b/lib/sl/sl.c @@ -143,6 +143,11 @@ sl_command(SL_cmd *cmds, int argc, char **argv) return (*c->func)(argc, argv); } +struct sl_data { + int max_count; + char **ptr; +}; + int sl_make_argv(char *line, int *ret_argc, char ***ret_argv) { @@ -178,39 +183,47 @@ sl_make_argv(char *line, int *ret_argc, char ***ret_argv) return 0; } +/* return values: 0 on success, -1 on fatal error, or return value of command */ int -sl_loop (SL_cmd *cmds, char *prompt) +sl_command_loop(SL_cmd *cmds, char *prompt, void **data) { + int ret = 0; char *buf; + SL_cmd *c; int argc; char **argv; - int ret = 0; + + ret = 0; + buf = readline(prompt); + if(buf == NULL) + return 1; - while(ret == 0) { - ret = 0; - /* XXX should make sure this doesn't do funny things if stdin - is not a tty */ - buf = readline(prompt); - if(buf == NULL) - break; - - if(*buf) - add_history(buf); - argc = 0; - ret = sl_make_argv(buf, &argc, &argv); - if(ret) { - fprintf(stderr, "sl_loop: out of memory\n"); - return -1; - } - if(argc >= 1) { - ret = sl_command(cmds, argc, argv); - if(ret == -1) { - printf ("Unrecognized command: %s\n", argv[0]); - ret = 0; - } - } - free(argv); + if(*buf) + add_history(buf); + ret = sl_make_argv(buf, &argc, &argv); + if(ret) { + fprintf(stderr, "sl_loop: out of memory\n"); free(buf); + return -1; } - return 0; + if (argc >= 1) { + ret = sl_command(cmds, argc, argv); + if(ret == -1) { + printf ("Unrecognized command: %s\n", argv[0]); + ret = 0; + } + } + free(buf); + free(argv); + return ret; +} + +int +sl_loop(SL_cmd *cmds, char *prompt) +{ + void *data = NULL; + int ret; + while((ret = sl_command_loop(cmds, prompt, &data)) == 0) + ; + return ret; } diff --git a/lib/sl/sl.h b/lib/sl/sl.h index c1edeaf32..5d6cd18e4 100644 --- a/lib/sl/sl.h +++ b/lib/sl/sl.h @@ -54,6 +54,7 @@ typedef struct sl_cmd SL_cmd; void sl_help (SL_cmd *, int argc, char **argv); int sl_loop (SL_cmd *, char *prompt); +int sl_command_loop (SL_cmd *cmds, char *prompt, void **data); int sl_command (SL_cmd *cmds, int argc, char **argv); int sl_make_argv(char*, int*, char***);