From 9cf1e6ee36a50201c301e6996861252907148050 Mon Sep 17 00:00:00 2001 From: Michiel Broek Date: Sun, 28 Aug 2005 11:56:06 +0000 Subject: [PATCH] Secured sprintf with snprintf --- mbfido/makestat.c | 52 +++++++++++++++++++++++------------------------ mbfido/mbfindex.c | 6 +++--- mbfido/sendmail.c | 14 ++++++------- mbfido/tic.c | 12 +++++------ mbfido/toberep.c | 4 ++-- mbfido/tracker.c | 14 ++++++------- mbfido/utic.c | 16 +++++++-------- mbfido/virscan.c | 8 ++++---- 8 files changed, 63 insertions(+), 63 deletions(-) diff --git a/mbfido/makestat.c b/mbfido/makestat.c index 45ff0112..1b58ebc4 100644 --- a/mbfido/makestat.c +++ b/mbfido/makestat.c @@ -49,7 +49,7 @@ FILE *newpage(char *Name, FILE *fi) later = time(NULL) + 86400; temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/stat/%s.temp", CFG.www_root, Name); + snprintf(temp, PATH_MAX -1, "%s/stat/%s.temp", CFG.www_root, Name); mkdirs(temp, 0755); if ((fa = fopen(temp, "w")) == NULL) { @@ -79,8 +79,8 @@ void closepage(FILE *fa, char *Name, FILE *fi) temp2 = calloc(PATH_MAX, sizeof(char)); MacroRead(fi, fa); fclose(fa); - sprintf(temp1, "%s/stat/%s.html", CFG.www_root, Name); - sprintf(temp2, "%s/stat/%s.temp", CFG.www_root, Name); + snprintf(temp1, PATH_MAX -1, "%s/stat/%s.html", CFG.www_root, Name); + snprintf(temp2, PATH_MAX -1, "%s/stat/%s.temp", CFG.www_root, Name); rename(temp2, temp1); chmod(temp1, 0644); free(temp2); @@ -97,10 +97,10 @@ char *adate(time_t now) struct tm ptm; if (now == 0L) { - sprintf(buf, " "); + snprintf(buf, 39, " "); } else { ptm = *localtime(&now); - sprintf(buf, "%02d-%02d-%04d %02d:%02d", ptm.tm_mday, ptm.tm_mon +1, ptm.tm_year + 1900, ptm.tm_hour, ptm.tm_min); + snprintf(buf, 39, "%02d-%02d-%04d %02d:%02d", ptm.tm_mday, ptm.tm_mon +1, ptm.tm_year + 1900, ptm.tm_hour, ptm.tm_min); } return buf; } @@ -133,7 +133,7 @@ void MakeStat(void) else Lm = Miy -1; - sprintf(name, "%s/etc/mgroups.data", getenv("MBSE_ROOT")); + snprintf(name, PATH_MAX -1, "%s/etc/mgroups.data", getenv("MBSE_ROOT")); if ((fg = fopen(name, "r")) == NULL) { WriteError("Can't open %s", name); } else { @@ -147,9 +147,9 @@ void MakeStat(void) while ((fread(&mgroup, mgrouphdr.recsize, 1, fg)) == 1) { if (mgroup.Active) { fseek(fi, fileptr, SEEK_SET); - html_massage(mgroup.Name, name); + html_massage(mgroup.Name, name, PATH_MAX -1); MacroVars("b", "s", name); - html_massage(mgroup.Comment, name); + html_massage(mgroup.Comment, name, PATH_MAX -1); MacroVars("c", "s", name); MacroVars("d", "s", mgroup.UseAka.zone ? aka2str(mgroup.UseAka):" "); MacroVars("e", "s", adate(mgroup.LastDate)); @@ -174,7 +174,7 @@ void MakeStat(void) printf("."); fflush(stdout); } - sprintf(name, "%s/etc/mareas.data", getenv("MBSE_ROOT")); + snprintf(name, PATH_MAX -1, "%s/etc/mareas.data", getenv("MBSE_ROOT")); if ((fg = fopen(name, "r")) == NULL) { WriteError("$Can't open %s", name); } else { @@ -196,11 +196,11 @@ void MakeStat(void) } fseek(fi, fileptr, SEEK_SET); MacroVars("b", "d", Area); - html_massage(msgs.Name, name); + html_massage(msgs.Name, name, PATH_MAX -1); MacroVars("c", "s", strlen(name) ? name:" "); - html_massage(msgs.Tag, name); + html_massage(msgs.Tag, name, PATH_MAX -1); MacroVars("d", "s", strlen(name) ? name:" "); - html_massage(msgs.Group, name); + html_massage(msgs.Group, name, PATH_MAX -1); MacroVars("e", "s", strlen(name) ? name:" "); MacroVars("f", "s", adate(msgs.LastRcvd)); MacroVars("g", "d", msgs.Received.lweek); @@ -225,7 +225,7 @@ void MakeStat(void) printf("."); fflush(stdout); } - sprintf(name, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); + snprintf(name, PATH_MAX -1, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); if ((fg = fopen(name, "r")) == NULL) { WriteError("$Can't open %s", name); } else { @@ -238,9 +238,9 @@ void MakeStat(void) while ((fread(&fgroup, fgrouphdr.recsize, 1, fg)) == 1) { if (fgroup.Active) { fseek(fi, fileptr, SEEK_SET); - html_massage(fgroup.Name, name); + html_massage(fgroup.Name, name, PATH_MAX -1); MacroVars("b", "s", name); - html_massage(fgroup.Comment, name); + html_massage(fgroup.Comment, name, PATH_MAX -1); MacroVars("c", "s", name); MacroVars("d", "s", fgroup.UseAka.zone ? aka2str(fgroup.UseAka):" "); MacroVars("e", "s", adate(fgroup.LastDate)); @@ -265,7 +265,7 @@ void MakeStat(void) printf("."); fflush(stdout); } - sprintf(name, "%s/etc/tic.data", getenv("MBSE_ROOT")); + snprintf(name, PATH_MAX -1, "%s/etc/tic.data", getenv("MBSE_ROOT")); if ((fg = fopen(name, "r")) == NULL) { WriteError("$Can't open %s", name); } else { @@ -278,11 +278,11 @@ void MakeStat(void) while ((fread(&tic, tichdr.recsize, 1, fg)) == 1) { if (tic.Active) { fseek(fi, fileptr, SEEK_SET); - html_massage(tic.Comment, name); + html_massage(tic.Comment, name, PATH_MAX -1); MacroVars("b", "s", name); - html_massage(tic.Name, name); + html_massage(tic.Name, name, PATH_MAX -1); MacroVars("c", "s", name); - html_massage(tic.Group, name); + html_massage(tic.Group, name, PATH_MAX -1); MacroVars("d", "s", name); MacroVars("e", "s", adate(tic.LastAction)); MacroVars("f", "d", tic.Files.lweek); @@ -307,7 +307,7 @@ void MakeStat(void) printf("."); fflush(stdout); } - sprintf(name, "%s/etc/nodes.data", getenv("MBSE_ROOT")); + snprintf(name, PATH_MAX -1, "%s/etc/nodes.data", getenv("MBSE_ROOT")); if ((fg = fopen(name, "r")) == NULL) { WriteError("$Can't open %s", name); } else { @@ -328,7 +328,7 @@ void MakeStat(void) else q = xstrcpy((char *)"Normal"); MacroVars("b", "s", aka2str(nodes.Aka[0])); - html_massage(nodes.Sysop, name); + html_massage(nodes.Sysop, name, PATH_MAX -1); MacroVars("c", "s", name); MacroVars("d", "s", q); MacroVars("e", "s", p); @@ -355,7 +355,7 @@ void MakeStat(void) printf("."); fflush(stdout); } - sprintf(name, "%s/var/mailer.hist", getenv("MBSE_ROOT")); + snprintf(name, PATH_MAX -1, "%s/var/mailer.hist", getenv("MBSE_ROOT")); if ((fg = fopen(name, "r")) == NULL) { WriteError("$Can't open %s", name); } else { @@ -376,11 +376,11 @@ void MakeStat(void) if (!strcmp(hist.aka.domain, "(null)")) hist.aka.domain[0] = '\0'; MacroVars("c", "s", hist.aka.zone ? aka2str(hist.aka):" "); - html_massage(hist.system_name, name); + html_massage(hist.system_name, name, PATH_MAX -1); MacroVars("d", "s", strlen(name) ? name:" "); - html_massage(hist.sysop, name); + html_massage(hist.sysop, name, PATH_MAX -1); MacroVars("e", "s", strlen(name) ? name:" "); - html_massage(hist.location, name); + html_massage(hist.location, name, PATH_MAX -1); MacroVars("f", "s", strlen(name) ? name:" "); MacroVars("g", "s", strlen(hist.tty) ? hist.tty:" "); MacroVars("h", "s", adate(hist.online)); @@ -407,7 +407,7 @@ void MakeStat(void) printf("."); fflush(stdout); } - sprintf(name, "%s/etc/sysinfo.data", getenv("MBSE_ROOT")); + snprintf(name, PATH_MAX -1, "%s/etc/sysinfo.data", getenv("MBSE_ROOT")); if ((fg = fopen(name, "r")) != NULL ) { if ((fi = OpenMacro("html.sysinfo", 'E', TRUE)) == NULL) { Syslog('+', "Can't open macro file, skipping html pages creation"); diff --git a/mbfido/mbfindex.c b/mbfido/mbfindex.c index 9516abb8..2a9e19d2 100644 --- a/mbfido/mbfindex.c +++ b/mbfido/mbfindex.c @@ -272,7 +272,7 @@ FILE *newpage(char *Path, char *Name, time_t later, int inArea, int Current, FIL WriteError("$Can't create %s", linebuf); } else { sprintf(linebuf, "%s", Name); - html_massage(linebuf, outbuf); + html_massage(linebuf, outbuf, 1023); MacroVars("ab", "ss", rfcdate(later), outbuf); pagelink(fa, Path, inArea, Current); MacroRead(fi, fa); @@ -722,7 +722,7 @@ void HtmlIndex(char *Lang) k += 1; } sprintf(linebuf, "%s", To_Html(fdb.Desc[j])); - html_massage(linebuf, outbuf); + html_massage(linebuf, outbuf, 1023); sprintf(desc+k, "%s", outbuf); k += strlen(outbuf); } @@ -781,7 +781,7 @@ void HtmlIndex(char *Lang) } strcpy(linebuf, area.Name); - html_massage(linebuf, namebuf); + html_massage(linebuf, namebuf, 1023); sprintf(linebuf, "%s/%s%s/index.html", CFG.www_url, CFG.www_link2ftp, area.Path+strlen(CFG.ftp_base)); if (aSize > 1048576) sprintf(outbuf, "%ld Mb.", aSize / 1048576); diff --git a/mbfido/sendmail.c b/mbfido/sendmail.c index 849924ab..0e4f7d70 100644 --- a/mbfido/sendmail.c +++ b/mbfido/sendmail.c @@ -4,7 +4,7 @@ * Purpose ...............: Output a netmail to one of our links. * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -60,14 +60,14 @@ FILE *SendMgrMail(faddr *t, int Keep, int FileAttach, char *bymgr, char *subj, c Orig.net = From.net; Orig.node = From.node; Orig.point = From.point; - sprintf(Orig.domain, "%s", From.domain); + snprintf(Orig.domain, 12, "%s", From.domain); memset(&Dest, 0, sizeof(Dest)); Dest.zone = t->zone; Dest.net = t->net; Dest.node = t->node; Dest.point = t->point; - sprintf(Dest.domain, "%s", t->domain); + snprintf(Dest.domain, 12, "%s", t->domain); if (!SearchNode(Dest)) { Syslog('!', "SendMgrMail(): Can't find node %s", aka2str(Dest)); @@ -90,13 +90,13 @@ FILE *SendMgrMail(faddr *t, int Keep, int FileAttach, char *bymgr, char *subj, c memset(&ext, 0, sizeof(ext)); if (nodes.PackNetmail) - sprintf(ext, (char *)"qqq"); + snprintf(ext, 3, (char *)"qqq"); else if (nodes.Crash) - sprintf(ext, (char *)"ccc"); + snprintf(ext, 3, (char *)"ccc"); else if (nodes.Hold) - sprintf(ext, (char *)"hhh"); + snprintf(ext, 3, (char *)"hhh"); else - sprintf(ext, (char *)"nnn"); + snprintf(ext, 3, (char *)"nnn"); if ((qp = OpenPkt(Orig, Dest, (char *)ext)) == NULL) return NULL; diff --git a/mbfido/tic.c b/mbfido/tic.c index 4eb4c42a..f2e0af9f 100644 --- a/mbfido/tic.c +++ b/mbfido/tic.c @@ -173,7 +173,7 @@ int LoadTic(char *inb, char *tfn) memset(&TIC, 0, sizeof(TIC)); memset(&T_File, 0, sizeof(T_File)); - sprintf(TIC.Inbound, "%s", inb); + snprintf(TIC.Inbound, PATH_MAX, "%s", inb); strncpy(TIC.TicName, tfn, 12); chdir(inb); @@ -247,7 +247,7 @@ int LoadTic(char *inb, char *tfn) } else if (strncasecmp(Temp, "crc ", 4) == 0) { TIC.Crc_Int = strtoul(Temp+4, (char **)NULL, 16); - sprintf(TIC.TicIn.Crc, "%08lX", TIC.Crc_Int); + snprintf(TIC.TicIn.Crc, 8, "%08lX", TIC.Crc_Int); strcpy(T_File.Crc, TIC.TicIn.Crc); } else if (strncasecmp(Temp, "pw ", 3) == 0) { @@ -406,7 +406,7 @@ int LoadTic(char *inb, char *tfn) /* * Try to move the hatched file to the inbound */ - sprintf(Temp, "%s/%s", TIC.TicIn.Pth, TIC.TicIn.FullName); + snprintf(Temp, bufsize, "%s/%s", TIC.TicIn.Pth, TIC.TicIn.FullName); if (file_exist(Temp, R_OK) == 0) { strcpy(RealName, TIC.TicIn.FullName); } else { @@ -414,7 +414,7 @@ int LoadTic(char *inb, char *tfn) tidy_falist(&sbl); return 2; } - sprintf(Temp2, "%s/%s", TIC.Inbound, TIC.TicIn.FullName); + snprintf(Temp2, PATH_MAX -1, "%s/%s", TIC.Inbound, TIC.TicIn.FullName); if ((rc = file_mv(Temp, Temp2))) { WriteError("Can't move %s to inbound: %s", Temp, strerror(rc)); tidy_falist(&sbl); @@ -467,8 +467,8 @@ int LoadTic(char *inb, char *tfn) * It may be a LFN but also a case difference. The whole tic * processing is based on 8.3 filenames. */ - sprintf(Temp, "%s/%s", TIC.Inbound, RealName); - sprintf(Temp2, "%s/%s", TIC.Inbound, TIC.TicIn.File); + snprintf(Temp, bufsize, "%s/%s", TIC.Inbound, RealName); + snprintf(Temp2, PATH_MAX -1, "%s/%s", TIC.Inbound, TIC.TicIn.File); if (rename(Temp, Temp2)) WriteError("$Can't rename %s to %s", Temp, Temp2); else diff --git a/mbfido/toberep.c b/mbfido/toberep.c index 773166b6..55b735fd 100644 --- a/mbfido/toberep.c +++ b/mbfido/toberep.c @@ -4,7 +4,7 @@ * Purpose ...............: Add a file to the To-Be-Reported database * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -47,7 +47,7 @@ int Add_ToBeRep(struct _filerecord report) int rc, Found = FALSE; fname = calloc(PATH_MAX, sizeof(char)); - sprintf(fname, "%s/etc/toberep.data", getenv("MBSE_ROOT")); + snprintf(fname, PATH_MAX -1, "%s/etc/toberep.data", getenv("MBSE_ROOT")); if ((tbr = fopen(fname, "r+")) == NULL) { if ((tbr = fopen(fname, "a+")) == NULL) { WriteError("$Can't create %s", fname); diff --git a/mbfido/tracker.c b/mbfido/tracker.c index 0e60e2e9..29054414 100644 --- a/mbfido/tracker.c +++ b/mbfido/tracker.c @@ -168,7 +168,7 @@ int GetTableRoute(char *ftn, fidoaddr *res) * Check routing table */ temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/etc/route.data", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/etc/route.data", getenv("MBSE_ROOT")); if ((fil = fopen(temp, "r")) == NULL) { free(temp); return R_NOROUTE; @@ -327,7 +327,7 @@ int TrackMail(fidoaddr too, fidoaddr *routeto) routeto->net = nodes.RouteVia.net; routeto->node = nodes.RouteVia.node; routeto->point = nodes.RouteVia.point; - sprintf(routeto->domain, "%s", nodes.RouteVia.domain); + snprintf(routeto->domain, 12, "%s", nodes.RouteVia.domain); } else { for (i = 0; i < 20; i++) if (routeto->zone == nodes.Aka[i].zone) @@ -336,7 +336,7 @@ int TrackMail(fidoaddr too, fidoaddr *routeto) routeto->net = nodes.Aka[i].net; routeto->node = nodes.Aka[i].node; routeto->point = nodes.Aka[i].point; - sprintf(routeto->domain, "%s", nodes.Aka[i].domain); + snprintf(routeto->domain, 12, "%s", nodes.Aka[i].domain); } Syslog('r', "Final routing to: %s", aka2str(*routeto)); return R_ROUTE; @@ -473,7 +473,7 @@ int GetRoute(char *ftn, fidoaddr *res) dir.net = dest->net; dir.node = dest->node; dir.point = dest->point; - sprintf(dir.domain, "%s", dest->domain); + snprintf(dir.domain, 12, "%s", dest->domain); /* * First direct match @@ -557,7 +557,7 @@ int GetRoute(char *ftn, fidoaddr *res) */ if (me_host != -1) { Syslog('r', "We are a host"); - sprintf(res->domain, "%s", CFG.aka[me_host].domain); + snprintf(res->domain, 12, "%s", CFG.aka[me_host].domain); if (((myregion != dnlent->region) && (!(dnlent->pflag & NL_DUMMY))) || (CFG.aka[me_host].zone != dest->zone)) { res->zone = CFG.aka[me_host].zone; res->net = myregion; @@ -611,7 +611,7 @@ int GetRoute(char *ftn, fidoaddr *res) */ if (me_hub != -1) { Syslog('r', "We are a hub"); - sprintf(res->domain, "%s", CFG.aka[me_hub].domain); + snprintf(res->domain, 12, "%s", CFG.aka[me_hub].domain); if ((dnlent->upnode == CFG.aka[me_hub].node) && (dnlent->upnet == CFG.aka[me_hub].net) && (dnlent->addr.zone == CFG.aka[me_hub].zone)) { res->zone = dest->zone; @@ -648,7 +648,7 @@ int GetRoute(char *ftn, fidoaddr *res) res->zone = bnlent->addr.zone; res->net = bnlent->upnet; res->node = bnlent->upnode; - sprintf(res->domain, "%s", bnlent->addr.domain); + snprintf(res->domain, 12, "%s", bnlent->addr.domain); Syslog('+', "R: %s => %s", ascfnode(dest, 0xff), aka2str(*res)); if (bnlent->addr.domain) free(bnlent->addr.domain); diff --git a/mbfido/utic.c b/mbfido/utic.c index baf307f7..6a34cab3 100644 --- a/mbfido/utic.c +++ b/mbfido/utic.c @@ -4,7 +4,7 @@ * Purpose ...............: Utilities for tic processing * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -45,7 +45,7 @@ char *MakeTicName() static char buf[13]; buf[12] = '\0'; - sprintf(buf, "%08lx.tic", sequencer()); + snprintf(buf, 12, "%08lx.tic", sequencer()); buf[0] = 'm'; buf[1] = 'b'; @@ -112,7 +112,7 @@ int Rearc(char *unarc) Syslog('f' , "NewFile=\"%s\", NewFullName=\"%s\"", TIC.NewFile, TIC.NewFullName); - sprintf(temp, "%s/%s .", TIC.Inbound, TIC.NewFile); + snprintf(temp, PATH_MAX -1, "%s/%s .", TIC.Inbound, TIC.NewFile); if (execute_str(cmd, temp, (char *)NULL, (char *)"/dev/null", (char *)"/dev/null", (char *)"/dev/null") == 0) { free(cmd); return TRUE; @@ -138,7 +138,7 @@ void DeleteVirusWork() buf = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char)); getcwd(buf, PATH_MAX); - sprintf(temp, "%s/tmp", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/tmp", getenv("MBSE_ROOT")); if (chdir(temp) == 0) { Syslog('f', "DeleteVirusWork %s/arc", temp); @@ -160,7 +160,7 @@ void Bad(char *format, ...) va_list va_ptr; va_start(va_ptr, format); - vsprintf(outstr, format, va_ptr); + vsnprintf(outstr, 1023, format, va_ptr); va_end(va_ptr); WriteError(outstr); @@ -173,7 +173,7 @@ void Bad(char *format, ...) void ReCalcCrc(char *fn) { TIC.Crc_Int = file_crc(fn, CFG.slow_util && do_quiet); - sprintf(TIC.TicIn.Crc, "%08lX", TIC.Crc_Int); + snprintf(TIC.TicIn.Crc, 8, "%08lX", TIC.Crc_Int); strcpy(T_File.Crc, TIC.TicIn.Crc); } @@ -187,9 +187,9 @@ int Get_File_Id() int i, j, lines = 0; temp = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/tmp/FILE_ID.DIZ", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/tmp/FILE_ID.DIZ", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { - sprintf(temp, "%s/tmp/file_id.diz", getenv("MBSE_ROOT")); + snprintf(temp, PATH_MAX -1, "%s/tmp/file_id.diz", getenv("MBSE_ROOT")); if ((fp = fopen(temp, "r")) == NULL) { free(temp); return FALSE; diff --git a/mbfido/virscan.c b/mbfido/virscan.c index bc55e6af..fa2a83f7 100644 --- a/mbfido/virscan.c +++ b/mbfido/virscan.c @@ -4,7 +4,7 @@ * Purpose ...............: Scan for virusses * ***************************************************************************** - * Copyright (C) 1997-2004 + * Copyright (C) 1997-2005 * * Michiel Broek FIDO: 2:280/2802 * Beekmansbos 10 @@ -48,9 +48,9 @@ int VirScan(char *path) stdlog = calloc(PATH_MAX, sizeof(char)); errlog = calloc(PATH_MAX, sizeof(char)); - sprintf(temp, "%s/etc/virscan.data", getenv("MBSE_ROOT")); - sprintf(stdlog, "%s/tmp/stdlog%d", getenv("MBSE_ROOT"), mypid); - sprintf(errlog, "%s/tmp/errlog%d", getenv("MBSE_ROOT"), mypid); + snprintf(temp, PATH_MAX -1, "%s/etc/virscan.data", getenv("MBSE_ROOT")); + snprintf(stdlog, PATH_MAX -1, "%s/tmp/stdlog%d", getenv("MBSE_ROOT"), mypid); + snprintf(errlog, PATH_MAX -1, "%s/tmp/errlog%d", getenv("MBSE_ROOT"), mypid); if ((fp = fopen(temp, "r")) == NULL) { WriteError("No virus scanners defined");