From 96252654b8407977a12d4845c39e452c3f3996bb Mon Sep 17 00:00:00 2001 From: Michiel Broek Date: Mon, 29 Aug 2005 15:00:13 +0000 Subject: [PATCH] Secured sprintf with snprintf --- mbsetup/m_protocol.c | 134 +++++++++++++++++++++---------------------- mbsetup/m_route.c | 22 +++---- mbsetup/m_service.c | 38 ++++++------ mbsetup/m_task.c | 12 ++-- mbsetup/m_ticarea.c | 72 +++++++++++------------ 5 files changed, 139 insertions(+), 139 deletions(-) diff --git a/mbsetup/m_protocol.c b/mbsetup/m_protocol.c index 547ad078..82aeb774 100644 --- a/mbsetup/m_protocol.c +++ b/mbsetup/m_protocol.c @@ -4,7 +4,7 @@ * Purpose ...............: Setup Protocols. * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -55,7 +55,7 @@ int CountProtocol(void) char ffile[PATH_MAX]; int count; - sprintf(ffile, "%s/etc/protocol.data", getenv("MBSE_ROOT")); + snprintf(ffile, PATH_MAX, "%s/etc/protocol.data", getenv("MBSE_ROOT")); if ((fil = fopen(ffile, "r")) == NULL) { if ((fil = fopen(ffile, "a+")) != NULL) { Syslog('+', "Created new %s", ffile); @@ -67,49 +67,49 @@ int CountProtocol(void) * Write default set of protocols */ memset(&PROT, 0, sizeof(PROT)); - sprintf(PROT.ProtKey, "A"); - sprintf(PROT.ProtName, "Ymodem"); + snprintf(PROT.ProtKey, 2, "A"); + snprintf(PROT.ProtName, 21, "Ymodem"); if (strlen(_PATH_SB) && strlen(_PATH_RB)) { - sprintf(PROT.ProtUp, "%s -v", _PATH_RB); - sprintf(PROT.ProtDn, "%s -v -u", _PATH_SB); + snprintf(PROT.ProtUp, 51, "%s -v", _PATH_RB); + snprintf(PROT.ProtDn, 51, "%s -v -u", _PATH_SB); } else { - sprintf(PROT.ProtUp, "/usr/bin/rb -v"); - sprintf(PROT.ProtDn, "/usr/bin/sb -v -u"); + snprintf(PROT.ProtUp, 51, "/usr/bin/rb -v"); + snprintf(PROT.ProtDn, 51, "/usr/bin/sb -v -u"); } PROT.Available = FALSE; - sprintf(PROT.Advice, "Press Ctrl-X to abort"); + snprintf(PROT.Advice, 31, "Press Ctrl-X to abort"); PROT.Efficiency = 75; fwrite(&PROT, sizeof(PROT), 1, fil); - sprintf(PROT.ProtKey, "B"); - sprintf(PROT.ProtName, "Ymodem-1K"); + snprintf(PROT.ProtKey, 2, "B"); + snprintf(PROT.ProtName, 21, "Ymodem-1K"); if (strlen(_PATH_SB) && strlen(_PATH_RB)) { - sprintf(PROT.ProtUp, "%s -k -v", _PATH_RB); - sprintf(PROT.ProtDn, "%s -k -v -u", _PATH_SB); + snprintf(PROT.ProtUp, 51, "%s -k -v", _PATH_RB); + snprintf(PROT.ProtDn, 51, "%s -k -v -u", _PATH_SB); } else { - sprintf(PROT.ProtUp, "/usr/bin/rb -k -v"); - sprintf(PROT.ProtDn, "/usr/bin/sb -k -v -u"); + snprintf(PROT.ProtUp, 51, "/usr/bin/rb -k -v"); + snprintf(PROT.ProtDn, 51, "/usr/bin/sb -k -v -u"); } PROT.Efficiency = 82; fwrite(&PROT, sizeof(PROT), 1, fil); - sprintf(PROT.ProtKey, "C"); - sprintf(PROT.ProtName, "Zmodem"); + snprintf(PROT.ProtKey, 2, "C"); + snprintf(PROT.ProtName, 21, "Zmodem"); if (strlen(_PATH_SZ) && strlen(_PATH_RZ)) { - sprintf(PROT.ProtUp, "%s -p -v", _PATH_RZ); - sprintf(PROT.ProtDn, "%s -b -q -r -u", _PATH_SZ); + snprintf(PROT.ProtUp, 51, "%s -p -v", _PATH_RZ); + snprintf(PROT.ProtDn, 51, "%s -b -q -r -u", _PATH_SZ); } else { - sprintf(PROT.ProtUp, "/usr/bin/rz -p -v"); - sprintf(PROT.ProtDn, "/usr/bin/sz -b -q -r -u"); + snprintf(PROT.ProtUp, 51, "/usr/bin/rz -p -v"); + snprintf(PROT.ProtDn, 51, "/usr/bin/sz -b -q -r -u"); } PROT.Efficiency = 98; fwrite(&PROT, sizeof(PROT), 1, fil); - sprintf(PROT.ProtKey, "L"); - sprintf(PROT.ProtName, "Local disk"); - sprintf(PROT.ProtUp, "%s/bin/rf", getenv("MBSE_ROOT")); - sprintf(PROT.ProtDn, "%s/bin/sf", getenv("MBSE_ROOT")); - sprintf(PROT.Advice, "It goes before you know"); + snprintf(PROT.ProtKey, 2, "L"); + snprintf(PROT.ProtName, 21, "Local disk"); + snprintf(PROT.ProtUp, 51, "%s/bin/rf", getenv("MBSE_ROOT")); + snprintf(PROT.ProtDn, 51, "%s/bin/sf", getenv("MBSE_ROOT")); + snprintf(PROT.Advice, 31, "It goes before you know"); PROT.Level.level = 32000; PROT.Efficiency = 100; fwrite(&PROT, sizeof(PROT), 1, fil); @@ -117,36 +117,36 @@ int CountProtocol(void) memset(&PROT, 0, sizeof(PROT)); PROT.Internal = TRUE; PROT.Available = TRUE; - sprintf(PROT.Advice, "Press Ctrl-X to abort"); - sprintf(PROT.ProtKey, "1"); - sprintf(PROT.ProtName, "Ymodem-1K"); + snprintf(PROT.Advice, 31, "Press Ctrl-X to abort"); + snprintf(PROT.ProtKey, 2, "1"); + snprintf(PROT.ProtName, 21, "Ymodem-1K"); PROT.Efficiency = 82; fwrite(&PROT, sizeof(PROT), 1, fil); - sprintf(PROT.ProtKey, "8"); - sprintf(PROT.ProtName, "Zmodem-8K (ZedZap)"); + snprintf(PROT.ProtKey, 2, "8"); + snprintf(PROT.ProtName, 21, "Zmodem-8K (ZedZap)"); PROT.Efficiency = 99; fwrite(&PROT, sizeof(PROT), 1, fil); - sprintf(PROT.ProtKey, "G"); - sprintf(PROT.ProtName, "Ymodem-G"); + snprintf(PROT.ProtKey, 2, "G"); + snprintf(PROT.ProtName, 21, "Ymodem-G"); PROT.Efficiency = 90; fwrite(&PROT, sizeof(PROT), 1, fil); PROT.Available = FALSE; - sprintf(PROT.ProtKey, "X"); - sprintf(PROT.ProtName, "Xmodem"); + snprintf(PROT.ProtKey, 2, "X"); + snprintf(PROT.ProtName, 21, "Xmodem"); PROT.Efficiency = 75; fwrite(&PROT, sizeof(PROT), 1, fil); PROT.Available = TRUE; - sprintf(PROT.ProtKey, "Y"); - sprintf(PROT.ProtName, "Ymodem"); + snprintf(PROT.ProtKey, 2, "Y"); + snprintf(PROT.ProtName, 21, "Ymodem"); PROT.Efficiency = 75; fwrite(&PROT, sizeof(PROT), 1, fil); - sprintf(PROT.ProtKey, "Z"); - sprintf(PROT.ProtName, "Zmodem"); + snprintf(PROT.ProtKey, 2, "Z"); + snprintf(PROT.ProtName, 21, "Zmodem"); PROT.Efficiency = 92; fwrite(&PROT, sizeof(PROT), 1, fil); @@ -182,8 +182,8 @@ int OpenProtocol(void) long oldsize; int AddInt = TRUE; - sprintf(fnin, "%s/etc/protocol.data", getenv("MBSE_ROOT")); - sprintf(fnout, "%s/etc/protocol.temp", getenv("MBSE_ROOT")); + snprintf(fnin, PATH_MAX, "%s/etc/protocol.data", getenv("MBSE_ROOT")); + snprintf(fnout, PATH_MAX, "%s/etc/protocol.temp", getenv("MBSE_ROOT")); if ((fin = fopen(fnin, "r")) != NULL) { if ((fout = fopen(fnout, "w")) != NULL) { fread(&PROThdr, sizeof(PROThdr), 1, fin); @@ -233,7 +233,7 @@ int OpenProtocol(void) */ if (strstr(usedkeys, PROT.ProtKey)) { Syslog('+', "Change external protocol %s key %s to %c", PROT.ProtName, PROT.ProtKey, newkey); - sprintf(PROT.ProtKey, "%c", newkey); + snprintf(PROT.ProtKey, 2, "%c", newkey); newkey++; ProtUpdated = 1; } @@ -252,36 +252,36 @@ int OpenProtocol(void) memset(&PROT, 0, sizeof(PROT)); PROT.Internal = TRUE; PROT.Available = TRUE; - sprintf(PROT.Advice, "Press Ctrl-X to abort"); - sprintf(PROT.ProtKey, "1"); - sprintf(PROT.ProtName, "Ymodem-1K"); + snprintf(PROT.Advice, 31, "Press Ctrl-X to abort"); + snprintf(PROT.ProtKey, 2,"1"); + snprintf(PROT.ProtName, 21,"Ymodem-1K"); PROT.Efficiency = 82; fwrite(&PROT, sizeof(PROT), 1, fout); - sprintf(PROT.ProtKey, "8"); - sprintf(PROT.ProtName, "Zmodem-8K (ZedZap)"); + snprintf(PROT.ProtKey, 2,"8"); + snprintf(PROT.ProtName, 21,"Zmodem-8K (ZedZap)"); PROT.Efficiency = 99; fwrite(&PROT, sizeof(PROT), 1, fout); - sprintf(PROT.ProtKey, "G"); - sprintf(PROT.ProtName, "Ymodem-G"); + snprintf(PROT.ProtKey, 2,"G"); + snprintf(PROT.ProtName, 21,"Ymodem-G"); PROT.Efficiency = 90; fwrite(&PROT, sizeof(PROT), 1, fout); PROT.Available = FALSE; - sprintf(PROT.ProtKey, "X"); - sprintf(PROT.ProtName, "Xmodem"); + snprintf(PROT.ProtKey, 2,"X"); + snprintf(PROT.ProtName, 21,"Xmodem"); PROT.Efficiency = 75; fwrite(&PROT, sizeof(PROT), 1, fout); PROT.Available = TRUE; - sprintf(PROT.ProtKey, "Y"); - sprintf(PROT.ProtName, "Ymodem"); + snprintf(PROT.ProtKey, 2,"Y"); + snprintf(PROT.ProtName, 21,"Ymodem"); PROT.Efficiency = 75; fwrite(&PROT, sizeof(PROT), 1, fout); - sprintf(PROT.ProtKey, "Z"); - sprintf(PROT.ProtName, "Zmodem"); + snprintf(PROT.ProtKey, 2,"Z"); + snprintf(PROT.ProtName, 21,"Zmodem"); PROT.Efficiency = 92; fwrite(&PROT, sizeof(PROT), 1, fout); ProtRecords += 6; @@ -307,8 +307,8 @@ void CloseProtocol(int force) FILE *fi, *fo; st_list *pro = NULL, *tmp; - sprintf(fin, "%s/etc/protocol.data", getenv("MBSE_ROOT")); - sprintf(fout,"%s/etc/protocol.temp", getenv("MBSE_ROOT")); + snprintf(fin, PATH_MAX, "%s/etc/protocol.data", getenv("MBSE_ROOT")); + snprintf(fout, PATH_MAX, "%s/etc/protocol.temp", getenv("MBSE_ROOT")); if (ProtUpdated == 1) { if (force || (yes_no((char *)"Database is changed, save changes") == 1)) { @@ -353,7 +353,7 @@ int AppendProtocol(void) FILE *fil; char ffile[PATH_MAX]; - sprintf(ffile, "%s/etc/protocol.temp", getenv("MBSE_ROOT")); + snprintf(ffile, PATH_MAX, "%s/etc/protocol.temp", getenv("MBSE_ROOT")); if ((fil = fopen(ffile, "a")) != NULL) { memset(&PROT, 0, sizeof(PROT)); fwrite(&PROT, sizeof(PROT), 1, fil); @@ -402,7 +402,7 @@ int EditProtRec(int Area) working(1, 0, 0); IsDoing("Edit Protocol"); - sprintf(mfile, "%s/etc/protocol.temp", getenv("MBSE_ROOT")); + snprintf(mfile, PATH_MAX, "%s/etc/protocol.temp", getenv("MBSE_ROOT")); if ((fil = fopen(mfile, "r")) == NULL) { working(2, 0, 0); return -1; @@ -535,7 +535,7 @@ void EditProtocol(void) mbse_mvprintw( 5, 6, "8.5 PROTOCOL SETUP"); set_color(CYAN, BLACK); if (ProtRecords != 0) { - sprintf(temp, "%s/etc/protocol.temp", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/protocol.temp", getenv("MBSE_ROOT")); working(1, 0, 0); if ((fil = fopen(temp, "r")) != NULL) { fread(&PROThdr, sizeof(PROThdr), 1, fil); @@ -552,7 +552,7 @@ void EditProtocol(void) set_color(CYAN, BLACK); else set_color(LIGHTBLUE, BLACK); - sprintf(temp, "%3d. %1s %-20s %s %3d %-30s %5d", i, PROT.ProtKey, PROT.ProtName, + snprintf(temp, 81, "%3d. %1s %-20s %s %3d %-30s %5d", i, PROT.ProtKey, PROT.ProtName, PROT.Internal?"Int":"Ext", PROT.Efficiency, PROT.Advice, PROT.Level.level); mbse_mvprintw(y, 4, temp); y++; @@ -628,11 +628,11 @@ char *PickProtocol(int nr) clr_index(); set_color(WHITE, BLACK); - sprintf(temp, "%d. PROTOCOL SELECT", nr); + snprintf(temp, 81, "%d. PROTOCOL SELECT", nr); mbse_mvprintw( 5, 4, temp); set_color(CYAN, BLACK); if (ProtRecords) { - sprintf(temp, "%s/etc/protocol.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/protocol.data", getenv("MBSE_ROOT")); working(1, 0, 0); if ((fil = fopen(temp, "r")) != NULL) { fread(&PROThdr, sizeof(PROThdr), 1, fil); @@ -652,7 +652,7 @@ char *PickProtocol(int nr) set_color(CYAN, BLACK); else set_color(LIGHTBLUE, BLACK); - sprintf(temp, "%3d. %s %-30s", i, PROT.ProtKey, PROT.ProtName); + snprintf(temp, 81, "%3d. %s %-30s", i, PROT.ProtKey, PROT.ProtName); temp[37] = '\0'; mbse_mvprintw(i + 6, x, temp); y++; @@ -683,7 +683,7 @@ int bbs_prot_doc(FILE *fp, FILE *toc, int page) FILE *wp, *ip, *no; int j; - sprintf(temp, "%s/etc/protocol.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/protocol.data", getenv("MBSE_ROOT")); if ((no = fopen(temp, "r")) == NULL) return page; @@ -708,7 +708,7 @@ int bbs_prot_doc(FILE *fp, FILE *toc, int page) j = 0; } - sprintf(temp, "protocol_%s.html", PROT.ProtKey); + snprintf(temp, 81, "protocol_%s.html", PROT.ProtKey); fprintf(ip, "%s%s%s%s\n", temp, PROT.ProtKey, PROT.ProtName, getboolean(PROT.Available), PROT.Internal ? "Internal":"External"); if ((wp = open_webdoc(temp, (char *)"BBS Transfer Protocol", PROT.ProtName))) { @@ -726,7 +726,7 @@ int bbs_prot_doc(FILE *fp, FILE *toc, int page) add_webtable(wp, (char *)"Available", getboolean(PROT.Available)); add_webtable(wp, (char *)"Internal protocol", getboolean(PROT.Internal)); add_webtable(wp, (char *)"User advice", PROT.Advice); - sprintf(temp, "%d%%", PROT.Efficiency); + snprintf(temp, 81, "%d%%", PROT.Efficiency); add_webtable(wp, (char *)"Efficiency", temp); web_secflags(wp, (char *)"Security level", PROT.Level); fprintf(wp, "\n"); diff --git a/mbsetup/m_route.c b/mbsetup/m_route.c index 41fde983..88327653 100644 --- a/mbsetup/m_route.c +++ b/mbsetup/m_route.c @@ -4,7 +4,7 @@ * Purpose ...............: Routing Setup * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -54,7 +54,7 @@ int CountRoute(void) int count; ffile = calloc(PATH_MAX, sizeof(char)); - sprintf(ffile, "%s/etc/route.data", getenv("MBSE_ROOT")); + snprintf(ffile, PATH_MAX, "%s/etc/route.data", getenv("MBSE_ROOT")); if ((fil = fopen(ffile, "r")) == NULL) { if ((fil = fopen(ffile, "a+")) != NULL) { Syslog('+', "Created new %s", ffile); @@ -95,8 +95,8 @@ int OpenRoute(void) fnin = calloc(PATH_MAX, sizeof(char)); fnout = calloc(PATH_MAX, sizeof(char)); - sprintf(fnin, "%s/etc/route.data", getenv("MBSE_ROOT")); - sprintf(fnout, "%s/etc/route.temp", getenv("MBSE_ROOT")); + snprintf(fnin, PATH_MAX, "%s/etc/route.data", getenv("MBSE_ROOT")); + snprintf(fnout, PATH_MAX, "%s/etc/route.temp", getenv("MBSE_ROOT")); if ((fin = fopen(fnin, "r")) != NULL) { if ((fout = fopen(fnout, "w")) != NULL) { @@ -153,8 +153,8 @@ void CloseRoute(int force) fin = calloc(PATH_MAX, sizeof(char)); fout = calloc(PATH_MAX, sizeof(char)); - sprintf(fin, "%s/etc/route.data", getenv("MBSE_ROOT")); - sprintf(fout,"%s/etc/route.temp", getenv("MBSE_ROOT")); + snprintf(fin, PATH_MAX, "%s/etc/route.data", getenv("MBSE_ROOT")); + snprintf(fout, PATH_MAX, "%s/etc/route.temp", getenv("MBSE_ROOT")); if (RouteUpdated == 1) { if (force || (yes_no((char *)"Database is changed, save changes") == 1)) { @@ -203,7 +203,7 @@ int AppendRoute(void) char *ffile; ffile = calloc(PATH_MAX, sizeof(char)); - sprintf(ffile, "%s/etc/route.temp", getenv("MBSE_ROOT")); + snprintf(ffile, PATH_MAX, "%s/etc/route.temp", getenv("MBSE_ROOT")); if ((fil = fopen(ffile, "a")) != NULL) { memset(&route, 0, sizeof(route)); @@ -319,7 +319,7 @@ int EditRouteRec(int Area) IsDoing("Edit Route"); mfile = calloc(PATH_MAX, sizeof(char)); - sprintf(mfile, "%s/etc/route.temp", getenv("MBSE_ROOT")); + snprintf(mfile, PATH_MAX, "%s/etc/route.temp", getenv("MBSE_ROOT")); if ((fil = fopen(mfile, "r")) == NULL) { working(2, 0, 0); free(mfile); @@ -439,7 +439,7 @@ void EditRoute(void) mbse_mvprintw( 5, 4, "19. ROUTING TABLE"); set_color(CYAN, BLACK); if (records != 0) { - sprintf(temp, "%s/etc/route.temp", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/route.temp", getenv("MBSE_ROOT")); working(1, 0, 0); if ((fil = fopen(temp, "r")) != NULL) { fread(&routehdr, sizeof(routehdr), 1, fil); @@ -457,7 +457,7 @@ void EditRoute(void) set_color(CYAN, BLACK); else set_color(LIGHTBLUE, BLACK); - sprintf(temp, "%3d. %-25s %s %s", o + i, route.mask, get_routetype(route.routetype), aka2str(route.dest)); + snprintf(temp, 81, "%3d. %-25s %s %s", o + i, route.mask, get_routetype(route.routetype), aka2str(route.dest)); // temp[37] = 0; mbse_mvprintw(y, x, temp); y++; @@ -516,7 +516,7 @@ int route_doc(FILE *fp, FILE *toc, int page) int j; temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/etc/route.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/route.data", getenv("MBSE_ROOT")); if ((no = fopen(temp, "r")) == NULL) { free(temp); return page; diff --git a/mbsetup/m_service.c b/mbsetup/m_service.c index 62cddf26..aea4e9f1 100644 --- a/mbsetup/m_service.c +++ b/mbsetup/m_service.c @@ -4,7 +4,7 @@ * Purpose ...............: Service Setup * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -51,7 +51,7 @@ int CountService(void) char ffile[PATH_MAX]; int count; - sprintf(ffile, "%s/etc/service.data", getenv("MBSE_ROOT")); + snprintf(ffile, PATH_MAX, "%s/etc/service.data", getenv("MBSE_ROOT")); if ((fil = fopen(ffile, "r")) == NULL) { if ((fil = fopen(ffile, "a+")) != NULL) { Syslog('+', "Created new %s", ffile); @@ -63,25 +63,25 @@ int CountService(void) servrec.Action = EMAIL; servrec.Active = TRUE; - sprintf(servrec.Service, "UUCP"); + snprintf(servrec.Service, 16, "UUCP"); fwrite(&servrec, sizeof(servrec), 1, fil); servrec.Action = AREAMGR; - sprintf(servrec.Service, "areamgr"); + snprintf(servrec.Service, 16, "areamgr"); fwrite(&servrec, sizeof(servrec), 1, fil); - sprintf(servrec.Service, "gecho"); + snprintf(servrec.Service, 16, "gecho"); fwrite(&servrec, sizeof(servrec), 1, fil); - sprintf(servrec.Service, "fmail"); + snprintf(servrec.Service, 16, "fmail"); fwrite(&servrec, sizeof(servrec), 1, fil); servrec.Action = FILEMGR; - sprintf(servrec.Service, "filemgr"); + snprintf(servrec.Service, 16, "filemgr"); fwrite(&servrec, sizeof(servrec), 1, fil); - sprintf(servrec.Service, "allfix"); + snprintf(servrec.Service, 16, "allfix"); fwrite(&servrec, sizeof(servrec), 1, fil); - sprintf(servrec.Service, "mbtic"); + snprintf(servrec.Service, 16, "mbtic"); fwrite(&servrec, sizeof(servrec), 1, fil); - sprintf(servrec.Service, "raid"); + snprintf(servrec.Service, 16, "raid"); fwrite(&servrec, sizeof(servrec), 1, fil); fclose(fil); chmod(ffile, 0640); @@ -112,8 +112,8 @@ int OpenService(void) char fnin[PATH_MAX], fnout[PATH_MAX]; long oldsize; - sprintf(fnin, "%s/etc/service.data", getenv("MBSE_ROOT")); - sprintf(fnout, "%s/etc/service.temp", getenv("MBSE_ROOT")); + snprintf(fnin, PATH_MAX, "%s/etc/service.data", getenv("MBSE_ROOT")); + snprintf(fnout, PATH_MAX, "%s/etc/service.temp", getenv("MBSE_ROOT")); if ((fin = fopen(fnin, "r")) != NULL) { if ((fout = fopen(fnout, "w")) != NULL) { fread(&servhdr, sizeof(servhdr), 1, fin); @@ -160,8 +160,8 @@ void CloseService(int force) FILE *fi, *fo; st_list *hat = NULL, *tmp; - sprintf(fin, "%s/etc/service.data", getenv("MBSE_ROOT")); - sprintf(fout,"%s/etc/service.temp", getenv("MBSE_ROOT")); + snprintf(fin, PATH_MAX, "%s/etc/service.data", getenv("MBSE_ROOT")); + snprintf(fout, PATH_MAX, "%s/etc/service.temp", getenv("MBSE_ROOT")); if (ServiceUpdated == 1) { if (force || (yes_no((char *)"Database is changed, save changes") == 1)) { @@ -205,7 +205,7 @@ int AppendService(void) FILE *fil; char ffile[PATH_MAX]; - sprintf(ffile, "%s/etc/service.temp", getenv("MBSE_ROOT")); + snprintf(ffile, PATH_MAX, "%s/etc/service.temp", getenv("MBSE_ROOT")); if ((fil = fopen(ffile, "a")) != NULL) { memset(&servrec, 0, sizeof(servrec)); /* @@ -249,7 +249,7 @@ int EditServiceRec(int Area) working(1, 0, 0); IsDoing("Edit Service"); - sprintf(mfile, "%s/etc/service.temp", getenv("MBSE_ROOT")); + snprintf(mfile, PATH_MAX, "%s/etc/service.temp", getenv("MBSE_ROOT")); if ((fil = fopen(mfile, "r")) == NULL) { working(2, 0, 0); return -1; @@ -341,7 +341,7 @@ void EditService(void) mbse_mvprintw( 5, 4, "16. SERVICE MANAGER"); set_color(CYAN, BLACK); if (records != 0) { - sprintf(temp, "%s/etc/service.temp", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/service.temp", getenv("MBSE_ROOT")); working(1, 0, 0); if ((fil = fopen(temp, "r")) != NULL) { fread(&servhdr, sizeof(servhdr), 1, fil); @@ -361,7 +361,7 @@ void EditService(void) set_color(CYAN, BLACK); else set_color(LIGHTBLUE, BLACK); - sprintf(temp, "%3d. %-15s %s", o+i, servrec.Service, getservice(servrec.Action)); + snprintf(temp, 81, "%3d. %-15s %s", o+i, servrec.Service, getservice(servrec.Action)); temp[37] = 0; mbse_mvprintw(y, x, temp); y++; @@ -418,7 +418,7 @@ int service_doc(FILE *fp, FILE *toc, int page) FILE *wp, *no; int j; - sprintf(temp, "%s/etc/service.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/service.data", getenv("MBSE_ROOT")); if ((no = fopen(temp, "r")) == NULL) return page; diff --git a/mbsetup/m_task.c b/mbsetup/m_task.c index 7f429e94..e212407c 100644 --- a/mbsetup/m_task.c +++ b/mbsetup/m_task.c @@ -4,7 +4,7 @@ * Purpose ...............: Setup TaskManager. * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -51,7 +51,7 @@ int OpenTask(void) FILE *fin; char fnin[PATH_MAX]; - sprintf(fnin, "%s/etc/task.data", getenv("MBSE_ROOT")); + snprintf(fnin, PATH_MAX, "%s/etc/task.data", getenv("MBSE_ROOT")); if ((fin = fopen(fnin, "r")) != NULL) { fread(&TCFG, sizeof(TCFG), 1, fin); fclose(fin); @@ -76,7 +76,7 @@ void CloseTask(void) if (crc1 != crc2) { if (yes_no((char *)"Configuration is changed, save changes") == 1) { working(1, 0, 0); - sprintf(fin, "%s/etc/task.data", getenv("MBSE_ROOT")); + snprintf(fin, PATH_MAX, "%s/etc/task.data", getenv("MBSE_ROOT")); if ((fp = fopen(fin, "w+")) != NULL) { fwrite(&TCFG, sizeof(TCFG), 1, fp); fclose(fp); @@ -135,7 +135,7 @@ int EditTask() show_str(14, 15,40, TCFG.isp_ping1); show_str(15, 15,40, TCFG.isp_ping2); show_int(16, 15, TCFG.max_tcp); - sprintf(temp, "%0.2f", TCFG.maxload); + snprintf(temp, 10, "%0.2f", TCFG.maxload); show_str(17, 15,5, temp); show_str( 16,56, 5, TCFG.zmh_start); @@ -181,7 +181,7 @@ int task_doc(FILE *fp, FILE *toc, int page) char temp[PATH_MAX]; FILE *wp, *no; - sprintf(temp, "%s/etc/task.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/task.data", getenv("MBSE_ROOT")); if ((no = fopen(temp, "r")) == NULL) return page; fread(&TCFG, sizeof(TCFG), 1, no); @@ -208,7 +208,7 @@ int task_doc(FILE *fp, FILE *toc, int page) add_webtable(wp, (char *)"ISP ping host 1", TCFG.isp_ping1); add_webtable(wp, (char *)"ISP ping host 2", TCFG.isp_ping2); fprintf(wp, " \n"); - sprintf(temp, "%0.2f", TCFG.maxload); + snprintf(temp, 10, "%0.2f", TCFG.maxload); add_webtable(wp, (char *)"Maximum system load", temp); add_webdigit(wp, (char *)"Max TCP/IP connections", TCFG.max_tcp); fprintf(wp, "\n"); diff --git a/mbsetup/m_ticarea.c b/mbsetup/m_ticarea.c index e65079d9..cff71f38 100644 --- a/mbsetup/m_ticarea.c +++ b/mbsetup/m_ticarea.c @@ -4,7 +4,7 @@ * Purpose ...............: TIC Areas Setup Program * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -59,7 +59,7 @@ int CountTicarea(void) char ffile[PATH_MAX]; int count; - sprintf(ffile, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(ffile, PATH_MAX, "%s/etc/tic.data", getenv("MBSE_ROOT")); if ((fil = fopen(ffile, "r")) == NULL) { if ((fil = fopen(ffile, "a+")) != NULL) { Syslog('+', "Created new %s", ffile); @@ -100,8 +100,8 @@ int OpenTicarea(void) struct _sysconnect syscon; int i, oldsystems; - sprintf(fnin, "%s/etc/tic.data", getenv("MBSE_ROOT")); - sprintf(fnout, "%s/etc/tic.temp", getenv("MBSE_ROOT")); + snprintf(fnin, PATH_MAX, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(fnout, PATH_MAX, "%s/etc/tic.temp", getenv("MBSE_ROOT")); if ((fin = fopen(fnin, "r")) != NULL) { if ((fout = fopen(fnout, "w")) != NULL) { TicUpdated = 0; @@ -188,8 +188,8 @@ void CloseTicarea(int Force) int i; struct _sysconnect syscon; - sprintf(fin, "%s/etc/tic.data", getenv("MBSE_ROOT")); - sprintf(fout,"%s/etc/tic.temp", getenv("MBSE_ROOT")); + snprintf(fin, PATH_MAX, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(fout, PATH_MAX, "%s/etc/tic.temp", getenv("MBSE_ROOT")); if (TicUpdated == 1) { if (Force || (yes_no((char *)"Tic areas database is changed, save changes")) == 1) { @@ -240,7 +240,7 @@ int AppendTicarea(void) struct _sysconnect syscon; int i; - sprintf(ffile, "%s/etc/tic.temp", getenv("MBSE_ROOT")); + snprintf(ffile, PATH_MAX, "%s/etc/tic.temp", getenv("MBSE_ROOT")); if ((fil = fopen(ffile, "a")) != NULL) { memset(&tic, 0, sizeof(tic)); /* @@ -369,10 +369,10 @@ int EditTicConnections(FILE *fil) status[2] = 'P'; if (System.aka.zone) { set_color(CYAN,BLACK); - sprintf(temp, "%3d. %s %s", o+i, status, aka2str(System.aka)); + snprintf(temp, 81, "%3d. %s %s", o+i, status, aka2str(System.aka)); } else { set_color(LIGHTBLUE, BLACK); - sprintf(temp, "%3d.", o+i); + snprintf(temp, 81, "%3d.", o+i); } mbse_mvprintw(y, x, temp); y++; @@ -458,7 +458,7 @@ long LoadTicRec(int Area, int work) if (work) working(1, 0, 0); - sprintf(mfile, "%s/etc/tic.temp", getenv("MBSE_ROOT")); + snprintf(mfile, PATH_MAX, "%s/etc/tic.temp", getenv("MBSE_ROOT")); if ((fil = fopen(mfile, "r")) == NULL) { working(2, 0, 0); return -1; @@ -502,7 +502,7 @@ int SaveTicRec(int Area, int work) if (work) working(1, 0, 0); - sprintf(mfile, "%s/etc/tic.temp", getenv("MBSE_ROOT")); + snprintf(mfile, PATH_MAX, "%s/etc/tic.temp", getenv("MBSE_ROOT")); if ((fil = fopen(mfile, "r+")) == 0) { working(2, 0, 0); return -1; @@ -565,7 +565,7 @@ void TicGlobal(void) * Build the groups select array */ working(1, 0, 0); - sprintf(tfile, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); + snprintf(tfile, PATH_MAX, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); if ((fil = fopen(tfile, "r")) != NULL) { fread(&fgrouphdr, sizeof(fgrouphdr), 1, fil); @@ -701,7 +701,7 @@ void TicGlobal(void) Sc.aka.point = a2.point; Sc.sendto = TRUE; Sc.receivefrom = FALSE; - sprintf(Sc.aka.domain, "%s", a2.domain); + snprintf(Sc.aka.domain, 13, "%s", a2.domain); fwrite(&Sc, sizeof(sysconnect), 1, ttfil); if (SaveTicRec(areanr, FALSE) == 0) { Done++; @@ -719,7 +719,7 @@ void TicGlobal(void) Sc.aka.net = a2.net; Sc.aka.node = a2.node; Sc.aka.point = a2.point; - sprintf(Sc.aka.domain, "%s", a2.domain); + snprintf(Sc.aka.domain, 13, "%s", a2.domain); fseek(ttfil, - sizeof(sysconnect), SEEK_CUR); fwrite(&Sc, sizeof(sysconnect), 1, ttfil); if (SaveTicRec(areanr, FALSE) == 0) { @@ -759,7 +759,7 @@ void TicGlobal(void) tic.Aka.net = CFG.aka[akan].net; tic.Aka.node = CFG.aka[akan].node; tic.Aka.point = CFG.aka[akan].point; - sprintf(tic.Aka.domain, "%s", CFG.aka[akan].domain); + snprintf(tic.Aka.domain, 13, "%s", CFG.aka[akan].domain); if (SaveTicRec(areanr, FALSE) == 0) { Done++; Syslog('+', "Area %s now uses aka %s", tic.Name, aka2str(tic.Aka)); @@ -828,16 +828,16 @@ int EditTicRec(int Area) for (;;) { - sprintf(temp, "%s/etc/fareas.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/fareas.data", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) != NULL) { fread(&areahdr, sizeof(areahdr), 1, fp); fseek(fp, ((tic.FileArea - 1) * areahdr.recsize) + areahdr.hdrsize, SEEK_SET); fread(&area, areahdr.recsize, 1, fp); - sprintf(temp, "%ld: %s", tic.FileArea, area.Name); + snprintf(temp, 81, "%ld: %s", tic.FileArea, area.Name); temp[24] = '\0'; fclose(fp); } else { - sprintf(temp, "%ld", tic.FileArea); + snprintf(temp, 81, "%ld", tic.FileArea); } set_color(WHITE, BLACK); @@ -1031,7 +1031,7 @@ void EditTicarea(void) mbse_mvprintw( 5, 3, "10.2 TIC AREA SETUP"); set_color(CYAN, BLACK); if (records != 0) { - sprintf(temp, "%s/etc/tic.temp", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/tic.temp", getenv("MBSE_ROOT")); working(1, 0, 0); if ((fil = fopen(temp, "r")) != NULL) { fread(&tichdr, sizeof(tichdr), 1, fil); @@ -1044,11 +1044,11 @@ void EditTicarea(void) fread(&tic, tichdr.recsize, 1, fil); if (tic.Active) { set_color(CYAN, BLACK); - sprintf(temp, "%3d. %-20s %-40s", o + i, tic.Name, tic. + snprintf(temp, 81, "%3d. %-20s %-40s", o + i, tic.Name, tic. Comment); } else { set_color(LIGHTBLUE, BLACK); - sprintf(temp, "%3d.", o + i); + snprintf(temp, 81, "%3d.", o + i); } mbse_mvprintw(y, 2, temp); y++; @@ -1134,12 +1134,12 @@ char *PickTicarea(char *shdr) for(;;) { clr_index(); set_color(WHITE, BLACK); - sprintf(temp, "%s. TIC AREA SELECT", shdr); + snprintf(temp, 81, "%s. TIC AREA SELECT", shdr); mbse_mvprintw(5, 3, temp); set_color(CYAN, BLACK); if (records) { - sprintf(temp, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/tic.data", getenv("MBSE_ROOT")); working(1, 0, 0); if ((fil = fopen(temp, "r")) != NULL) { fread(&tichdr, sizeof(tichdr), 1, fil); @@ -1155,7 +1155,7 @@ char *PickTicarea(char *shdr) set_color(CYAN, BLACK); else set_color(LIGHTBLUE, BLACK); - sprintf(temp, "%3d. %-20s %-40s", o + i, tic.Name, tic.Comment); + snprintf(temp, 81, "%3d. %-20s %-40s", o + i, tic.Name, tic.Comment); mbse_mvprintw(y, x, temp); y++; } @@ -1177,7 +1177,7 @@ char *PickTicarea(char *shdr) o -= 10; if ((atoi(pick) >= 1) && (atoi(pick) <= records)) { - sprintf(temp, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/tic.data", getenv("MBSE_ROOT")); if ((fil = fopen(temp, "r")) != NULL) { offset = tichdr.hdrsize + ((atoi(pick) -1) * (tichdr.recsize + tichdr.syssize)); fseek(fil, offset, SEEK_SET); @@ -1185,7 +1185,7 @@ char *PickTicarea(char *shdr) fclose(fil); if (tic.Active) { memset(&Buf, 0, sizeof(Buf)); - sprintf(Buf, "%s", tic.Name); + snprintf(Buf, 81, "%s", tic.Name); return Buf; } } @@ -1201,7 +1201,7 @@ int GroupInTic(char *Group) FILE *no; int systems, Area = 0, RetVal = 0; - sprintf(temp, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/tic.data", getenv("MBSE_ROOT")); if ((no = fopen(temp, "r")) == NULL) return 0; @@ -1234,7 +1234,7 @@ int NodeInTic(fidoaddr A) char temp[PATH_MAX]; sysconnect S; - sprintf(temp, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/tic.data", getenv("MBSE_ROOT")); if ((no = fopen(temp, "r")) == NULL) return 0; @@ -1268,7 +1268,7 @@ int tic_areas_doc(FILE *fp, FILE *toc, int page) int refs, i, k, nr, systems, First = TRUE; sysconnect System; - sprintf(temp, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/tic.data", getenv("MBSE_ROOT")); if ((no = fopen(temp, "r")) == NULL) return page; @@ -1295,7 +1295,7 @@ int tic_areas_doc(FILE *fp, FILE *toc, int page) } else fprintf(fp, "\n\n"); - sprintf(temp, "ticarea_%s.html", tic.Name); + snprintf(temp, 81, "ticarea_%s.html", tic.Name); fprintf(ip, " %s%s%s\n", temp, tic.Name, tic.Comment, getboolean(tic.Active)); if ((wp = open_webdoc(temp, (char *)"TIC Area", tic.Comment))) { @@ -1307,7 +1307,7 @@ int tic_areas_doc(FILE *fp, FILE *toc, int page) add_webtable(wp, (char *)"Area tag", tic.Name); add_webtable(wp, (char *)"Active", getboolean(tic.Active)); add_webtable(wp, (char *)"Comment", tic.Comment); - sprintf(temp, "%s/etc/fareas.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/fareas.data", getenv("MBSE_ROOT")); if ((ti = fopen(temp, "r"))) { fread(&areahdr, sizeof(areahdr), 1, ti); fseek(ti, areahdr.hdrsize + (areahdr.recsize * (tic.FileArea -1)), SEEK_SET); @@ -1393,7 +1393,7 @@ int tic_areas_doc(FILE *fp, FILE *toc, int page) status[2] = 'P'; fprintf(fp, " Link %2d %s %s\n", i+1, status, aka2str(System.aka)); if (wp != NULL) { - sprintf(temp, "%s/etc/nodes.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/nodes.data", getenv("MBSE_ROOT")); if ((ti = fopen(temp, "r"))) { fread(&nodeshdr, sizeof(nodeshdr), 1, ti); fseek(ti, 0, SEEK_SET); @@ -1428,7 +1428,7 @@ int tic_areas_doc(FILE *fp, FILE *toc, int page) fprintf(wp, "
\n"); fprintf(wp, "

Hatch References

\n"); - sprintf(temp, "%s/etc/hatch.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/hatch.data", getenv("MBSE_ROOT")); nr = refs = 0; if ((ti = fopen(temp, "r"))) { fread(&hatchhdr, sizeof(hatchhdr), 1, ti); @@ -1441,7 +1441,7 @@ int tic_areas_doc(FILE *fp, FILE *toc, int page) fprintf(wp, "\n"); } refs++; - sprintf(temp, "hatch_%d.html", nr); + snprintf(temp, 81, "hatch_%d.html", nr); fprintf(wp, "Hatch %d%s\n", temp, nr, hatch.Spec); } @@ -1457,7 +1457,7 @@ int tic_areas_doc(FILE *fp, FILE *toc, int page) fprintf(wp, "
\n"); fprintf(wp, "

Magic References

\n"); - sprintf(temp, "%s/etc/magic.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX, "%s/etc/magic.data", getenv("MBSE_ROOT")); nr = refs = 0; if ((ti = fopen(temp, "r"))) { fread(&magichdr, sizeof(magichdr), 1, ti); @@ -1470,7 +1470,7 @@ int tic_areas_doc(FILE *fp, FILE *toc, int page) fprintf(wp, "\n"); } refs++; - sprintf(temp, "magic_%d.html", nr); + snprintf(temp, 81, "magic_%d.html", nr); fprintf(wp, "Magic %d(%s) %s\n", temp, nr, getmagictype(magic.Attrib), magic.Mask); }