bbs/deb-mbse
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Secured sprintf with snprintf

Browse Source
This commit is contained in:
Michiel Broek 2005-08-29 11:46:06 +00:00
parent 30fa93a8b2
commit 1bd3ca1df0
3 changed files with 94 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
mbsebbs/filesub.c
View File

@ -4,7 +4,7 @@
* Purpose ...............: All the file sub functions. * Purpose ...............: All the file sub functions.
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -111,7 +111,7 @@ void GetstrD(char *sStr, int iMaxlen)
if (ch > 31 && ch < 127) { if (ch > 31 && ch < 127) {
if (iPos <= iMaxlen) { if (iPos <= iMaxlen) {
iPos++; iPos++;
sprintf(sStr, "%s%c", sStr, ch); snprintf(sStr, iMaxlen, "%s%c", sStr, ch);
PUTCHAR(ch); PUTCHAR(ch);
} else } else
PUTCHAR(7); PUTCHAR(7);
@ -132,7 +132,7 @@ FILE *OpenFareas(int Write)
char *FileArea; char *FileArea;
FileArea = calloc(PATH_MAX, sizeof(char)); FileArea = calloc(PATH_MAX, sizeof(char));
sprintf(FileArea, "%s/etc/fareas.data", getenv("MBSE_ROOT")); snprintf(FileArea, PATH_MAX, "%s/etc/fareas.data", getenv("MBSE_ROOT"));
if (Write) if (Write)
pAreas = fopen(FileArea, "r+"); pAreas = fopen(FileArea, "r+");
@ -163,14 +163,14 @@ void Header()
pout(RED, LIGHTGRAY, (char *)" Area "); pout(RED, LIGHTGRAY, (char *)" Area ");
sprintf(temp, "%-5d ", iAreaNumber); snprintf(temp, 81, "%-5d ", iAreaNumber);
pout(RED, LIGHTGRAY, temp); pout(RED, LIGHTGRAY, temp);
sprintf(temp, "%-65s", sAreaDesc); snprintf(temp, 81, "%-65s", sAreaDesc);
pout(BLUE, LIGHTGRAY, temp); pout(BLUE, LIGHTGRAY, temp);
Enter(1); Enter(1);
colour(15,0); colour(WHITE, BLACK);
fLine(79); fLine(79);
} }
@ -184,12 +184,12 @@ void Sheader()
char temp[81]; char temp[81];
PUTCHAR('\r'); PUTCHAR('\r');
sprintf(temp, " %-4ld", arecno); snprintf(temp, 81, " %-4ld", arecno);
pout(Hcolor, BLACK, temp); pout(Hcolor, BLACK, temp);
pout(LIGHTBLUE, BLACK, (char *)" ... "); pout(LIGHTBLUE, BLACK, (char *)" ... ");
sprintf(temp, "%-44s", area.Name); snprintf(temp, 81, "%-44s", area.Name);
pout(Hcolor, BLACK, temp); pout(Hcolor, BLACK, temp);
if (Hcolor < WHITE) if (Hcolor < WHITE)
@ -245,7 +245,7 @@ void Mark()
} }
/* Marked: */ /* Marked: */
sprintf(temp, "%s%d, %dK; ", (char *) Language(360), Count, Size); snprintf(temp, 81, "%s%d, %dK; ", (char *) Language(360), Count, Size);
pout(CFG.HiliteF, CFG.HiliteB, temp); pout(CFG.HiliteF, CFG.HiliteB, temp);
/* Mark file number of press <Enter> to stop */ /* Mark file number of press <Enter> to stop */
@ -354,25 +354,25 @@ int ShowOneFile()
if (!fdb.Deleted) { if (!fdb.Deleted) {
sprintf(temp, " %02d ", Tagnr); snprintf(temp, 81, " %02d ", Tagnr);
pout(LIGHTGRAY, BLACK, temp); pout(LIGHTGRAY, BLACK, temp);
sprintf(temp, "%-12s", fdb.Name); snprintf(temp, 81, "%-12s", fdb.Name);
pout(CFG.FilenameF, CFG.FilenameB, temp); pout(CFG.FilenameF, CFG.FilenameB, temp);
sprintf(temp, "%10lu ", (long)(fdb.Size)); snprintf(temp, 81, "%10lu ", (long)(fdb.Size));
pout(CFG.FilesizeF, CFG.FilesizeB, temp); pout(CFG.FilesizeF, CFG.FilesizeB, temp);
sprintf(temp, "%-10s ", StrDateDMY(fdb.UploadDate)); snprintf(temp, 81, "%-10s ", StrDateDMY(fdb.UploadDate));
pout(CFG.FiledateF, CFG.FiledateB, temp); pout(CFG.FiledateF, CFG.FiledateB, temp);
sprintf(temp, "[%4ld] ", fdb.TimesDL); snprintf(temp, 81, "[%4ld] ", fdb.TimesDL);
pout(LIGHTRED, BLACK, temp); pout(LIGHTRED, BLACK, temp);
if ((strcmp(fdb.Uploader, "")) == 0) if ((strcmp(fdb.Uploader, "")) == 0)
strcpy(fdb.Uploader, "SysOp"); strcpy(fdb.Uploader, "SysOp");
sprintf(temp, "%s%s", (char *) Language(238), fdb.Uploader); snprintf(temp, 81, "%s%s", (char *) Language(238), fdb.Uploader);
pout(CFG.HiliteF, CFG.HiliteB, temp); pout(CFG.HiliteF, CFG.HiliteB, temp);
Enter(1); Enter(1);
@ -390,10 +390,10 @@ int ShowOneFile()
else else
fg = (int)fdb.Desc[z][3] - 48; fg = (int)fdb.Desc[z][3] - 48;
bg = (int)fdb.Desc[z][2] - 48; bg = (int)fdb.Desc[z][2] - 48;
sprintf(temp, " %s",fdb.Desc[z]+4); snprintf(temp, 81, " %s",fdb.Desc[z]+4);
pout(fg, bg, temp); pout(fg, bg, temp);
} else { } else {
sprintf(temp, " %s",fdb.Desc[z]); snprintf(temp, 81, " %s",fdb.Desc[z]);
pout(CFG.FiledescF, CFG.FiledescB, temp); pout(CFG.FiledescF, CFG.FiledescB, temp);
} }
Enter(1); Enter(1);
@ -425,7 +425,7 @@ int CheckBytesAvailable(long CostSize)
Enter(2); Enter(2);
/* Kilobytes currently available: */ /* Kilobytes currently available: */
sprintf(temp, "%s%lu Kbytes.", (char *) Language(254), exitinfo.DownloadKToday); snprintf(temp, 81, "%s%lu Kbytes.", (char *) Language(254), exitinfo.DownloadKToday);
pout(YELLOW, BLACK, temp); pout(YELLOW, BLACK, temp);
Enter(2); Enter(2);
@ -447,7 +447,7 @@ void Home()
char *temp; char *temp;
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/%s", CFG.bbs_usersdir, exitinfo.Name); snprintf(temp, PATH_MAX, "%s/%s", CFG.bbs_usersdir, exitinfo.Name);
chdir(temp); chdir(temp);
free(temp); free(temp);
} }
@ -468,10 +468,10 @@ int ScanDirect(char *fn)
stdlog = calloc(PATH_MAX, sizeof(char)); stdlog = calloc(PATH_MAX, sizeof(char));
errlog = calloc(PATH_MAX, sizeof(char)); errlog = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/%s/upl/%s", CFG.bbs_usersdir, exitinfo.Name, fn); snprintf(temp, PATH_MAX, "%s/%s/upl/%s", CFG.bbs_usersdir, exitinfo.Name, fn);
sprintf(temp1, "%s/etc/virscan.data", getenv("MBSE_ROOT")); snprintf(temp1, PATH_MAX, "%s/etc/virscan.data", getenv("MBSE_ROOT"));
sprintf(stdlog, "%s/tmp/stdlog%d", getenv("MBSE_ROOT"), mypid); snprintf(stdlog, PATH_MAX, "%s/tmp/stdlog%d", getenv("MBSE_ROOT"), mypid);
sprintf(errlog, "%s/tmp/errlog%d", getenv("MBSE_ROOT"), mypid); snprintf(errlog, PATH_MAX, "%s/tmp/errlog%d", getenv("MBSE_ROOT"), mypid);
if ((fp = fopen(temp1, "r")) != NULL) { if ((fp = fopen(temp1, "r")) != NULL) {
fread(&virscanhdr, sizeof(virscanhdr), 1, fp); fread(&virscanhdr, sizeof(virscanhdr), 1, fp);
@ -480,7 +480,7 @@ int ScanDirect(char *fn)
if (virscan.available) { if (virscan.available) {
/* Scanning */ /* with */ /* Scanning */ /* with */
sprintf(msg, "%s %s %s %s ", (char *) Language(132), fn, (char *) Language(133), virscan.comment); snprintf(msg, 81, "%s %s %s %s ", (char *) Language(132), fn, (char *) Language(133), virscan.comment);
pout(CFG.TextColourF, CFG.TextColourB, msg); pout(CFG.TextColourF, CFG.TextColourB, msg);
Altime(3600); Altime(3600);
@ -508,12 +508,12 @@ int ScanDirect(char *fn)
if (err != virscan.error) { if (err != virscan.error) {
WriteError("VIRUS ALERT: Result %d (%s)", err, virscan.comment); WriteError("VIRUS ALERT: Result %d (%s)", err, virscan.comment);
/* Possible VIRUS found! */ /* Possible VIRUS found! */
sprintf(msg, "%s", (char *) Language(199)); snprintf(msg, 81, "%s", (char *) Language(199));
pout(CFG.HiliteF, CFG.HiliteB, msg); pout(CFG.HiliteF, CFG.HiliteB, msg);
Found = TRUE; Found = TRUE;
} else { } else {
/* Ok */ /* Ok */
sprintf(msg, "%s", (char *) Language(200)); snprintf(msg, 81, "%s", (char *) Language(200));
PUTSTR(msg); PUTSTR(msg);
} }
Enter(1); Enter(1);
@ -556,9 +556,9 @@ int ScanArchive(char *fn, char *ftype)
stdlog = calloc(PATH_MAX, sizeof(char)); stdlog = calloc(PATH_MAX, sizeof(char));
errlog = calloc(PATH_MAX, sizeof(char)); errlog = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/archiver.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/archiver.data", getenv("MBSE_ROOT"));
sprintf(stdlog, "%s/tmp/stdlog%d", getenv("MBSE_ROOT"), mypid); snprintf(stdlog, PATH_MAX, "%s/tmp/stdlog%d", getenv("MBSE_ROOT"), mypid);
sprintf(errlog, "%s/tmp/errlog%d", getenv("MBSE_ROOT"), mypid); snprintf(errlog, PATH_MAX, "%s/tmp/errlog%d", getenv("MBSE_ROOT"), mypid);
if ((fp = fopen(temp, "r")) == NULL) { if ((fp = fopen(temp, "r")) == NULL) {
free(temp); free(temp);
@ -579,7 +579,7 @@ int ScanArchive(char *fn, char *ftype)
} }
cwd = getcwd(cwd, 80); cwd = getcwd(cwd, 80);
sprintf(temp, "%s/%s/tmp", CFG.bbs_usersdir, exitinfo.Name); snprintf(temp, PATH_MAX, "%s/%s/tmp", CFG.bbs_usersdir, exitinfo.Name);
if (chdir(temp)) { if (chdir(temp)) {
WriteError("$Can't chdir(%s)", temp); WriteError("$Can't chdir(%s)", temp);
free(temp); free(temp);
@ -587,13 +587,13 @@ int ScanArchive(char *fn, char *ftype)
} }
/* Unpacking archive */ /* Unpacking archive */
sprintf(msg, "%s %s ", (char *) Language(201), fn); snprintf(msg, 81, "%s %s ", (char *) Language(201), fn);
pout(CFG.TextColourF, CFG.TextColourB, msg); pout(CFG.TextColourF, CFG.TextColourB, msg);
if (!strlen(archiver.funarc)) { if (!strlen(archiver.funarc)) {
WriteError("No unarc command available"); WriteError("No unarc command available");
} else { } else {
sprintf(temp, "%s/%s/upl/%s", CFG.bbs_usersdir, exitinfo.Name, fn); snprintf(temp, PATH_MAX, "%s/%s/upl/%s", CFG.bbs_usersdir, exitinfo.Name, fn);
if (execute_str(archiver.funarc, temp, (char *)NULL, (char *)"/dev/null", (char *)"/dev/null", (char *)"/dev/null")) { if (execute_str(archiver.funarc, temp, (char *)NULL, (char *)"/dev/null", (char *)"/dev/null", (char *)"/dev/null")) {
WriteError("$Failed %s %s", archiver.funarc, temp); WriteError("$Failed %s %s", archiver.funarc, temp);
execute_pth((char *)"rm", (char *)"-r -f ./*", (char *)"/dev/null", (char *)"/dev/null", (char *)"/dev/null"); execute_pth((char *)"rm", (char *)"-r -f ./*", (char *)"/dev/null", (char *)"/dev/null", (char *)"/dev/null");
@ -610,7 +610,7 @@ int ScanArchive(char *fn, char *ftype)
PUTSTR((char *) Language(200)); PUTSTR((char *) Language(200));
Enter(1); Enter(1);
sprintf(temp, "%s/etc/virscan.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/virscan.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) != NULL) { if ((fp = fopen(temp, "r")) != NULL) {
fread(&virscanhdr, sizeof(virscanhdr), 1, fp); fread(&virscanhdr, sizeof(virscanhdr), 1, fp);
@ -618,7 +618,7 @@ int ScanArchive(char *fn, char *ftype)
if (virscan.available) { if (virscan.available) {
/* Scanning */ /* with */ /* Scanning */ /* with */
sprintf(msg, "%s %s %s %s ", (char *) Language(132), fn, (char *) Language(133), virscan.comment); snprintf(msg, 81, "%s %s %s %s ", (char *) Language(132), fn, (char *) Language(133), virscan.comment);
pout(CFG.TextColourF, CFG.TextColourB, msg); pout(CFG.TextColourF, CFG.TextColourB, msg);
Altime(3600); Altime(3600);
@ -699,9 +699,9 @@ char *GetFileType(char *fn)
for (i = 0; i < sizeof(buf); i++) for (i = 0; i < sizeof(buf); i++)
if ((buf[i] >= ' ') && (buf[i] <= 127)) if ((buf[i] >= ' ') && (buf[i] <= 127))
sprintf((char*)dbuf+strlen(dbuf), " %c", buf[i]); snprintf((char*)dbuf+strlen(dbuf), 80, " %c", buf[i]);
else else
sprintf((char*)dbuf+strlen(dbuf), " %02x", buf[i]); snprintf((char*)dbuf+strlen(dbuf), 80, " %02x", buf[i]);
/* /*
* Various expected uploads. Not that the standard MS-DOS archivers * Various expected uploads. Not that the standard MS-DOS archivers
@ -765,8 +765,8 @@ int ImportFile(char *fn, int Area, int fileid, off_t Size)
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
temp1 = calloc(PATH_MAX, sizeof(char)); temp1 = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/%s", area.Path, basename(fn)); snprintf(temp, PATH_MAX, "%s/%s", area.Path, basename(fn));
sprintf(temp1, "%s", fn); snprintf(temp1, PATH_MAX, "%s", fn);
if ((file_mv(temp1, temp))) { if ((file_mv(temp1, temp))) {
WriteError("$Can't move %s to %s", fn, area.Path); WriteError("$Can't move %s to %s", fn, area.Path);
@ -786,7 +786,7 @@ int ImportFile(char *fn, int Area, int fileid, off_t Size)
exitinfo.UploadKToday += (Size / 1024); exitinfo.UploadKToday += (Size / 1024);
Syslog('b', "Uploads %d, Kb %d, Kb today %d", exitinfo.Uploads, exitinfo.UploadK, exitinfo.UploadKToday); Syslog('b', "Uploads %d, Kb %d, Kb today %d", exitinfo.Uploads, exitinfo.UploadK, exitinfo.UploadKToday);
/* You have */ /* extra download KBytes. */ /* You have */ /* extra download KBytes. */
sprintf(msg, "%s %ld %s", (char *) Language(249), (long)(Size / 1024), (char *) Language(250)); snprintf(msg, 81, "%s %ld %s", (char *) Language(249), (long)(Size / 1024), (char *) Language(250));
PUTSTR(msg); PUTSTR(msg);
Enter(1); Enter(1);
@ -826,7 +826,7 @@ int Addfile(char *File, int AreaNum, int fileid)
temp1 = calloc(PATH_MAX, sizeof(char)); temp1 = calloc(PATH_MAX, sizeof(char));
lname = calloc(PATH_MAX, sizeof(char)); lname = calloc(PATH_MAX, sizeof(char));
sprintf(Filename, "%s/%s", area.Path, File); snprintf(Filename, PATH_MAX, "%s/%s", area.Path, File);
if ((fdb_area = mbsedb_OpenFDB(AreaNum, 30))) { if ((fdb_area = mbsedb_OpenFDB(AreaNum, 30))) {
/* /*
@ -839,7 +839,7 @@ int Addfile(char *File, int AreaNum, int fileid)
Enter(1); Enter(1);
colour(10, 0); colour(10, 0);
/* Upload was unsuccessful for: */ /* Upload was unsuccessful for: */
sprintf(msg, "%s%s", (char *) Language(284), File); snprintf(msg, 81, "%s%s", (char *) Language(284), File);
pout(LIGHTGREEN, BLACK, msg); pout(LIGHTGREEN, BLACK, msg);
Enter(2); Enter(2);
@ -865,7 +865,7 @@ int Addfile(char *File, int AreaNum, int fileid)
* Rename the file first to the 8.3 name, this is the * Rename the file first to the 8.3 name, this is the
* standard way to store files in the filebase. * standard way to store files in the filebase.
*/ */
sprintf(lname, "%s/%s", area.Path, fdb.Name); snprintf(lname, PATH_MAX, "%s/%s", area.Path, fdb.Name);
rename(Filename, lname); rename(Filename, lname);
/* /*
* Then make a symlink to the 8.3 name * Then make a symlink to the 8.3 name
@ -896,7 +896,7 @@ int Addfile(char *File, int AreaNum, int fileid)
* The right unarchiver is still in memory, * The right unarchiver is still in memory,
* get the FILE_ID.DIZ if it exists. * get the FILE_ID.DIZ if it exists.
*/ */
sprintf(temp, "%s/%s", area.Path, File); snprintf(temp, PATH_MAX, "%s/%s", area.Path, File);
if ((err = execute_str(archiver.iunarc, temp, (char *)"FILE_ID.DIZ", (char *)"/dev/null", if ((err = execute_str(archiver.iunarc, temp, (char *)"FILE_ID.DIZ", (char *)"/dev/null",
(char *)"/dev/null", (char *)"/dev/null"))) { (char *)"/dev/null", (char *)"/dev/null"))) {
if ((err = execute_str(archiver.iunarc, temp, (char *)"file_id.diz", (char *)"/dev/null", if ((err = execute_str(archiver.iunarc, temp, (char *)"file_id.diz", (char *)"/dev/null",
@ -969,7 +969,7 @@ int Addfile(char *File, int AreaNum, int fileid)
if (lines) { if (lines) {
Syslog('+', "Using %d FILE_ID.DIZ lines for description", lines); Syslog('+', "Using %d FILE_ID.DIZ lines for description", lines);
/* Found FILE_ID.DIZ in */ /* Found FILE_ID.DIZ in */
sprintf(msg, "%s %s", (char *) Language(257), File); snprintf(msg, 81, "%s %s", (char *) Language(257), File);
pout(CFG.TextColourF, CFG.TextColourB, msg); pout(CFG.TextColourF, CFG.TextColourB, msg);
Enter(1); Enter(1);
} else { } else {
@ -988,12 +988,12 @@ int Addfile(char *File, int AreaNum, int fileid)
Enter(1); Enter(1);
/* Please enter description of file */ /* Please enter description of file */
sprintf(msg, "%s %s", (char *) Language(287), File); snprintf(msg, 81, "%s %s", (char *) Language(287), File);
pout(LIGHTRED, BLACK, msg); pout(LIGHTRED, BLACK, msg);
Enter(2); Enter(2);
while (TRUE) { while (TRUE) {
sprintf(msg, "%2d> ", iDesc); snprintf(msg, 81, "%2d> ", iDesc);
pout(LIGHTGREEN, BLACK, msg); pout(LIGHTGREEN, BLACK, msg);
colour(CFG.InputColourF, CFG.InputColourB); colour(CFG.InputColourF, CFG.InputColourB);
GetstrC(*(Desc + iDesc), 47); GetstrC(*(Desc + iDesc), 47);
@ -1017,7 +1017,7 @@ int Addfile(char *File, int AreaNum, int fileid)
mbsedb_InsertFDB(fdb_area, fdb, area.AddAlpha); mbsedb_InsertFDB(fdb_area, fdb, area.AddAlpha);
mbsedb_CloseFDB(fdb_area); mbsedb_CloseFDB(fdb_area);
sprintf(temp, "%s/log/uploads.log", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/log/uploads.log", getenv("MBSE_ROOT"));
if ((pPrivate = fopen(temp, "a+")) == NULL) if ((pPrivate = fopen(temp, "a+")) == NULL)
WriteError("$Can't open %s", temp); WriteError("$Can't open %s", temp);
else { else {
@ -1089,13 +1089,13 @@ unsigned long Quota()
FileName = calloc(PATH_MAX, sizeof(char)); FileName = calloc(PATH_MAX, sizeof(char));
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/%s/wrk", CFG.bbs_usersdir, exitinfo.Name); snprintf(temp, PATH_MAX, "%s/%s/wrk", CFG.bbs_usersdir, exitinfo.Name);
if ((dirp = opendir(temp)) == NULL) { if ((dirp = opendir(temp)) == NULL) {
WriteError("$Can't open dir %s", temp); WriteError("$Can't open dir %s", temp);
} else { } else {
while ((dp = readdir(dirp)) != NULL) { while ((dp = readdir(dirp)) != NULL) {
sprintf(FileName, "%s/%s", temp, dp->d_name); snprintf(FileName, PATH_MAX, "%s/%s", temp, dp->d_name);
if (*(dp->d_name) != '.') if (*(dp->d_name) != '.')
if (stat(FileName, &statfile) == 0) if (stat(FileName, &statfile) == 0)
@ -1118,8 +1118,8 @@ void ImportHome(char *fn)
temp1 = calloc(PATH_MAX, sizeof(char)); temp1 = calloc(PATH_MAX, sizeof(char));
temp2 = calloc(PATH_MAX, sizeof(char)); temp2 = calloc(PATH_MAX, sizeof(char));
sprintf(temp1, "%s/%s/wrk/%s", CFG.bbs_usersdir, exitinfo.Name, fn); snprintf(temp1, PATH_MAX, "%s/%s/wrk/%s", CFG.bbs_usersdir, exitinfo.Name, fn);
sprintf(temp2, "%s/%s/upl/%s", CFG.bbs_usersdir, exitinfo.Name, fn); snprintf(temp2, PATH_MAX, "%s/%s/upl/%s", CFG.bbs_usersdir, exitinfo.Name, fn);
Syslog('+', "Move %s to home, result %d", fn, file_mv(temp2, temp1)); Syslog('+', "Move %s to home, result %d", fn, file_mv(temp2, temp1));
free(temp1); free(temp1);

44
mbsebbs/fsedit.c
View File

@ -4,7 +4,7 @@
* Purpose ...............: FullScreen Message editor. * Purpose ...............: FullScreen Message editor.
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -59,7 +59,7 @@ void Top_Help()
locate(1,1); locate(1,1);
colour(YELLOW, BLUE); colour(YELLOW, BLUE);
sprintf(temp, "%s", padleft((char *)"Press ESC for menu, other keys is edit text", 79, ' ')); snprintf(temp, 81, "%s", padleft((char *)"Press ESC for menu, other keys is edit text", 79, ' '));
PUTSTR(temp); PUTSTR(temp);
Show_Ins(); Show_Ins();
} }
@ -71,7 +71,7 @@ void Top_Menu(void)
locate(1,1); locate(1,1);
colour(WHITE, RED); colour(WHITE, RED);
sprintf(temp, "%s", padleft((char *)"(A)bort (H)elp (S)ave - Any other key is continue edit", 79, ' ')); snprintf(temp, 81, "%s", padleft((char *)"(A)bort (H)elp (S)ave - Any other key is continue edit", 79, ' '));
PUTSTR(temp); PUTSTR(temp);
} }
@ -215,7 +215,7 @@ void GetstrLC(char *sStr, int iMaxlen)
if ((ch > 31 && ch < 127) || traduce(&ch)) { if ((ch > 31 && ch < 127) || traduce(&ch)) {
if (iPos <= iMaxlen) { if (iPos <= iMaxlen) {
iPos++; iPos++;
sprintf(sStr, "%s%c", sStr, ch); snprintf(sStr, iMaxlen, "%s%c", sStr, ch);
PUTCHAR(ch); PUTCHAR(ch);
} else { } else {
Beep(); Beep();
@ -325,7 +325,7 @@ void FsMove(unsigned char Direction)
int FsWordWrap() int FsWordWrap()
{ {
int WCol, i = 0; int WCol, i = 0;
unsigned char tmpLine[80]; unsigned char tmpLine[81];
tmpLine[0] = '\0'; tmpLine[0] = '\0';
/* /*
@ -349,12 +349,12 @@ int FsWordWrap()
* character 79. Otherwise, drop it, because it's a space. * character 79. Otherwise, drop it, because it's a space.
*/ */
if ((WCol == 80) || (WCol-1 == Col)) if ((WCol == 80) || (WCol-1 == Col))
sprintf(tmpLine, "%s%c", tmpLine, Message[CurRow][79]); snprintf(tmpLine, 81, "%s%c", tmpLine, Message[CurRow][79]);
/* /*
* Grab all characters from WCol to end of line. * Grab all characters from WCol to end of line.
*/ */
for (i = WCol; i < strlen(Message[CurRow]); i++) { for (i = WCol; i < strlen(Message[CurRow]); i++) {
sprintf(tmpLine, "%s%c", tmpLine, Message[CurRow][i]); snprintf(tmpLine, 81, "%s%c", tmpLine, Message[CurRow][i]);
} }
/* /*
* Truncate current row. * Truncate current row.
@ -378,8 +378,8 @@ int FsWordWrap()
*/ */
if ((strlen(tmpLine) + strlen(Message[CurRow+1])) > 79) { if ((strlen(tmpLine) + strlen(Message[CurRow+1])) > 79) {
for (i = Line; i > CurRow; i--) for (i = Line; i > CurRow; i--)
sprintf(Message[i+1], "%s", Message[i]); snprintf(Message[i+1], TEXTBUFSIZE +1, "%s", Message[i]);
sprintf(Message[CurRow+1], "%s", tmpLine); snprintf(Message[CurRow+1], TEXTBUFSIZE +1, "%s", tmpLine);
Line++; Line++;
WCol = strlen(tmpLine) + 1; WCol = strlen(tmpLine) + 1;
} else { } else {
@ -387,10 +387,10 @@ int FsWordWrap()
WCol = strlen(tmpLine)+1; WCol = strlen(tmpLine)+1;
else { else {
if (tmpLine[strlen(tmpLine)] != ' ') if (tmpLine[strlen(tmpLine)] != ' ')
sprintf(tmpLine, "%s ", tmpLine); snprintf(tmpLine, 81, "%s ", tmpLine);
WCol = strlen(tmpLine); WCol = strlen(tmpLine);
} }
sprintf(Message[CurRow+1], "%s", strcat(tmpLine, Message[CurRow+1])); snprintf(Message[CurRow+1], TEXTBUFSIZE +1, "%s", strcat(tmpLine, Message[CurRow+1]));
} }
} }
@ -425,18 +425,18 @@ int Fs_Edit()
if (Col == 1) { if (Col == 1) {
/* Enter at beginning of line */ /* Enter at beginning of line */
for (i = Line; i >= CurRow; i--) { for (i = Line; i >= CurRow; i--) {
sprintf(Message[i+1], "%s", Message[i]); snprintf(Message[i+1], TEXTBUFSIZE +1, "%s", Message[i]);
} }
Message[i+1][0] = '\0'; Message[i+1][0] = '\0';
} else { } else {
for (i = Line; i > CurRow; i--) { for (i = Line; i > CurRow; i--) {
sprintf(Message[i+1], "%s", Message[i]); snprintf(Message[i+1], TEXTBUFSIZE +1, "%s", Message[i]);
} }
Message[CurRow+1][0] = '\0'; Message[CurRow+1][0] = '\0';
if (Col <= strlen(Message[CurRow])) { if (Col <= strlen(Message[CurRow])) {
/* Enter in middle of line */ /* Enter in middle of line */
for (i = Col-1; i <= strlen(Message[CurRow]); i++) { for (i = Col-1; i <= strlen(Message[CurRow]); i++) {
sprintf(Message[CurRow+1], "%s%c", Message[CurRow+1], Message[CurRow][i]); snprintf(Message[CurRow+1], TEXTBUFSIZE +1, "%s%c", Message[CurRow+1], Message[CurRow][i]);
} }
Message[CurRow][Col-1] = '\0'; Message[CurRow][Col-1] = '\0';
} }
@ -453,7 +453,7 @@ int Fs_Edit()
case ('N' - 64): /* Insert line, scroll down */ case ('N' - 64): /* Insert line, scroll down */
for (i = Line; i >= CurRow; i--) for (i = Line; i >= CurRow; i--)
sprintf(Message[i+1], "%s", Message[i]); snprintf(Message[i+1], TEXTBUFSIZE +1, "%s", Message[i]);
Message[CurRow][0] = '\0'; Message[CurRow][0] = '\0';
Line++; Line++;
Col = 1; Col = 1;
@ -481,7 +481,7 @@ int Fs_Edit()
} else { } else {
/* Erasing line in the middle */ /* Erasing line in the middle */
for (i = CurRow; i < Line; i++) { for (i = CurRow; i < Line; i++) {
sprintf(Message[i], "%s", Message[i+1]); snprintf(Message[i], TEXTBUFSIZE +1, "%s", Message[i+1]);
} }
Message[i+1][0] = '\0'; Message[i+1][0] = '\0';
Line--; Line--;
@ -529,9 +529,9 @@ int Fs_Edit()
} else if (((strlen(Message[CurRow]) + strlen(Message[CurRow+1]) < 75) } else if (((strlen(Message[CurRow]) + strlen(Message[CurRow+1]) < 75)
|| (strlen(Message[CurRow]) == 0)) && (CurRow < Line)) { || (strlen(Message[CurRow]) == 0)) && (CurRow < Line)) {
for (i = 0; i < strlen(Message[CurRow+1]); i++) for (i = 0; i < strlen(Message[CurRow+1]); i++)
sprintf(Message[CurRow], "%s%c", Message[CurRow], Message[CurRow+1][i]); snprintf(Message[CurRow], TEXTBUFSIZE +1, "%s%c", Message[CurRow], Message[CurRow+1][i]);
for (i = CurRow+1; i < Line; i++) for (i = CurRow+1; i < Line; i++)
sprintf(Message[i], "%s", Message[i+1]); snprintf(Message[i], TEXTBUFSIZE +1, "%s", Message[i+1]);
Message[Line][0] = '\0'; Message[Line][0] = '\0';
Line--; Line--;
Refresh(); Refresh();
@ -557,7 +557,7 @@ int Fs_Edit()
Col = strlen(Message[CurRow-1]) + 1; Col = strlen(Message[CurRow-1]) + 1;
strcat(Message[CurRow-1], Message[CurRow]); strcat(Message[CurRow-1], Message[CurRow]);
for ( i = CurRow; i < Line; i++) for ( i = CurRow; i < Line; i++)
sprintf(Message[i], "%s", Message[i+1]); snprintf(Message[i], TEXTBUFSIZE +1, "%s", Message[i+1]);
Message[i+1][0] = '\0'; Message[i+1][0] = '\0';
Line--; Line--;
if (Row == 1) if (Row == 1)
@ -647,7 +647,7 @@ int Fs_Edit()
break; break;
} }
sprintf(tmpname, "%s/%s/wrk/%s", CFG.bbs_usersdir, exitinfo.Name, filname); snprintf(tmpname, PATH_MAX, "%s/%s/wrk/%s", CFG.bbs_usersdir, exitinfo.Name, filname);
if ((fd = fopen(tmpname, "r")) == NULL) { if ((fd = fopen(tmpname, "r")) == NULL) {
WriteError("$Can't open %s", tmpname); WriteError("$Can't open %s", tmpname);
Enter(2); Enter(2);
@ -673,7 +673,7 @@ int Fs_Edit()
filname[1] = 'v'; filname[1] = 'v';
if (strncmp(filname, (char *)" * Origin:", 10) == 0) if (strncmp(filname, (char *)" * Origin:", 10) == 0)
filname[1] = '+'; filname[1] = '+';
sprintf(Message[Line], "%s", filname); snprintf(Message[Line], TEXTBUFSIZE +1, "%s", filname);
Line++; Line++;
if ((Line - 1) == TEXTBUFSIZE) if ((Line - 1) == TEXTBUFSIZE)
break; break;
@ -725,7 +725,7 @@ int Fs_Edit()
/* /*
* Append to line * Append to line
*/ */
sprintf(Message[CurRow], "%s%c", Message[CurRow], ch); snprintf(Message[CurRow], TEXTBUFSIZE +1, "%s%c", Message[CurRow], ch);
if (strlen(Message[CurRow]) > 79){ if (strlen(Message[CurRow]) > 79){
Col = FsWordWrap(); Col = FsWordWrap();
Row++; Row++;

43
mbsebbs/funcs.c
View File

@ -4,7 +4,7 @@
* Purpose ...............: Misc functions * Purpose ...............: Misc functions
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -58,7 +58,7 @@ int CheckStatus()
{ {
static char buf[81], msg[81]; static char buf[81], msg[81];
sprintf(buf, "SBBS:0;"); snprintf(buf, 81, "SBBS:0;");
if (socket_send(buf) == 0) { if (socket_send(buf) == 0) {
strcpy(buf, socket_receive()); strcpy(buf, socket_receive());
if (strncmp(buf, "100:2,0", 7) == 0) if (strncmp(buf, "100:2,0", 7) == 0)
@ -68,7 +68,7 @@ int CheckStatus()
buf[strlen(buf) -1] = '\0'; buf[strlen(buf) -1] = '\0';
Enter(2); Enter(2);
PUTCHAR('\007'); PUTCHAR('\007');
sprintf(msg, "*** %s ***", buf+8); snprintf(msg, 81, "*** %s ***", buf+8);
PUTSTR(msg); PUTSTR(msg);
Enter(3); Enter(3);
} }
@ -90,7 +90,7 @@ int CheckName(char *Name)
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/users.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp,"rb")) != NULL) { if ((fp = fopen(temp,"rb")) != NULL) {
fread(&ushdr, sizeof(ushdr), 1, fp); fread(&ushdr, sizeof(ushdr), 1, fp);
@ -152,7 +152,7 @@ int CheckUnixNames(char *name)
*/ */
if (! rc) { if (! rc) {
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/service.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/service.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) != NULL) { if ((fp = fopen(temp, "r")) != NULL) {
fread(&servhdr, sizeof(servhdr), 1, fp); fread(&servhdr, sizeof(servhdr), 1, fp);
@ -200,7 +200,7 @@ char *ChangeHomeDir(char *Name, int Mailboxes)
ExitClient(MBERR_INIT_ERROR); ExitClient(MBERR_INIT_ERROR);
} }
sprintf(temp1, "%s/%s", CFG.bbs_usersdir, Name); snprintf(temp1, PATH_MAX, "%s/%s", CFG.bbs_usersdir, Name);
/* /*
* Then check to see if users directory exists in the home dir * Then check to see if users directory exists in the home dir
@ -225,7 +225,7 @@ char *ChangeHomeDir(char *Name, int Mailboxes)
* Check if user has a .signature file. * Check if user has a .signature file.
* If not, create a simple one. * If not, create a simple one.
*/ */
sprintf(temp, "%s/%s/.signature", CFG.bbs_usersdir, Name); snprintf(temp, PATH_MAX, "%s/%s/.signature", CFG.bbs_usersdir, Name);
if (access(temp, R_OK)) { if (access(temp, R_OK)) {
Syslog('+', "Creating users .signature file"); Syslog('+', "Creating users .signature file");
if ((fp = fopen(temp, "w")) == NULL) { if ((fp = fopen(temp, "w")) == NULL) {
@ -241,19 +241,19 @@ char *ChangeHomeDir(char *Name, int Mailboxes)
/* /*
* Check subdirectories, create them if they don't exist. * Check subdirectories, create them if they don't exist.
*/ */
sprintf(temp, "%s/wrk", temp1); snprintf(temp, PATH_MAX, "%s/wrk", temp1);
CheckDir(temp); CheckDir(temp);
sprintf(temp, "%s/tag", temp1); snprintf(temp, PATH_MAX, "%s/tag", temp1);
CheckDir(temp); CheckDir(temp);
sprintf(temp, "%s/upl", temp1); snprintf(temp, PATH_MAX, "%s/upl", temp1);
CheckDir(temp); CheckDir(temp);
sprintf(temp, "%s/tmp", temp1); snprintf(temp, PATH_MAX, "%s/tmp", temp1);
CheckDir(temp); CheckDir(temp);
sprintf(temp, "%s/.dosemu", temp1); snprintf(temp, PATH_MAX, "%s/.dosemu", temp1);
CheckDir(temp); CheckDir(temp);
sprintf(temp, "%s/.dosemu/run", temp1); snprintf(temp, PATH_MAX, "%s/.dosemu/run", temp1);
CheckDir(temp); CheckDir(temp);
sprintf(temp, "%s/.dosemu/tmp", temp1); snprintf(temp, PATH_MAX, "%s/.dosemu/tmp", temp1);
CheckDir(temp); CheckDir(temp);
umask(007); umask(007);
@ -261,13 +261,13 @@ char *ChangeHomeDir(char *Name, int Mailboxes)
* Check users private emailboxes * Check users private emailboxes
*/ */
if (Mailboxes) { if (Mailboxes) {
sprintf(temp, "%s/mailbox", temp1); snprintf(temp, PATH_MAX, "%s/mailbox", temp1);
if (Msg_Open(temp)) if (Msg_Open(temp))
Msg_Close(); Msg_Close();
sprintf(temp, "%s/archive", temp1); snprintf(temp, PATH_MAX, "%s/archive", temp1);
if (Msg_Open(temp)) if (Msg_Open(temp))
Msg_Close(); Msg_Close();
sprintf(temp, "%s/trash", temp1); snprintf(temp, PATH_MAX, "%s/trash", temp1);
if (Msg_Open(temp)) if (Msg_Open(temp))
Msg_Close(); Msg_Close();
} }
@ -309,7 +309,7 @@ void FindMBSE()
if (getenv("MBSE_ROOT") == NULL) { if (getenv("MBSE_ROOT") == NULL) {
pw = getpwnam("mbse"); pw = getpwnam("mbse");
memset(&p, 0, sizeof(p)); memset(&p, 0, sizeof(p));
sprintf(p, "MBSE_ROOT=%s", pw->pw_dir); snprintf(p, 81, "MBSE_ROOT=%s", pw->pw_dir);
putenv(p); putenv(p);
} }
@ -318,7 +318,7 @@ void FindMBSE()
free(FileName); free(FileName);
exit(MBERR_INIT_ERROR); exit(MBERR_INIT_ERROR);
} }
sprintf(FileName, "%s/etc/config.data", getenv("MBSE_ROOT")); snprintf(FileName, PATH_MAX, "%s/etc/config.data", getenv("MBSE_ROOT"));
if(( pDataFile = fopen(FileName, "rb")) == NULL) { if(( pDataFile = fopen(FileName, "rb")) == NULL) {
printf("FATAL ERROR: Can't open %s for reading!\n", FileName); printf("FATAL ERROR: Can't open %s for reading!\n", FileName);
@ -397,10 +397,9 @@ char *GLCdateyy()
Time_Now = time(NULL); Time_Now = time(NULL);
l_date = localtime(&Time_Now); l_date = localtime(&Time_Now);
sprintf(GLcdateyy,"%02d-", snprintf(GLcdateyy, 15, "%02d-", l_date->tm_mday);
l_date->tm_mday);
sprintf(ntime,"-%02d", l_date->tm_year+1900); snprintf(ntime, 15, "-%02d", l_date->tm_year+1900);
strcat(GLcdateyy, GetMonth(l_date->tm_mon+1)); strcat(GLcdateyy, GetMonth(l_date->tm_mon+1));
strcat(GLcdateyy,ntime); strcat(GLcdateyy,ntime);