From 240e2f72f98712139ace48db482403311bcd2393 Mon Sep 17 00:00:00 2001 From: Michiel Broek Date: Sun, 28 Aug 2005 12:54:10 +0000 Subject: [PATCH] Secured sprintf with snprintf --- mbfido/areamgr.c | 18 +++++++++--------- mbfido/filemgr.c | 14 +++++++------- mbfido/mgrutil.c | 42 +++++++++++++++++++++--------------------- mbfido/mgrutil.h | 2 +- mbfido/mover.c | 6 +++--- 5 files changed, 41 insertions(+), 41 deletions(-) diff --git a/mbfido/areamgr.c b/mbfido/areamgr.c index 1498b95a..1e9f64ea 100644 --- a/mbfido/areamgr.c +++ b/mbfido/areamgr.c @@ -78,7 +78,7 @@ void A_Help(faddr *t, char *replyid) subject = calloc(255, sizeof(char)); sprintf(subject,"AreaMgr Help"); - GetRpSubject("areamgr.help",subject); + GetRpSubject("areamgr.help",subject,254); if ((fp = SendMgrMail(t, CFG.ct_KeepMgr, FALSE, (char *)"Areamgr", subject , replyid)) != NULL) { if ((fi = OpenMacro("areamgr.help", nodes.Language, FALSE)) != NULL ) { @@ -133,22 +133,22 @@ void A_List(faddr *t, char *replyid, int Notify) switch (Notify) { case LIST_NOTIFY: Mgrlog("AreaMgr: Notify to %s", ascfnode(t, 0xff)); sprintf(subject,"AreaMgr Notify"); - GetRpSubject("areamgr.notify.list",subject); + GetRpSubject("areamgr.notify.list",subject,254); fi = OpenMacro("areamgr.notify.list", nodes.Language, FALSE); break; case LIST_LIST: Mgrlog("AreaMgr: List"); sprintf(subject,"AreaMgr list"); - GetRpSubject("areamgr.list",subject); + GetRpSubject("areamgr.list",subject,254); fi = OpenMacro("areamgr.list", nodes.Language, FALSE); break; case LIST_QUERY: Mgrlog("AreaMgr: Query"); sprintf(subject,"AreaMgr Query"); - GetRpSubject("areamgr.query",subject); + GetRpSubject("areamgr.query",subject,254); fi = OpenMacro("areamgr.query", nodes.Language, FALSE); break; case LIST_UNLINK: Mgrlog("AreaMgr: Unlinked"); sprintf(subject,"AreaMgr: Unlinked areas"); - GetRpSubject("areamgr.unlink",subject); + GetRpSubject("areamgr.unlink",subject,254); fi = OpenMacro("areamgr.unlink", nodes.Language, FALSE); break; } @@ -334,12 +334,12 @@ void A_Flow(faddr *t, char *replyid, int Notify) if (Notify) { Mgrlog("AreaMgr: Flow report to %s", ascfnode(t, 0xff)); sprintf(subject,"AreaMgr Notify Flow Report"); - GetRpSubject("areamgr.notify.flow",subject); + GetRpSubject("areamgr.notify.flow",subject,254); fi = OpenMacro("areamgr.notify.flow", nodes.Language, FALSE); } else { Mgrlog("AreaMgr: Flow report"); sprintf(subject,"AreaMgr Flow Report"); - GetRpSubject("areamgr.flow",subject); + GetRpSubject("areamgr.flow",subject,254); fi = OpenMacro("areamgr.flow", nodes.Language, FALSE); } @@ -512,7 +512,7 @@ void A_Status(faddr *t, char *replyid) MacroVars("y", "s", ascfnode(ta, 0xf)); tidy_faddr(ta); - GetRpSubject("areamgr.status",subject); + GetRpSubject("areamgr.status",subject,254); if ((fi = OpenMacro("areamgr.status", nodes.Language, FALSE)) == NULL ){ MacroClear(); @@ -1134,7 +1134,7 @@ int AreaMgr(faddr *f, faddr *t, char *replyid, char *subj, time_t mdate, int fla MacroVars("SsP", "sss", CFG.sysop_name, nodes.Sysop,"Areamgr"); MacroVars("RABCDE", "ssssss","","","","","",""); sprintf(subject,"Your AreaMgr request"); - GetRpSubject("areamgr.responses",subject); + GetRpSubject("areamgr.responses",subject,72); if ((np = SendMgrMail(f, CFG.ct_KeepMgr, FALSE, (char *)"Areamgr", subject, replyid)) != NULL) { MacroVars("RABCDE", "ssssss","WELLCOME","","","","",""); MsgResult("areamgr.responses",np,'\r'); diff --git a/mbfido/filemgr.c b/mbfido/filemgr.c index 70399cff..70c021a8 100644 --- a/mbfido/filemgr.c +++ b/mbfido/filemgr.c @@ -72,7 +72,7 @@ void F_Help(faddr *t, char *replyid) Mgrlog("FileMgr: Help"); subject=calloc(255,sizeof(char)); sprintf(subject,"FileMgr help"); - GetRpSubject("filemgr.help",subject); + GetRpSubject("filemgr.help",subject,254); if ((fp = SendMgrMail(t, CFG.ct_KeepMgr, FALSE, (char *)"Filemgr", subject, replyid)) != NULL) { if ((fi = OpenMacro("filemgr.help", nodes.Language, FALSE)) != NULL ){ @@ -122,22 +122,22 @@ void F_List(faddr *t, char *replyid, int Notify) switch (Notify) { case LIST_NOTIFY: Mgrlog("FileMgr: Notify to %s", ascfnode(t, 0xff)); sprintf(subject,"FileMgr Notify"); - GetRpSubject("filemgr.notify.list",subject); + GetRpSubject("filemgr.notify.list",subject,254); fi=OpenMacro("filemgr.notify.list", nodes.Language, FALSE); break; case LIST_LIST: Mgrlog("FileMgr: List"); sprintf(subject,"FileMgr list"); - GetRpSubject("filemgr.list",subject); + GetRpSubject("filemgr.list",subject,254); fi=OpenMacro("filemgr.list", nodes.Language, FALSE); break; case LIST_QUERY: Mgrlog("FileMgr: Query"); sprintf(subject,"FileMgr Query"); - GetRpSubject("filemgr.query",subject); + GetRpSubject("filemgr.query",subject,254); fi=OpenMacro("filemgr.query", nodes.Language, FALSE); break; default: Mgrlog("FileMgr: Unlinked"); sprintf(subject,"FileMgr: Unlinked areas"); - GetRpSubject("filemgr.unlink",subject); + GetRpSubject("filemgr.unlink",subject,254); fi=OpenMacro("filemgr.unlink", nodes.Language, FALSE); break; } @@ -318,7 +318,7 @@ void F_Status(faddr *t, char *replyid) MacroVars("k", "d", nodes.F_KbRcvd.month[i]); MacroVars("l", "d", nodes.F_KbRcvd.total); MacroVars("s", "s", nodes.Sysop); - GetRpSubject("filemgr.status",subject); + GetRpSubject("filemgr.status",subject,254); if ((fi = OpenMacro("filemgr.status", nodes.Language, FALSE)) == NULL ) { free(subject); @@ -945,7 +945,7 @@ int FileMgr(faddr *f, faddr *t, char *replyid, char *subj, time_t mdate, int fla MacroVars("SsP", "sss", CFG.sysop_name, nodes.Sysop,"Filemgr"); MacroVars("RABCDE", "ssssss","","","","","",""); sprintf(subject,"Your FileMgr request"); - GetRpSubject("filemgr.responses",subject); + GetRpSubject("filemgr.responses",subject,72); if ((np = SendMgrMail(f, CFG.ct_KeepMgr, FALSE, (char *)"Filemgr", subject, replyid)) != NULL) { MacroVars("RABCDE", "ssssss","WELLCOME","","","","",""); MsgResult("filemgr.responses",np,'\r'); diff --git a/mbfido/mgrutil.c b/mbfido/mgrutil.c index 46770db2..ba2389ad 100644 --- a/mbfido/mgrutil.c +++ b/mbfido/mgrutil.c @@ -106,7 +106,7 @@ void WriteMailGroups(FILE *fp, faddr *f) fgetpos(fi,&fileptr); temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/etc/mgroups.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/etc/mgroups.data", getenv("MBSE_ROOT")); if ((gp = fopen(temp, "r")) == NULL) { WriteError("$Can't open %s", temp); @@ -165,7 +165,7 @@ void WriteFileGroups(FILE *fp, faddr *f) fgetpos(fi,&fileptr); temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); if ((gp = fopen(temp, "r")) == NULL) { WriteError("$Can't open %s", temp); @@ -312,14 +312,14 @@ int UplinkRequest(faddr *t, faddr *From, int FileMgr, char *cmd) Orig.net = From->net; Orig.node = From->node; Orig.point = From->point; - sprintf(Orig.domain, "%s", From->domain); + snprintf(Orig.domain, 12, "%s", From->domain); memset(&Dest, 0, sizeof(Dest)); Dest.zone = t->zone; Dest.net = t->net; Dest.node = t->node; Dest.point = t->point; - sprintf(Dest.domain, "%s", t->domain); + snprintf(Dest.domain, 12, "%s", t->domain); if (!SearchNode(Dest)) { Syslog('+', "Can't find node %s in setup", aka2str(Dest)); @@ -365,13 +365,13 @@ int UplinkRequest(faddr *t, faddr *From, int FileMgr, char *cmd) memset(&ext, 0, sizeof(ext)); if (nodes.PackNetmail) - sprintf(ext, (char *)"qqq"); + snprintf(ext, 3, (char *)"qqq"); else if (nodes.Crash) - sprintf(ext, (char *)"ccc"); + snprintf(ext, 3, (char *)"ccc"); else if (nodes.Hold) - sprintf(ext, (char *)"hhh"); + snprintf(ext, 3, (char *)"hhh"); else - sprintf(ext, (char *)"nnn"); + snprintf(ext, 3, (char *)"nnn"); if ((qp = OpenPkt(Orig, Dest, (char *)ext)) == NULL) return 4; @@ -437,7 +437,7 @@ int UplinkRequest(faddr *t, faddr *From, int FileMgr, char *cmd) -void GetRpSubject(const char *report, char* subject) +void GetRpSubject(const char *report, char* subject, size_t size) { FILE *fi; char *temp; @@ -454,7 +454,7 @@ void GetRpSubject(const char *report, char* subject) res=diesel((char *)"@(getvar,subject)",temp); if(res==0) - sprintf(subject,"%s",temp); + snprintf(subject,size,"%s",temp); free(temp); } @@ -542,7 +542,7 @@ int Areas(void) temp = calloc(PATH_MAX, sizeof(char)); buf = calloc(4097, sizeof(char)); - sprintf(temp, "%s/etc/mgroups.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/etc/mgroups.data", getenv("MBSE_ROOT")); if ((gp = fopen(temp, "r")) == NULL) { WriteError("Can't open %s", temp); } else { @@ -557,7 +557,7 @@ int Areas(void) fflush(stdout); } Syslog('+', "Checking mail group %s, file %s", mgroup.Name, mgroup.AreaFile); - sprintf(temp, "%s/%s", CFG.alists_path, mgroup.AreaFile); + snprintf(temp, PATH_MAX -1, "%s/%s", CFG.alists_path, mgroup.AreaFile); if ((ap = fopen(temp, "r")) == NULL) { WriteError("Can't open %s", temp); } else { @@ -577,7 +577,7 @@ int Areas(void) printf("(check missing areas)\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b"); fflush(stdout); } - sprintf(temp, "%s/etc/mareas.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/etc/mareas.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { WriteError("Can't open %s", temp); tidy_arealist(&alist); @@ -652,7 +652,7 @@ int Areas(void) * the area is set to read-only and all links are disconnected. * If the area is empty, it is removed from the setup. */ - sprintf(temp, "%s/etc/mareas.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/etc/mareas.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r+")) == NULL) { WriteError("Can't open %s for r/w"); } else { @@ -666,12 +666,12 @@ int Areas(void) while (fread(&msgs, msgshdr.recsize, 1, fp) == 1) { if (msgs.Active && !strcmp(msgs.Group, mgroup.Name) && !strcmp(msgs.Tag, tmp->Name)) { fseek(fp, - msgshdr.recsize, SEEK_CUR); - sprintf(temp, "%s.jhr", msgs.Base); + snprintf(temp, PATH_MAX -1, "%s.jhr", msgs.Base); if (strlen(msgs.Base) && (file_size(temp) != 1024)) { Mgrlog("Marking echo %s, group %s, area %d read-only", msgs.Tag, mgroup.Name, ((ftell(fp) - msgshdr.hdrsize) / (msgshdr.recsize + msgshdr.syssize)) + 1); msgs.MsgKinds = RONLY; // Area read-only - sprintf(msgs.Group, "DELETED"); // Make groupname invalid + snprintf(msgs.Group, 12, "DELETED"); // Make groupname invalid } else { Mgrlog("Removing empty echo %s, group %s, area %d", msgs.Tag, mgroup.Name, ((ftell(fp) - msgshdr.hdrsize) / (msgshdr.recsize + msgshdr.syssize)) + 1); @@ -740,7 +740,7 @@ int Areas(void) fclose(gp); } - sprintf(temp, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); if ((gp = fopen(temp, "r")) == NULL) { WriteError("Can't open %s", temp); } else { @@ -755,7 +755,7 @@ int Areas(void) fflush(stdout); } Syslog('+', "Checking tic group %s, file %s", fgroup.Name, fgroup.AreaFile); - sprintf(temp, "%s/%s", CFG.alists_path, fgroup.AreaFile); + snprintf(temp, PATH_MAX -1, "%s/%s", CFG.alists_path, fgroup.AreaFile); if ((ap = fopen(temp, "r")) == NULL) { WriteError("Can't open %s", temp); } else { @@ -819,7 +819,7 @@ int Areas(void) printf("(check missing areas)\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b"); fflush(stdout); } - sprintf(temp, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/etc/tic.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { WriteError("Can't open %s", temp); tidy_arealist(&alist); @@ -896,7 +896,7 @@ int Areas(void) * still warned about that by the "mbfile check" command. */ Found = FALSE; - sprintf(temp, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/etc/tic.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r+")) == NULL) { WriteError("Can't open %s for r/w"); } else { @@ -938,7 +938,7 @@ int Areas(void) /* * Purge marked records */ - sprintf(buf, "%s/etc/tic.temp", getenv("MBSE_ROOT")); + snprintf(buf, 4096, "%s/etc/tic.temp", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { WriteError("Can't open %s", temp); } else if ((ap = fopen(buf, "w")) == NULL) { diff --git a/mbfido/mgrutil.h b/mbfido/mgrutil.h index 7735c2c0..7ef253db 100644 --- a/mbfido/mgrutil.h +++ b/mbfido/mgrutil.h @@ -24,7 +24,7 @@ typedef struct _AreaList { void MacroRead(FILE *, FILE *); int MsgResult(const char *, FILE *, char); -void GetRpSubject(const char *, char*); +void GetRpSubject(const char *, char*, size_t); void WriteMailGroups(FILE *, faddr *); void WriteFileGroups(FILE *, faddr *); diff --git a/mbfido/mover.c b/mbfido/mover.c index d2ac3ed6..0c6725ca 100644 --- a/mbfido/mover.c +++ b/mbfido/mover.c @@ -4,7 +4,7 @@ * Purpose ...............: Bad file mover * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:2801/16 * Beekmansbos 10 Internet: mbroek@ux123.pttnwb.nl @@ -43,8 +43,8 @@ void mover(char *fn) From = calloc(PATH_MAX, sizeof(char)); To = calloc(PATH_MAX, sizeof(char)); - sprintf(From, "%s/%s", TIC.Inbound, fn); - sprintf(To, "%s/%s", CFG.badtic, fn); + snprintf(From, PATH_MAX -1, "%s/%s", TIC.Inbound, fn); + snprintf(To, PATH_MAX -1, "%s/%s", CFG.badtic, fn); Syslog('!', "Moving %s to %s", From, To); if (mkdirs(To, 0770)) {