bbs/deb-goldedplus
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use version of strschg_environ() with control bufer overflow

Browse Source
This commit is contained in:
Stas Degteff 2011-02-17 23:22:23 +00:00
parent bfd77e1a19
commit b4ed4dc416
7 changed files with 20 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
golded3/gcarea.cpp
View File

@ -198,7 +198,7 @@ void AreaList::AddNewArea(AreaCfg* aa)
return; return;
MapPath(aa->path); MapPath(aa->path);
AddBackslash(aa->path); AddBackslash(aa->path);
strschg_environ(aa->path); strschg_environ(aa->path, sizeof(aa->path));
} }
#ifndef GMB_NOHUDS #ifndef GMB_NOHUDS
else if (aa->basetype == "HUDSON") else if (aa->basetype == "HUDSON")
@ -232,7 +232,7 @@ void AreaList::AddNewArea(AreaCfg* aa)
return; return;
MapPath(aa->path); MapPath(aa->path);
StripBackslash(aa->path); StripBackslash(aa->path);
strschg_environ(aa->path); strschg_environ(aa->path, sizeof(aa->path));
} }
#endif #endif
#ifndef GMB_NOXBBS #ifndef GMB_NOXBBS
@ -242,7 +242,7 @@ void AreaList::AddNewArea(AreaCfg* aa)
return; return;
MapPath(aa->path); MapPath(aa->path);
StripBackslash(aa->path); StripBackslash(aa->path);
strschg_environ(aa->path); strschg_environ(aa->path, sizeof(aa->path));
} }
#endif #endif
#ifndef GMB_NOSQSH #ifndef GMB_NOSQSH
@ -252,7 +252,7 @@ void AreaList::AddNewArea(AreaCfg* aa)
return; return;
MapPath(aa->path); MapPath(aa->path);
StripBackslash(aa->path); StripBackslash(aa->path);
strschg_environ(aa->path); strschg_environ(aa->path, sizeof(aa->path));
} }
#endif #endif
#ifndef GMB_NOJAM #ifndef GMB_NOJAM
@ -262,7 +262,7 @@ void AreaList::AddNewArea(AreaCfg* aa)
return; return;
MapPath(aa->path); MapPath(aa->path);
StripBackslash(aa->path); StripBackslash(aa->path);
strschg_environ(aa->path); strschg_environ(aa->path, sizeof(aa->path));
} }
#endif #endif
#ifndef GMB_NOPCB #ifndef GMB_NOPCB
@ -270,7 +270,7 @@ void AreaList::AddNewArea(AreaCfg* aa)
{ {
MapPath(aa->path); MapPath(aa->path);
StripBackslash(aa->path); StripBackslash(aa->path);
strschg_environ(aa->path); strschg_environ(aa->path, sizeof(aa->path));
} }
#endif #endif
#ifndef GMB_NOSMB #ifndef GMB_NOSMB
@ -280,7 +280,7 @@ void AreaList::AddNewArea(AreaCfg* aa)
return; return;
MapPath(aa->path); MapPath(aa->path);
StripBackslash(aa->path); StripBackslash(aa->path);
strschg_environ(aa->path); strschg_environ(aa->path, sizeof(aa->path));
} }
#endif #endif
else if (aa->basetype == "SEPARATOR") else if (aa->basetype == "SEPARATOR")

4
golded3/gccfgg0.cpp
View File

@ -881,7 +881,7 @@ int ReadCfg(const char* cfgfile, int ignoreunknown)
if(not _gotcond) { if(not _gotcond) {
switch(crc) { switch(crc) {
case CRC_INCLUDE: case CRC_INCLUDE:
strschg_environ(val); strschg_environ(val, (buf+sizeof(buf))-val);
MapPath(val); MapPath(val);
if (not quiet) if (not quiet)
@ -894,7 +894,7 @@ int ReadCfg(const char* cfgfile, int ignoreunknown)
break; break;
case CRC_AREAFILE: case CRC_AREAFILE:
strschg_environ(val); strschg_environ(val, (buf+sizeof(buf))-val);
MapPath(val); MapPath(val);
if (not quiet) if (not quiet)

2
golded3/gedoit.cpp
View File

@ -54,7 +54,7 @@ void SaveLines(int mode, const char* savefile, GMsg* msg, int margin, bool clip)
else else
{ {
strcpy(fnam, savefile); strcpy(fnam, savefile);
strschg_environ(fnam); strschg_environ(fnam, sizeof(fnam));
prnfp.Fopen(fnam, prnacc, CFG->sharemode); prnfp.Fopen(fnam, prnacc, CFG->sharemode);
} }
int lines=0; int lines=0;

6
golded3/geinit.cpp
View File

@ -656,7 +656,7 @@ void Initialize(int argc, char* argv[]) {
// Get it in user directory (step 1) // Get it in user directory (step 1)
if(not found) { if(not found) {
strxcpy(cmdlinecfg, CFGUSERPATH1, sizeof(cmdlinecfg)); strxcpy(cmdlinecfg, CFGUSERPATH1, sizeof(cmdlinecfg));
strschg_environ(cmdlinecfg); strschg_environ(cmdlinecfg, sizeof(cmdlinecfg));
found = FindCfg(cmdlinecfg); found = FindCfg(cmdlinecfg);
} }
#endif #endif
@ -664,7 +664,7 @@ void Initialize(int argc, char* argv[]) {
// Get it in user directory (step 2) // Get it in user directory (step 2)
if(not found) { if(not found) {
strxcpy(cmdlinecfg, CFGUSERPATH2, sizeof(cmdlinecfg)); strxcpy(cmdlinecfg, CFGUSERPATH2, sizeof(cmdlinecfg));
strschg_environ(cmdlinecfg); strschg_environ(cmdlinecfg, sizeof(cmdlinecfg));
found = FindCfg(cmdlinecfg); found = FindCfg(cmdlinecfg);
} }
#endif #endif
@ -672,7 +672,7 @@ void Initialize(int argc, char* argv[]) {
// Get it in system config directory // Get it in system config directory
if(not found) { if(not found) {
strxcpy(cmdlinecfg, CFGPATH, sizeof(cmdlinecfg)); strxcpy(cmdlinecfg, CFGPATH, sizeof(cmdlinecfg));
strschg_environ(cmdlinecfg); strschg_environ(cmdlinecfg, sizeof(cmdlinecfg));
found = FindCfg(cmdlinecfg); found = FindCfg(cmdlinecfg);
} }
#endif #endif

4
golded3/gerand.cpp
View File

@ -38,10 +38,10 @@ char* GetRandomLine(char* __buf, size_t __bufsize, const char* file)
Path indexfile; Path indexfile;
Path __file; Path __file;
if( (__buf==NULL) || (__file==NULL) ) return __buf; if( (__buf==NULL) || (file==NULL) ) return __buf;
strxcpy(__file, file, sizeof(Path)); strxcpy(__file, file, sizeof(Path));
strschg_environ(__file); strschg_environ(__file, sizeof(Path));
replaceextension(indexfile, __file, ".sdx"); replaceextension(indexfile, __file, ".sdx");

2
golded3/geutil2.cpp
View File

@ -78,7 +78,7 @@ bool edit_pathname(char* buf, int buf_size, char* title, int helpcat) {
} }
} }
strschg_environ(buf); strschg_environ(buf, buf_size);
return true; return true;
} }

7
goldnode/goldnode.cpp
View File

@ -1239,6 +1239,7 @@ char* _MapPath(char* fmap, bool reverse) {
static int parse_config(const char *__configfile, Addr& zoneaddr) static int parse_config(const char *__configfile, Addr& zoneaddr)
{ {
char buf[512]; char buf[512];
const char * const top_buf = buf+sizeof(buf);
char* ptr; char* ptr;
char* key; char* key;
word crc; word crc;
@ -1328,7 +1329,7 @@ static int parse_config(const char *__configfile, Addr& zoneaddr)
ndz.point = 0; ndz.point = 0;
ndl.ft = (dword)-1; ndl.ft = (dword)-1;
ndl.fc = NO; ndl.fc = NO;
strschg_environ(value); strschg_environ(value, top_buf-value);
_MapPath(value); _MapPath(value);
strcpy(ndl.fn, value); strcpy(ndl.fn, value);
nodelist.push_back(ndl); nodelist.push_back(ndl);
@ -1353,7 +1354,7 @@ static int parse_config(const char *__configfile, Addr& zoneaddr)
ndz.point = 0; ndz.point = 0;
ndl.ft = (dword)-1; ndl.ft = (dword)-1;
ndl.fc = NO; ndl.fc = NO;
strschg_environ(value); strschg_environ(value, top_buf-value);
_MapPath(value); _MapPath(value);
strcpy(ndl.fn, value); strcpy(ndl.fn, value);
userlist.push_back(ndl); userlist.push_back(ndl);
@ -1381,7 +1382,7 @@ static int parse_config(const char *__configfile, Addr& zoneaddr)
sh_mod = GetYesno(value) ? SH_DENYNO : SH_COMPAT; sh_mod = GetYesno(value) ? SH_DENYNO : SH_COMPAT;
break; break;
case CRC_INCLUDE: case CRC_INCLUDE:
strschg_environ(value); strschg_environ(value, top_buf-value);
_MapPath(value); _MapPath(value);
if(not parse_config(value,zoneaddr)) // NOTE! This is a recursive call! if(not parse_config(value,zoneaddr)) // NOTE! This is a recursive call!
if(not quiet) std::cout << "* Could not read configuration file " << value << '!' << NL; if(not quiet) std::cout << "* Could not read configuration file " << value << '!' << NL;