Secured sprintf with snprintf

2005-08-28 13:01:07 +00:00 · 2005-08-28 13:01:07 +00:00 · 4feb9cfa3e
commit 4feb9cfa3e
parent 240e2f72f9
4 changed files with 26 additions and 26 deletions
--- a/mbfido/mbftoberep.c
+++ b/mbfido/mbftoberep.c
@ -4,7 +4,7 @@
 * Purpose: File Database Maintenance - Show toberep database
 *
 *****************************************************************************
- * Copyright (C) 1997-2004
+ * Copyright (C) 1997-2005
 *   
 * Michiel Broek		FIDO:		2:280/2802
 * Beekmansbos 10
@ -57,7 +57,7 @@ void ToBeRep(void)

    mbse_colour(CYAN, BLACK);
    temp = calloc(PATH_MAX, sizeof(char));
-    sprintf(temp, "%s/etc/toberep.data", getenv("MBSE_ROOT"));
+    snprintf(temp, PATH_MAX -1, "%s/etc/toberep.data", getenv("MBSE_ROOT"));
    if ((fp = fopen(temp, "r")) == NULL) {
 	printf("No toberep database present\n");
    } else {
--- a/mbfido/mbfutil.c
+++ b/mbfido/mbfutil.c
@ -4,7 +4,7 @@
 * Purpose: File Database Maintenance - utilities
 *
 *****************************************************************************
- * Copyright (C) 1997-2004
+ * Copyright (C) 1997-2005
 *   
 * Michiel Broek		FIDO:		2:280/2802
 * Beekmansbos 10
@ -209,7 +209,7 @@ void DeleteVirusWork()
        buf  = calloc(PATH_MAX, sizeof(char));
        temp = calloc(PATH_MAX, sizeof(char));
        getcwd(buf, PATH_MAX);
-        sprintf(temp, "%s/tmp", getenv("MBSE_ROOT"));
+        snprintf(temp, PATH_MAX -1, "%s/tmp", getenv("MBSE_ROOT"));

        if (chdir(temp) == 0) {
                Syslog('f', "DeleteVirusWork %s/arc", temp);
@ -243,7 +243,7 @@ int UnpackFile(char *File)
    /*
     * Check if there is a temp directory to unpack the archive.
     */
-    sprintf(temp, "%s/tmp/arc", getenv("MBSE_ROOT"));
+    snprintf(temp, PATH_MAX -1, "%s/tmp/arc", getenv("MBSE_ROOT"));
    if ((access(temp, R_OK)) != 0) {
 	if (mkdir(temp, 0777)) {
 	    WriteError("$Can't create %s", temp);
@ -256,10 +256,10 @@ int UnpackFile(char *File)
    /*
     * Check for stale FILE_ID.DIZ files
     */
-    sprintf(temp, "%s/tmp/arc/FILE_ID.DIZ", getenv("MBSE_ROOT"));
+    snprintf(temp, PATH_MAX -1, "%s/tmp/arc/FILE_ID.DIZ", getenv("MBSE_ROOT"));
    if (!unlink(temp))
 	Syslog('+', "Removed stale %s", temp);
-    sprintf(temp, "%s/tmp/arc/file_id.diz", getenv("MBSE_ROOT"));
+    snprintf(temp, PATH_MAX -1, "%s/tmp/arc/file_id.diz", getenv("MBSE_ROOT"));
    if (!unlink(temp))
 	Syslog('+', "Removed stale %s", temp);

@ -278,7 +278,7 @@ int UnpackFile(char *File)
 	return FALSE;
    }

-    sprintf(temp, "%s/tmp/arc", getenv("MBSE_ROOT"));
+    snprintf(temp, PATH_MAX -1, "%s/tmp/arc", getenv("MBSE_ROOT"));
    if (chdir(temp) != 0) {
 	WriteError("$Can't change to %s", temp);
 	die(MBERR_GENERAL);
@ -367,7 +367,7 @@ int CheckFDB(int Area, char *Path)
    int	    rc = FALSE;

    temp = calloc(PATH_MAX, sizeof(char));
-    sprintf(temp, "%s/var/fdb/file%d.data", getenv("MBSE_ROOT"), Area);
+    snprintf(temp, PATH_MAX -1, "%s/var/fdb/file%d.data", getenv("MBSE_ROOT"), Area);

    /*
     * Open the file database, create new one if it doesn't excist.
@ -397,7 +397,7 @@ int CheckFDB(int Area, char *Path)
     * Now check the download directory
     */
    if (access(Path, W_OK) == -1) {
-	sprintf(temp, "%s/foobar", Path);
+	snprintf(temp, PATH_MAX -1, "%s/foobar", Path);
 	if (mkdirs(temp, 0775))
 	    Syslog('+', "Created directory %s", Path);
    }
@ -419,7 +419,7 @@ int LoadAreaRec(int Area)

    sAreas = calloc(PATH_MAX, sizeof(char));

-    sprintf(sAreas, "%s/etc/fareas.data", getenv("MBSE_ROOT"));
+    snprintf(sAreas, PATH_MAX -1, "%s/etc/fareas.data", getenv("MBSE_ROOT"));
    if ((pAreas = fopen (sAreas, "r")) == NULL) {
        WriteError("$Can't open %s", sAreas);
        if (!do_quiet)
--- a/mbfido/mbindex.c
+++ b/mbfido/mbindex.c
@ -4,7 +4,7 @@
 * Purpose ...............: Nodelist Compiler
 *
 *****************************************************************************
- * Copyright (C) 1997-2004
+ * Copyright (C) 1997-2005
 *   
 * Michiel Broek		FIDO:		2:280/2802
 * Beekmansbos 10
@ -254,7 +254,7 @@ char *fullpath(char *fname)
 {
    static char path[PATH_MAX];

-    sprintf(path, "%s/%s", CFG.nodelists, fname);
+    snprintf(path, PATH_MAX -1, "%s/%s", CFG.nodelists, fname);
    return path;
 }

@ -686,7 +686,7 @@ void fill_fdlist(fd_list **fdp, char *filename, time_t filedate)

    tmp = (fd_list *)malloc(sizeof(fd_list));
    tmp->next = *fdp;
-    sprintf(tmp->fname, "%s", filename);
+    snprintf(tmp->fname, 64, "%s", filename);
    tmp->fdate = filedate;
    *fdp = tmp;
 }
@ -757,7 +757,7 @@ char *pull_fdlist(fd_list **fdp)

 	ta = *fdp;
 	memset(&buf, 0, sizeof(buf));
-	sprintf(buf, "%s", ta->fname);
+	snprintf(buf, 64, "%s", ta->fname);

 	if (ta->next != NULL)
 		*fdp = ta->next;
@ -825,8 +825,8 @@ int makelist(char *base, unsigned short zo, unsigned short ne, unsigned short no
 	tidy_fdlist(&fdl); 

 	memset(&fdx, 0, sizeof(fdx));
-	sprintf(fdx.filename, "%s", p);
-	sprintf(fdx.domain, "%s", fidonet.domain);
+	snprintf(fdx.filename, 12, "%s", p);
+	snprintf(fdx.domain, 12, "%s", fidonet.domain);
 	fdx.number = filenr;
 	fwrite(&fdx, sizeof(fdx), 1, ffp);

--- a/mbfido/mbmsg.c
+++ b/mbfido/mbmsg.c
@ -250,7 +250,7 @@ void DoMsgBase()
    int	    Del = 0;

    sAreas  = calloc(PATH_MAX, sizeof(char));
-    Name	= calloc(PATH_MAX, sizeof(char ));
+    Name    = calloc(PATH_MAX, sizeof(char ));

    IsDoing("Msg Maintenance");

@ -264,7 +264,7 @@ void DoMsgBase()
 	Syslog('-', "------    ------ ------   ------ ------ ----------------------------------");
    }

-    sprintf(sAreas, "%s/etc/mareas.data", getenv("MBSE_ROOT"));
+    snprintf(sAreas, PATH_MAX -1, "%s/etc/mareas.data", getenv("MBSE_ROOT"));
    if(( pAreas = fopen (sAreas, "r")) == NULL) {
 	WriteError("$Can't open %s", sAreas);
 	die(MBERR_GENERAL);
@ -331,7 +331,7 @@ void DoMsgBase()
    fclose(pAreas);

    if (!do_area) {
-	sprintf(sAreas, "%s/etc/users.data", getenv("MBSE_ROOT"));
+	snprintf(sAreas, PATH_MAX -1, "%s/etc/users.data", getenv("MBSE_ROOT"));
 	if ((pAreas = fopen (sAreas, "r")) == NULL) {
 	    WriteError("$Can't open %s", sAreas);
 	    die(MBERR_GENERAL);
@ -341,13 +341,13 @@ void DoMsgBase()
 	while (fread(&usrconfig, usrconfighdr.recsize, 1, pAreas) == 1) {
 	    if (usrconfig.Email && strlen(usrconfig.Name)) {
 		Nopper();
-		sprintf(Name, "User %s email area: mailbox", usrconfig.Name);
+		snprintf(Name, PATH_MAX -1, "User %s email area: mailbox", usrconfig.Name);
 		if (!do_quiet) {
 		    mbse_colour(CYAN, BLACK);
 		    printf("\r      .. %-40s", Name);
 		    fflush(stdout);
 		}
-		sprintf(sAreas, "%s/%s/mailbox", CFG.bbs_usersdir, usrconfig.Name);
+		snprintf(sAreas, PATH_MAX -1, "%s/%s/mailbox", CFG.bbs_usersdir, usrconfig.Name);
 		are_tot++;
 		processed = FALSE;
 		if (do_kill)
@ -360,8 +360,8 @@ void DoMsgBase()
 		    LinkArea(sAreas, 0);
 		if (processed)
 		    are_proc++;
-		sprintf(sAreas, "%s/%s/archive", CFG.bbs_usersdir, usrconfig.Name);
-		sprintf(Name, "User %s email area: archive", usrconfig.Name);
+		snprintf(sAreas, PATH_MAX -1, "%s/%s/archive", CFG.bbs_usersdir, usrconfig.Name);
+		snprintf(Name, 80, "User %s email area: archive", usrconfig.Name);
 		are_tot++;
 		processed = FALSE;
 		if (do_kill)
@ -373,8 +373,8 @@ void DoMsgBase()
 		    LinkArea(sAreas, 0);
 		if (processed)
 		    are_proc++;
-		sprintf(sAreas, "%s/%s/trash", CFG.bbs_usersdir, usrconfig.Name);
-		sprintf(Name, "User %s email area: trash", usrconfig.Name);
+		snprintf(sAreas, PATH_MAX -1, "%s/%s/trash", CFG.bbs_usersdir, usrconfig.Name);
+		snprintf(Name, 80, "User %s email area: trash", usrconfig.Name);
 		are_tot++;
 		processed = FALSE;
 		if (do_kill)