Secured sprintf with snprintf

This commit is contained in:
Michiel Broek 2005-08-29 21:03:28 +00:00
parent 69e994bee9
commit a1bd379fdd
14 changed files with 281 additions and 278 deletions

View File

@ -4,7 +4,7 @@
* Purpose ...............: Read mailer last call status * Purpose ...............: Read mailer last call status
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -44,13 +44,13 @@ char *stsname(faddr *addr)
char *p, *domain=NULL, zpref[8]; char *p, *domain=NULL, zpref[8];
int i; int i;
sprintf(buf, "%s", CFG.outbound); snprintf(buf, PATH_MAX, "%s", CFG.outbound);
if (CFG.addr4d) { if (CFG.addr4d) {
if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone)) if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone))
zpref[0] = '\0'; zpref[0] = '\0';
else else
sprintf(zpref, ".%03x", addr->zone); snprintf(zpref, 8, ".%03x", addr->zone);
} else { } else {
/* /*
* If we got a 5d address we use the given domain, if * If we got a 5d address we use the given domain, if
@ -85,7 +85,7 @@ char *stsname(faddr *addr)
if (CFG.aka[i].zone == addr->zone) if (CFG.aka[i].zone == addr->zone)
zpref[0] = '\0'; zpref[0] = '\0';
else else
sprintf(zpref, ".%03x", addr->zone); snprintf(zpref, 8, ".%03x", addr->zone);
} else { } else {
/* /*
* this is our primary domain * this is our primary domain
@ -93,16 +93,16 @@ char *stsname(faddr *addr)
if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone)) if ((addr->zone == 0) || (addr->zone == CFG.aka[0].zone))
zpref[0]='\0'; zpref[0]='\0';
else else
sprintf(zpref,".%03x",addr->zone); snprintf(zpref, 8, ".%03x",addr->zone);
} }
} }
p = buf + strlen(buf); p = buf + strlen(buf);
if (addr->point) if (addr->point)
sprintf(p,"%s/%04x%04x.pnt/%08x.sts", zpref,addr->net,addr->node,addr->point); snprintf(p, PATH_MAX - strlen(buf), "%s/%04x%04x.pnt/%08x.sts", zpref,addr->net,addr->node,addr->point);
else else
sprintf(p,"%s/%04x%04x.sts",zpref,addr->net,addr->node); snprintf(p, PATH_MAX - strlen(buf), "%s/%04x%04x.sts",zpref,addr->net,addr->node);
if (domain) if (domain)
free(domain); free(domain);

View File

@ -4,7 +4,7 @@
* Purpose ...............: MBSE BBS Task Manager * Purpose ...............: MBSE BBS Task Manager
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -146,58 +146,58 @@ void load_maincfg(void)
/* /*
* Fill Registration defaults * Fill Registration defaults
*/ */
sprintf(CFG.bbs_name, "MBSE BBS"); snprintf(CFG.bbs_name, 36, "MBSE BBS");
uname((struct utsname *)&un); uname((struct utsname *)&un);
#if defined(__USE_GNU) #if defined(__USE_GNU)
sprintf(CFG.sysdomain, "%s.%s", un.nodename, un.domainname); snprintf(CFG.sysdomain, 36, "%s.%s", un.nodename, un.domainname);
#elif defined(__linux__) #elif defined(__linux__)
sprintf(CFG.sysdomain, "%s.%s", un.nodename, un.__domainname); snprintf(CFG.sysdomain, 36, "%s.%s", un.nodename, un.__domainname);
#elif defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) #elif defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
sprintf(CFG.sysdomain, "%s", un.nodename); /* No domain in FreeBSD */ snprintf(CFG.sysdomain, 36, "%s", un.nodename); /* No domain in FreeBSD */
#else #else
#error "Don't know un.domainname on this OS" #error "Don't know un.domainname on this OS"
#endif #endif
sprintf(CFG.comment, "MBSE BBS development"); snprintf(CFG.comment, 56, "MBSE BBS development");
sprintf(CFG.origin, "MBSE BBS. Made in the Netherlands"); snprintf(CFG.origin, 51, "MBSE BBS. Made in the Netherlands");
sprintf(CFG.location, "Earth"); snprintf(CFG.location, 36, "Earth");
/* /*
* Fill Filenames defaults * Fill Filenames defaults
*/ */
sprintf(CFG.logfile, "system.log"); snprintf(CFG.logfile, 15, "system.log");
sprintf(CFG.error_log, "error.log"); snprintf(CFG.error_log, 15, "error.log");
sprintf(CFG.default_menu, "main.mnu"); snprintf(CFG.default_menu, 15, "main.mnu");
sprintf(CFG.current_language, "english.lang"); snprintf(CFG.current_language, 15, "english.lang");
sprintf(CFG.chat_log, "chat.log"); snprintf(CFG.chat_log, 15, "chat.log");
sprintf(CFG.welcome_logo, "logo.asc"); snprintf(CFG.welcome_logo, 15, "logo.asc");
sprintf(CFG.mgrlog, "manager.log"); snprintf(CFG.mgrlog, 15, "manager.log");
sprintf(CFG.debuglog, "debug.log"); snprintf(CFG.debuglog, 15, "debug.log");
/* /*
* Fill Global defaults * Fill Global defaults
*/ */
sprintf(CFG.bbs_menus, "%s/english/menus", getenv("MBSE_ROOT")); snprintf(CFG.bbs_menus, 65, "%s/english/menus", getenv("MBSE_ROOT"));
sprintf(CFG.bbs_txtfiles, "%s/english/txtfiles", getenv("MBSE_ROOT")); snprintf(CFG.bbs_txtfiles, 65, "%s/english/txtfiles", getenv("MBSE_ROOT"));
sprintf(CFG.bbs_macros, "%s/english/macro", getenv("MBSE_ROOT")); snprintf(CFG.bbs_macros, 65, "%s/english/macro", getenv("MBSE_ROOT"));
sprintf(CFG.bbs_usersdir, "%s/home", getenv("MBSE_ROOT")); snprintf(CFG.bbs_usersdir, 65, "%s/home", getenv("MBSE_ROOT"));
sprintf(CFG.nodelists, "%s/var/nodelist", getenv("MBSE_ROOT")); snprintf(CFG.nodelists, 65, "%s/var/nodelist", getenv("MBSE_ROOT"));
sprintf(CFG.inbound, "%s/var/unknown", getenv("MBSE_ROOT")); snprintf(CFG.inbound, 65, "%s/var/unknown", getenv("MBSE_ROOT"));
sprintf(CFG.pinbound, "%s/var/inbound", getenv("MBSE_ROOT")); snprintf(CFG.pinbound, 65, "%s/var/inbound", getenv("MBSE_ROOT"));
sprintf(CFG.outbound, "%s/var/bso/outbound", getenv("MBSE_ROOT")); snprintf(CFG.outbound, 65, "%s/var/bso/outbound", getenv("MBSE_ROOT"));
sprintf(CFG.msgs_path, "%s/var/msgs", getenv("MBSE_ROOT")); snprintf(CFG.msgs_path, 65, "%s/var/msgs", getenv("MBSE_ROOT"));
sprintf(CFG.uxpath, "%s", getenv("MBSE_ROOT")); snprintf(CFG.uxpath, 65, "%s", getenv("MBSE_ROOT"));
sprintf(CFG.badtic, "%s/var/badtic", getenv("MBSE_ROOT")); snprintf(CFG.badtic, 65, "%s/var/badtic", getenv("MBSE_ROOT"));
sprintf(CFG.ticout, "%s/var/ticqueue", getenv("MBSE_ROOT")); snprintf(CFG.ticout, 65, "%s/var/ticqueue", getenv("MBSE_ROOT"));
sprintf(CFG.req_magic, "%s/var/magic", getenv("MBSE_ROOT")); snprintf(CFG.req_magic, 65, "%s/var/magic", getenv("MBSE_ROOT"));
sprintf(CFG.alists_path, "%s/var/arealists", getenv("MBSE_ROOT")); snprintf(CFG.alists_path, 65, "%s/var/arealists", getenv("MBSE_ROOT"));
sprintf(CFG.out_queue, "%s/var/queue", getenv("MBSE_ROOT")); snprintf(CFG.out_queue, 65, "%s/var/queue", getenv("MBSE_ROOT"));
sprintf(CFG.rulesdir, "%s/var/rules", getenv("MBSE_ROOT")); snprintf(CFG.rulesdir, 65, "%s/var/rules", getenv("MBSE_ROOT"));
CFG.leavecase = TRUE; CFG.leavecase = TRUE;
/* /*
* Newfiles reports * Newfiles reports
*/ */
sprintf(CFG.ftp_base, "%s/ftp/pub", getenv("MBSE_ROOT")); snprintf(CFG.ftp_base, 65, "%s/ftp/pub", getenv("MBSE_ROOT"));
CFG.newdays = 30; CFG.newdays = 30;
CFG.security.level = 20; CFG.security.level = 20;
CFG.new_split = 27; CFG.new_split = 27;
@ -233,7 +233,7 @@ void load_maincfg(void)
CFG.iCrashLevel = 100; CFG.iCrashLevel = 100;
CFG.iAttachLevel = 100; CFG.iAttachLevel = 100;
CFG.new_groups = 25; CFG.new_groups = 25;
sprintf(CFG.startname, "bbs"); snprintf(CFG.startname, 9, "bbs");
CFG.freespace = 10; CFG.freespace = 10;
/* /*
@ -297,7 +297,7 @@ void load_maincfg(void)
CFG.ct_Message = TRUE; CFG.ct_Message = TRUE;
CFG.ct_TIC = TRUE; CFG.ct_TIC = TRUE;
CFG.tic_days = 30; CFG.tic_days = 30;
sprintf(CFG.hatchpasswd, "DizIzMyBIGseeKret"); snprintf(CFG.hatchpasswd, 21, "DizIzMyBIGseeKret");
CFG.tic_systems = 10; CFG.tic_systems = 10;
CFG.tic_groups = 25; CFG.tic_groups = 25;
CFG.tic_dupes = 16000; CFG.tic_dupes = 16000;
@ -307,11 +307,11 @@ void load_maincfg(void)
*/ */
CFG.maxpktsize = 150; CFG.maxpktsize = 150;
CFG.maxarcsize = 300; CFG.maxarcsize = 300;
sprintf(CFG.badboard, "%s/var/mail/badmail", getenv("MBSE_ROOT")); snprintf(CFG.badboard, 65, "%s/var/mail/badmail", getenv("MBSE_ROOT"));
sprintf(CFG.dupboard, "%s/var/mail/dupemail", getenv("MBSE_ROOT")); snprintf(CFG.dupboard, 65, "%s/var/mail/dupemail", getenv("MBSE_ROOT"));
sprintf(CFG.popnode, "localhost"); snprintf(CFG.popnode, 65, "localhost");
sprintf(CFG.smtpnode, "localhost"); snprintf(CFG.smtpnode, 65, "localhost");
sprintf(CFG.nntpnode, "localhost"); snprintf(CFG.nntpnode, 65, "localhost");
CFG.toss_days = 30; CFG.toss_days = 30;
CFG.toss_dupes = 16000; CFG.toss_dupes = 16000;
CFG.toss_old = 60; CFG.toss_old = 60;
@ -322,7 +322,7 @@ void load_maincfg(void)
CFG.UUCPgate.zone = 2; CFG.UUCPgate.zone = 2;
CFG.UUCPgate.net = 292; CFG.UUCPgate.net = 292;
CFG.UUCPgate.node = 875; CFG.UUCPgate.node = 875;
sprintf(CFG.UUCPgate.domain, "fidonet"); snprintf(CFG.UUCPgate.domain, 13, "fidonet");
CFG.nntpdupes = 16000; CFG.nntpdupes = 16000;
CFG.ca_PlusAll = TRUE; CFG.ca_PlusAll = TRUE;
CFG.ca_Notify = TRUE; CFG.ca_Notify = TRUE;
@ -331,10 +331,10 @@ void load_maincfg(void)
CFG.ca_Check = TRUE; CFG.ca_Check = TRUE;
for (i = 0; i < 32; i++) { for (i = 0; i < 32; i++) {
sprintf(CFG.fname[i], "Flag %d", i+1); snprintf(CFG.fname[i], 17, "Flag %d", i+1);
sprintf(CFG.aname[i], "Flag %d", i+1); snprintf(CFG.aname[i], 17, "Flag %d", i+1);
} }
sprintf(CFG.aname[0], "Everyone"); snprintf(CFG.aname[0], 17, "Everyone");
/* /*
@ -342,25 +342,25 @@ void load_maincfg(void)
*/ */
CFG.timeoutreset = 3L; CFG.timeoutreset = 3L;
CFG.timeoutconnect = 60L; CFG.timeoutconnect = 60L;
sprintf(CFG.phonetrans[0].match, "31-255"); snprintf(CFG.phonetrans[0].match, 21, "31-255");
sprintf(CFG.phonetrans[1].match, "31-"); snprintf(CFG.phonetrans[1].match, 21, "31-");
sprintf(CFG.phonetrans[1].repl, "0"); snprintf(CFG.phonetrans[1].repl, 21, "0");
sprintf(CFG.phonetrans[2].repl, "00"); snprintf(CFG.phonetrans[2].repl, 21, "00");
CFG.IP_Speed = 256000; CFG.IP_Speed = 256000;
CFG.dialdelay = 60; CFG.dialdelay = 60;
sprintf(CFG.IP_Flags, "ICM,XX,IBN"); snprintf(CFG.IP_Flags, 31, "ICM,XX,IBN");
CFG.cico_loglevel = DLOG_ALLWAYS | DLOG_ERROR | DLOG_ATTENT | DLOG_NORMAL | DLOG_VERBOSE; CFG.cico_loglevel = DLOG_ALLWAYS | DLOG_ERROR | DLOG_ATTENT | DLOG_NORMAL | DLOG_VERBOSE;
/* /*
* WWW defaults * WWW defaults
*/ */
sprintf(CFG.www_root, "/var/www/htdocs"); snprintf(CFG.www_root, 81, "/var/www/htdocs");
sprintf(CFG.www_link2ftp, "files"); snprintf(CFG.www_link2ftp, 21, "files");
sprintf(CFG.www_url, "http://%s", CFG.sysdomain); snprintf(CFG.www_url, 41, "http://%s", CFG.sysdomain);
sprintf(CFG.www_charset, "ISO 8859-1"); snprintf(CFG.www_charset, 21, "ISO 8859-1");
sprintf(CFG.www_author, "Your Name"); snprintf(CFG.www_author, 41, "Your Name");
if (strlen(_PATH_CONVERT)) if (strlen(_PATH_CONVERT))
sprintf(CFG.www_convert,"%s -geometry x100", _PATH_CONVERT); snprintf(CFG.www_convert, 81, "%s -geometry x100", _PATH_CONVERT);
CFG.www_files_page = 10; CFG.www_files_page = 10;
CFG.maxarticles = 500; CFG.maxarticles = 500;
@ -383,7 +383,7 @@ void load_maincfg(void)
fread(&CFG, sizeof(CFG), 1, fp); fread(&CFG, sizeof(CFG), 1, fp);
fclose(fp); fclose(fp);
if (strlen(CFG.debuglog) == 0) if (strlen(CFG.debuglog) == 0)
sprintf(CFG.debuglog, "debug.log"); snprintf(CFG.debuglog, 15, "debug.log");
} }
cfg_time = file_time(cfgfn); cfg_time = file_time(cfgfn);
@ -401,19 +401,19 @@ void load_taskcfg(void)
if ((fp = fopen(tcfgfn, "r")) == NULL) { if ((fp = fopen(tcfgfn, "r")) == NULL) {
memset(&TCFG, 0, sizeof(TCFG)); memset(&TCFG, 0, sizeof(TCFG));
TCFG.maxload = 1.50; TCFG.maxload = 1.50;
sprintf(TCFG.zmh_start, "02:30"); snprintf(TCFG.zmh_start, 6, "02:30");
sprintf(TCFG.zmh_end, "03:30"); snprintf(TCFG.zmh_end, 6, "03:30");
sprintf(TCFG.cmd_mailout, "%s/bin/mbfido scan web -quiet", getenv("MBSE_ROOT")); snprintf(TCFG.cmd_mailout, 81, "%s/bin/mbfido scan web -quiet", getenv("MBSE_ROOT"));
sprintf(TCFG.cmd_mailin, "%s/bin/mbfido tic toss web -quiet", getenv("MBSE_ROOT")); snprintf(TCFG.cmd_mailin, 81, "%s/bin/mbfido tic toss web -quiet", getenv("MBSE_ROOT"));
sprintf(TCFG.cmd_newnews, "%s/bin/mbfido news web -quiet", getenv("MBSE_ROOT")); snprintf(TCFG.cmd_newnews, 81, "%s/bin/mbfido news web -quiet", getenv("MBSE_ROOT"));
sprintf(TCFG.cmd_mbindex1, "%s/bin/mbindex -quiet", getenv("MBSE_ROOT")); snprintf(TCFG.cmd_mbindex1, 81, "%s/bin/mbindex -quiet", getenv("MBSE_ROOT"));
if (strlen(_PATH_GOLDNODE)) if (strlen(_PATH_GOLDNODE))
sprintf(TCFG.cmd_mbindex2, "%s -f -q", _PATH_GOLDNODE); snprintf(TCFG.cmd_mbindex2, 81, "%s -f -q", _PATH_GOLDNODE);
sprintf(TCFG.cmd_msglink, "%s/bin/mbmsg link -quiet", getenv("MBSE_ROOT")); snprintf(TCFG.cmd_msglink, 81, "%s/bin/mbmsg link -quiet", getenv("MBSE_ROOT"));
sprintf(TCFG.cmd_reqindex, "%s/bin/mbfile index -quiet", getenv("MBSE_ROOT")); snprintf(TCFG.cmd_reqindex, 81, "%s/bin/mbfile index -quiet", getenv("MBSE_ROOT"));
TCFG.max_tcp = 0; TCFG.max_tcp = 0;
sprintf(TCFG.isp_ping1, "192.168.1.1"); snprintf(TCFG.isp_ping1, 41, "192.168.1.1");
sprintf(TCFG.isp_ping2, "192.168.1.1"); snprintf(TCFG.isp_ping2, 41, "192.168.1.1");
if ((fp = fopen(tcfgfn, "a+")) == NULL) { if ((fp = fopen(tcfgfn, "a+")) == NULL) {
Syslog('?', "$Can't create %s", tcfgfn); Syslog('?', "$Can't create %s", tcfgfn);
die(MBERR_INIT_ERROR); die(MBERR_INIT_ERROR);
@ -450,9 +450,9 @@ pid_t launch(char *cmd, char *opts, char *name, int tasktype)
memset(vector, 0, sizeof(vector)); memset(vector, 0, sizeof(vector));
if (opts == NULL) if (opts == NULL)
sprintf(buf, "%s", cmd); snprintf(buf, PATH_MAX, "%s", cmd);
else else
sprintf(buf, "%s %s", cmd, opts); snprintf(buf, PATH_MAX, "%s %s", cmd, opts);
i = 0; i = 0;
vector[i++] = strtok(buf," \t\n\0"); vector[i++] = strtok(buf," \t\n\0");
@ -717,7 +717,7 @@ void die(int onsig)
*/ */
count = 30; count = 30;
while (count) { while (count) {
sprintf(temp, "%s", reg_fre()); snprintf(temp, 80, "%s", reg_fre());
if (strcmp(temp, "100:0;") == 0) { if (strcmp(temp, "100:0;") == 0) {
Syslog('+', "Good, no more other programs running"); Syslog('+', "Good, no more other programs running");
break; break;
@ -785,8 +785,8 @@ int locktask(char *root)
tempfile = calloc(PATH_MAX, sizeof(char)); tempfile = calloc(PATH_MAX, sizeof(char));
lockfile = calloc(PATH_MAX, sizeof(char)); lockfile = calloc(PATH_MAX, sizeof(char));
sprintf(tempfile, "%s/var/run/mbtask.tmp", root); snprintf(tempfile, PATH_MAX, "%s/var/run/mbtask.tmp", root);
sprintf(lockfile, "%s/var/run/mbtask", root); snprintf(lockfile, PATH_MAX, "%s/var/run/mbtask", root);
if ((fp = fopen(tempfile, "w")) == NULL) { if ((fp = fopen(tempfile, "w")) == NULL) {
perror("mbtask"); perror("mbtask");
@ -857,7 +857,7 @@ void ulocktask(void)
pw = getpwnam((char *)"mbse"); pw = getpwnam((char *)"mbse");
lockfile = calloc(PATH_MAX, sizeof(char)); lockfile = calloc(PATH_MAX, sizeof(char));
sprintf(lockfile, "%s/var/run/mbtask", pw->pw_dir); snprintf(lockfile, PATH_MAX, "%s/var/run/mbtask", pw->pw_dir);
if ((fp = fopen(lockfile, "r")) == NULL) { if ((fp = fopen(lockfile, "r")) == NULL) {
WriteError("$Can't open lockfile \"%s\"", lockfile); WriteError("$Can't open lockfile \"%s\"", lockfile);
@ -1131,19 +1131,19 @@ void *scheduler(void)
*/ */
memset(&doing, 0, sizeof(doing)); memset(&doing, 0, sizeof(doing));
if ((running = checktasks(0))) if ((running = checktasks(0)))
sprintf(doing, "Run %d tasks", running); snprintf(doing, 32, "Run %d tasks", running);
else if (UPSdown) else if (UPSdown)
sprintf(doing, "UPS shutdown"); snprintf(doing, 32, "UPS shutdown");
else if (UPSalarm) else if (UPSalarm)
sprintf(doing, "UPS alarm"); snprintf(doing, 32, "UPS alarm");
else if (!s_bbsopen) else if (!s_bbsopen)
sprintf(doing, "BBS is closed"); snprintf(doing, 32, "BBS is closed");
else if (Processing) else if (Processing)
sprintf(doing, "%s", waitmsg); snprintf(doing, 32, "%s", waitmsg);
else else
sprintf(doing, "Overload %2.2f", Load); snprintf(doing, 32, "Overload %2.2f", Load);
sprintf(reginfo[0].doing, "%s", doing); snprintf(reginfo[0].doing, 36, "%s", doing);
reginfo[0].lastcon = time(NULL); reginfo[0].lastcon = time(NULL);
/* /*
@ -1377,14 +1377,14 @@ void *scheduler(void)
switch (calllist[call_entry].callmode) { switch (calllist[call_entry].callmode) {
case CM_ISDN: for (tpl = pl; tpl; tpl = tpl->next) { case CM_ISDN: for (tpl = pl; tpl; tpl = tpl->next) {
if (!tpl->locked && (tpl->dflags & calllist[call_entry].diflags)) { if (!tpl->locked && (tpl->dflags & calllist[call_entry].diflags)) {
sprintf(port, "-l %s ", tpl->tty); snprintf(port, 21, "-l %s ", tpl->tty);
break; break;
} }
} }
break; break;
case CM_POTS: for (tpl = pl; tpl; tpl = tpl->next) { case CM_POTS: for (tpl = pl; tpl; tpl = tpl->next) {
if (!tpl->locked && (tpl->mflags & calllist[call_entry].moflags)) { if (!tpl->locked && (tpl->mflags & calllist[call_entry].moflags)) {
sprintf(port, "-l %s ", tpl->tty); snprintf(port, 21, "-l %s ", tpl->tty);
break; break;
} }
} }
@ -1393,11 +1393,11 @@ void *scheduler(void)
break; break;
} }
if (calllist[call_entry].addr.point) { if (calllist[call_entry].addr.point) {
sprintf(opts, "%sp%u.f%u.n%u.z%u.%s", port, calllist[call_entry].addr.point, snprintf(opts, 41, "%sp%u.f%u.n%u.z%u.%s", port, calllist[call_entry].addr.point,
calllist[call_entry].addr.node, calllist[call_entry].addr.net, calllist[call_entry].addr.node, calllist[call_entry].addr.net,
calllist[call_entry].addr.zone, calllist[call_entry].addr.domain); calllist[call_entry].addr.zone, calllist[call_entry].addr.domain);
} else { } else {
sprintf(opts, "%sf%u.n%u.z%u.%s", port, calllist[call_entry].addr.node, calllist[call_entry].addr.net, snprintf(opts, 41, "%sf%u.n%u.z%u.%s", port, calllist[call_entry].addr.node, calllist[call_entry].addr.net,
calllist[call_entry].addr.zone, calllist[call_entry].addr.domain); calllist[call_entry].addr.zone, calllist[call_entry].addr.domain);
} }
calllist[call_entry].taskpid = launch(cmd, opts, (char *)"mbcico", calllist[call_entry].callmode); calllist[call_entry].taskpid = launch(cmd, opts, (char *)"mbcico", calllist[call_entry].callmode);
@ -1491,7 +1491,7 @@ int main(int argc, char **argv)
exit(MBERR_NO_PROGLOCK); exit(MBERR_NO_PROGLOCK);
} }
sprintf(cfgfn, "%s/etc/config.data", getenv("MBSE_ROOT")); snprintf(cfgfn, PATH_MAX, "%s/etc/config.data", getenv("MBSE_ROOT"));
load_maincfg(); load_maincfg();
if (nodaemon) if (nodaemon)
printf("main config loaded\n"); printf("main config loaded\n");
@ -1506,15 +1506,16 @@ int main(int argc, char **argv)
if (nodaemon) if (nodaemon)
Syslog('+', "Starting in no-daemon mode"); Syslog('+', "Starting in no-daemon mode");
sprintf(tcfgfn, "%s/etc/task.data", getenv("MBSE_ROOT")); snprintf(tcfgfn, PATH_MAX, "%s/etc/task.data", getenv("MBSE_ROOT"));
load_taskcfg(); load_taskcfg();
status_init(); status_init();
memset(&task, 0, sizeof(task)); memset(&task, 0, sizeof(task));
memset(&reginfo, 0, sizeof(reginfo)); memset(&reginfo, 0, sizeof(reginfo));
memset(&calllist, 0, sizeof(calllist)); memset(&calllist, 0, sizeof(calllist));
sprintf(spath, "%s/tmp/mbtask", getenv("MBSE_ROOT")); snprintf(spath, PATH_MAX, "%s/tmp/mbtask", getenv("MBSE_ROOT"));
sprintf(ttyfn, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT")); snprintf(ttyfn, PATH_MAX, "%s/etc/ttyinfo.data", getenv("MBSE_ROOT"));
initnl(); initnl();
load_ports(); load_ports();
check_ports(); check_ports();
@ -1583,7 +1584,7 @@ int main(int argc, char **argv)
* in the lockfile before leaving. * in the lockfile before leaving.
*/ */
lockfile = calloc(PATH_MAX, sizeof(char)); lockfile = calloc(PATH_MAX, sizeof(char));
sprintf(lockfile, "%s/var/run/mbtask", pw->pw_dir); snprintf(lockfile, PATH_MAX, "%s/var/run/mbtask", pw->pw_dir);
if ((fp = fopen(lockfile, "w"))) { if ((fp = fopen(lockfile, "w"))) {
fprintf(fp, "%10u\n", frk); fprintf(fp, "%10u\n", frk);
fclose(fp); fclose(fp);

View File

@ -4,7 +4,7 @@
* Purpose ...............: mbtask - Scan mail outbound status * Purpose ...............: mbtask - Scan mail outbound status
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -68,7 +68,7 @@ int load_node(fidoaddr n)
int i, j = 0; int i, j = 0;
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/nodes.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/nodes.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) == NULL) { if ((fp = fopen(temp, "r")) == NULL) {
free(temp); free(temp);
memset(&nodes, 0, sizeof(nodes)); memset(&nodes, 0, sizeof(nodes));
@ -103,9 +103,9 @@ char *size_str(long size)
static char fmt[25]; static char fmt[25];
if (size > 1048575) { if (size > 1048575) {
sprintf(fmt, "%ldK", size / 1024); snprintf(fmt, 25, "%ldK", size / 1024);
} else { } else {
sprintf(fmt, "%ld ", size); snprintf(fmt, 25, "%ld ", size);
} }
return fmt; return fmt;
} }
@ -199,7 +199,7 @@ void checkdir(char *boxpath, faddr *fa, char flavor)
if ((dp = opendir(boxpath)) != NULL) { if ((dp = opendir(boxpath)) != NULL) {
while ((de = readdir(dp))) { while ((de = readdir(dp))) {
if (strcmp(de->d_name, ".") && strcmp(de->d_name, "..")) { if (strcmp(de->d_name, ".") && strcmp(de->d_name, "..")) {
sprintf(temp, "%s/%s", boxpath, de->d_name); snprintf(temp, PATH_MAX, "%s/%s", boxpath, de->d_name);
if (stat(temp, &sb) == 0) { if (stat(temp, &sb) == 0) {
if (S_ISREG(sb.st_mode)) { if (S_ISREG(sb.st_mode)) {
if (pw->pw_uid == sb.st_uid) { if (pw->pw_uid == sb.st_uid) {
@ -288,7 +288,7 @@ int outstat()
#endif #endif
uhour = tm.tm_hour; uhour = tm.tm_hour;
umin = tm.tm_min; umin = tm.tm_min;
sprintf(utc, "%02d:%02d", uhour, umin); snprintf(utc, 6, "%02d:%02d", uhour, umin);
Syslog('+', "Scanning outbound at %s UTC.", utc); Syslog('+', "Scanning outbound at %s UTC.", utc);
nxt_hour = 24; nxt_hour = 24;
nxt_min = 0; nxt_min = 0;
@ -312,7 +312,7 @@ int outstat()
* Check private outbound box for nodes in the setup. * Check private outbound box for nodes in the setup.
*/ */
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/nodes.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/nodes.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) == NULL) { if ((fp = fopen(temp, "r")) == NULL) {
Syslog('?', "Error open %s, aborting", temp); Syslog('?', "Error open %s, aborting", temp);
free(temp); free(temp);
@ -355,7 +355,7 @@ int outstat()
Syslog('o', "Checking T-Mail short box \"%s\"", CFG.tmailshort); Syslog('o', "Checking T-Mail short box \"%s\"", CFG.tmailshort);
while ((de = readdir(dp))) { while ((de = readdir(dp))) {
if (strcmp(de->d_name, ".") && strcmp(de->d_name, "..")) { if (strcmp(de->d_name, ".") && strcmp(de->d_name, "..")) {
sprintf(temp, "%s/%s", CFG.tmailshort, de->d_name); snprintf(temp, PATH_MAX, "%s/%s", CFG.tmailshort, de->d_name);
if (stat(temp, &sb) == 0) { if (stat(temp, &sb) == 0) {
Syslog('o' ,"checking \"%s\"", de->d_name); Syslog('o' ,"checking \"%s\"", de->d_name);
if (S_ISDIR(sb.st_mode)) { if (S_ISDIR(sb.st_mode)) {
@ -413,13 +413,13 @@ int outstat()
Syslog('o', "Checking T-Mail long box \"%s\"", CFG.tmaillong); Syslog('o', "Checking T-Mail long box \"%s\"", CFG.tmaillong);
while ((de = readdir(dp))) { while ((de = readdir(dp))) {
if (strcmp(de->d_name, ".") && strcmp(de->d_name, "..")) { if (strcmp(de->d_name, ".") && strcmp(de->d_name, "..")) {
sprintf(temp, "%s/%s", CFG.tmaillong, de->d_name); snprintf(temp, PATH_MAX, "%s/%s", CFG.tmaillong, de->d_name);
if (stat(temp, &sb) == 0) { if (stat(temp, &sb) == 0) {
Syslog('o' ,"checking \"%s\"", de->d_name); Syslog('o' ,"checking \"%s\"", de->d_name);
if (S_ISDIR(sb.st_mode)) { if (S_ISDIR(sb.st_mode)) {
char c, d; char c, d;
int n; int n;
sprintf(temp2, "%s", de->d_name); snprintf(temp2, PATH_MAX, "%s", de->d_name);
fa = (faddr*)malloc(sizeof(faddr)); fa = (faddr*)malloc(sizeof(faddr));
fa->name = NULL; fa->name = NULL;
fa->domain = NULL; fa->domain = NULL;
@ -510,14 +510,14 @@ int outstat()
tmin = 0; tmin = 0;
else else
tmin = 30; tmin = 30;
sprintf(as, "%02d:%02d", thour, tmin); snprintf(as, 6, "%02d:%02d", thour, tmin);
set_next(thour, tmin); set_next(thour, tmin);
thour = toupper(tmp->t2) - 'A'; thour = toupper(tmp->t2) - 'A';
if (isupper(tmp->t2)) if (isupper(tmp->t2))
tmin = 0; tmin = 0;
else else
tmin = 30; tmin = 30;
sprintf(be, "%02d:%02d", thour, tmin); snprintf(be, 6, "%02d:%02d", thour, tmin);
set_next(thour, tmin); set_next(thour, tmin);
if (strcmp(as, be) > 0) { if (strcmp(as, be) > 0) {
/* /*
@ -691,7 +691,7 @@ int outstat()
/* /*
* Show callresult for this node. * Show callresult for this node.
*/ */
sprintf(temp, "%s %8s %08x %08x %08x %08x %5d %s %s %s", flstr, size_str(tmp->size), snprintf(temp, PATH_MAX, "%s %8s %08x %08x %08x %08x %5d %s %s %s", flstr, size_str(tmp->size),
(unsigned int)tmp->olflags, (unsigned int)tmp->moflags, (unsigned int)tmp->olflags, (unsigned int)tmp->moflags,
(unsigned int)tmp->diflags, (unsigned int)tmp->ipflags, (unsigned int)tmp->diflags, (unsigned int)tmp->ipflags,
tmp->cst.tryno, callstatus(tmp->cst.trystat), callmode(tmp->callmode), fido2str(tmp->addr, 0x0f)); tmp->cst.tryno, callstatus(tmp->cst.trystat), callmode(tmp->callmode), fido2str(tmp->addr, 0x0f));
@ -723,7 +723,7 @@ int outstat()
/* /*
* Log results * Log results
*/ */
sprintf(waitmsg, "Next event at %02d:%02d UTC", nxt_hour, nxt_min); snprintf(waitmsg, 81, "Next event at %02d:%02d UTC", nxt_hour, nxt_min);
Syslog('+', "Systems to call: Inet=%d, ISDN=%d, POTS=%d, Next event at %02d:%02d UTC", Syslog('+', "Systems to call: Inet=%d, ISDN=%d, POTS=%d, Next event at %02d:%02d UTC",
inet_calls, isdn_calls, pots_calls, nxt_hour, nxt_min); inet_calls, isdn_calls, pots_calls, nxt_hour, nxt_min);
free(temp); free(temp);
@ -758,7 +758,7 @@ int each(faddr *addr, char flavor, int isflo, char *fname)
(*tmp)->addr.net = addr->net; (*tmp)->addr.net = addr->net;
(*tmp)->addr.node = addr->node; (*tmp)->addr.node = addr->node;
(*tmp)->addr.point = addr->point; (*tmp)->addr.point = addr->point;
sprintf((*tmp)->addr.domain, "%s", addr->domain); snprintf((*tmp)->addr.domain, 13, "%s", addr->domain);
if (nlent->addr.domain) if (nlent->addr.domain)
free(nlent->addr.domain); free(nlent->addr.domain);
if (nlent->url) if (nlent->url)

View File

@ -4,7 +4,7 @@
* Purpose ...............: mbtask - ping functions * Purpose ...............: mbtask - ping functions
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -353,14 +353,14 @@ printf("Start ping thread\n");
if (pingnr == 1) { if (pingnr == 1) {
pingnr = 2; pingnr = 2;
if (strlen(TCFG.isp_ping2)) { if (strlen(TCFG.isp_ping2)) {
sprintf(pingaddress, "%s", TCFG.isp_ping2); snprintf(pingaddress, 41, "%s", TCFG.isp_ping2);
} else { } else {
pingresult[2] = FALSE; pingresult[2] = FALSE;
} }
} else { } else {
pingnr = 1; pingnr = 1;
if (strlen(TCFG.isp_ping1)) { if (strlen(TCFG.isp_ping1)) {
sprintf(pingaddress, "%s", TCFG.isp_ping1); snprintf(pingaddress, 41, "%s", TCFG.isp_ping1);
} else { } else {
pingresult[1] = FALSE; pingresult[1] = FALSE;
} }

View File

@ -4,7 +4,7 @@
* Purpose ...............: mbtask - mode portlists * Purpose ...............: mbtask - mode portlists
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -191,7 +191,7 @@ void check_ports(void)
pots_free = isdn_free = 0; pots_free = isdn_free = 0;
for (tpl = pl; tpl; tpl = tpl->next) { for (tpl = pl; tpl; tpl = tpl->next) {
sprintf(lckname, "%s%s", LCKPREFIX, tpl->tty); snprintf(lckname, 256, "%s%s", LCKPREFIX, tpl->tty);
if ((lf = fopen(lckname, "r")) == NULL) { if ((lf = fopen(lckname, "r")) == NULL) {
if (tpl->locked) { if (tpl->locked) {
tpl->locked = 0; tpl->locked = 0;

View File

@ -4,7 +4,7 @@
* Purpose ...............: Outbound scanning * Purpose ...............: Outbound scanning
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -67,7 +67,7 @@ static int scan_dir(int (*fn)(faddr *, char, int, char *), char *dname, int ispo
/* /*
* Create a fake filename, mkdirs() likes that. * Create a fake filename, mkdirs() likes that.
*/ */
sprintf(fname, "%s/foo", dname); snprintf(fname, PATH_MAX, "%s/foo", dname);
(void)mkdirs(fname, 0770); (void)mkdirs(fname, 0770);
if ((dp = opendir(dname)) == NULL) { if ((dp = opendir(dname)) == NULL) {
Syslog('o' ,"\"%s\" cannot be opened, proceed",MBSE_SS(dname)); Syslog('o' ,"\"%s\" cannot be opened, proceed",MBSE_SS(dname));
@ -136,7 +136,7 @@ static int scan_dir(int (*fn)(faddr *, char, int, char *), char *dname, int ispo
if ((rc = fn(&addr, flavor, isflo, fname))) if ((rc = fn(&addr, flavor, isflo, fname)))
goto exout; goto exout;
sprintf(fname, "%s/%s", dname, de->d_name); snprintf(fname, PATH_MAX, "%s/%s", dname, de->d_name);
fage = (int)((t_start - file_time(fname)) / 86400); fage = (int)((t_start - file_time(fname)) / 86400);
if (file_size(fname) == 0) { if (file_size(fname) == 0) {
@ -206,7 +206,7 @@ int scanout(int (*fn)(faddr *, char, int, char *))
*/ */
if (fidonet.zone[j]) { if (fidonet.zone[j]) {
if (j) { if (j) {
sprintf(fext, ".%03x", fidonet.zone[j]); snprintf(fext, 5, ".%03x", fidonet.zone[j]);
p = xstrcat(p, fext); p = xstrcat(p, fext);
} }
addr.zone = fidonet.zone[j]; addr.zone = fidonet.zone[j];

View File

@ -119,7 +119,7 @@ void system_msg(pid_t pid, char *msg)
Syslog('-', "system_msg(%d, %s) ptr=%d", pid, msg, buffer_head); Syslog('-', "system_msg(%d, %s) ptr=%d", pid, msg, buffer_head);
memset(&chat_messages[buffer_head], 0, sizeof(_chat_messages)); memset(&chat_messages[buffer_head], 0, sizeof(_chat_messages));
chat_messages[buffer_head].topid = pid; chat_messages[buffer_head].topid = pid;
sprintf(chat_messages[buffer_head].fromname, "Server"); snprintf(chat_messages[buffer_head].fromname, 36, "Server");
strncpy(chat_messages[buffer_head].message, msg, 80); strncpy(chat_messages[buffer_head].message, msg, 80);
chat_messages[buffer_head].posted = time(NULL); chat_messages[buffer_head].posted = time(NULL);
} }
@ -136,7 +136,7 @@ void system_shout(const char *format, ...)
usr_list *tmpu; usr_list *tmpu;
va_start(va_ptr, format); va_start(va_ptr, format);
vsprintf(buf, format, va_ptr); vsnprintf(buf, 512, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
for (tmpu = users; tmpu; tmpu = tmpu->next) for (tmpu = users; tmpu; tmpu = tmpu->next)
@ -199,7 +199,7 @@ int join(pid_t pid, char *channel, int sysop)
chnchg = TRUE; chnchg = TRUE;
chat_dump(); chat_dump();
sprintf(buf, "%s has joined channel %s, now %d users", tmpu->nick, channel, tmp->users); snprintf(buf, 81, "%s has joined channel %s, now %d users", tmpu->nick, channel, tmp->users);
chat_msg(channel, NULL, buf); chat_msg(channel, NULL, buf);
/* /*
@ -218,7 +218,7 @@ int join(pid_t pid, char *channel, int sysop)
* A new channel must be created, but only the sysop may create the "sysop" channel * A new channel must be created, but only the sysop may create the "sysop" channel
*/ */
if (!sysop && (strcasecmp(channel, "#sysop") == 0)) { if (!sysop && (strcasecmp(channel, "#sysop") == 0)) {
sprintf(buf, "*** Only the sysop may create channel \"%s\"", channel); snprintf(buf, 81, "*** Only the sysop may create channel \"%s\"", channel);
system_msg(pid, buf); system_msg(pid, buf);
return FALSE; return FALSE;
} }
@ -238,7 +238,7 @@ int join(pid_t pid, char *channel, int sysop)
chnchg = TRUE; chnchg = TRUE;
srvchg = TRUE; srvchg = TRUE;
sprintf(buf, "* Created channel %s", channel); snprintf(buf, 81, "* Created channel %s", channel);
chat_msg(channel, NULL, buf); chat_msg(channel, NULL, buf);
chat_dump(); chat_dump();
if (strcasecmp(channel, "#sysop")) if (strcasecmp(channel, "#sysop"))
@ -252,7 +252,7 @@ int join(pid_t pid, char *channel, int sysop)
/* /*
* No matching or free channels * No matching or free channels
*/ */
sprintf(buf, "*** Cannot create chat channel %s, no free channels", channel); snprintf(buf, 81, "*** Cannot create chat channel %s, no free channels", channel);
system_msg(pid, buf); system_msg(pid, buf);
Syslog('+', "%s", buf); Syslog('+', "%s", buf);
return FALSE; return FALSE;
@ -284,7 +284,7 @@ int part(pid_t pid, char *reason)
if (reason != NULL) { if (reason != NULL) {
chat_msg(tmpu->channel, tmpu->nick, reason); chat_msg(tmpu->channel, tmpu->nick, reason);
} }
sprintf(buf, "%s has left channel %s, %d users left", tmpu->nick, tmp->name, tmp->users); snprintf(buf, 81, "%s has left channel %s, %d users left", tmpu->nick, tmp->name, tmp->users);
chat_msg(tmpu->channel, NULL, buf); chat_msg(tmpu->channel, NULL, buf);
if (strcasecmp(tmp->name, (char *)"#sysop")) { if (strcasecmp(tmp->name, (char *)"#sysop")) {
if (reason && strlen(reason)) if (reason && strlen(reason))
@ -354,13 +354,13 @@ void chat_msg(char *channel, char *nick, char *msg)
usr_list *tmpu; usr_list *tmpu;
if (nick == NULL) if (nick == NULL)
sprintf(buf, "%s", msg); snprintf(buf, 128, "%s", msg);
else else
sprintf(buf, "<%s> %s", nick, msg); snprintf(buf, 128, "<%s> %s", nick, msg);
if (CFG.iAutoLog && strlen(CFG.chat_log)) { if (CFG.iAutoLog && strlen(CFG.chat_log)) {
logm = calloc(PATH_MAX, sizeof(char)); logm = calloc(PATH_MAX, sizeof(char));
sprintf(logm, "%s/log/%s", getenv("MBSE_ROOT"), CFG.chat_log); snprintf(logm, PATH_MAX, "%s/log/%s", getenv("MBSE_ROOT"), CFG.chat_log);
ulog(logm, (char *)"+", channel, (char *)"-1", buf); ulog(logm, (char *)"+", channel, (char *)"-1", buf);
free(logm); free(logm);
} }
@ -390,12 +390,12 @@ char *chat_connect(char *data)
memset(&buf, 0, sizeof(buf)); memset(&buf, 0, sizeof(buf));
if (IsSema((char *)"upsalarm")) { if (IsSema((char *)"upsalarm")) {
sprintf(buf, "100:1,*** Power failure, running on UPS;"); snprintf(buf, 200, "100:1,*** Power failure, running on UPS;");
return buf; return buf;
} }
if (s_bbsopen == FALSE) { if (s_bbsopen == FALSE) {
sprintf(buf, "100:1,*** The BBS is closed now;"); snprintf(buf, 200, "100:1,*** The BBS is closed now;");
return buf; return buf;
} }
@ -431,25 +431,25 @@ char *chat_connect(char *data)
/* /*
* Now put welcome message into the ringbuffer and report success. * Now put welcome message into the ringbuffer and report success.
*/ */
sprintf(buf, "MBSE BBS v%s chat server; type /help for help", VERSION); snprintf(buf, 200, "MBSE BBS v%s chat server; type /help for help", VERSION);
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
sprintf(buf, "Welcome to the Internet BBS Chat Network"); snprintf(buf, 200, "Welcome to the Internet BBS Chat Network");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
sprintf(buf, "Current connected servers:"); snprintf(buf, 200, "Current connected servers:");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
for (sl = servers; sl; sl = sl->next) { for (sl = servers; sl; sl = sl->next) {
sprintf(buf, " %s (%d user%s)", sl->fullname, sl->users, (sl->users == 1) ? "":"s"); snprintf(buf, 200, " %s (%d user%s)", sl->fullname, sl->users, (sl->users == 1) ? "":"s");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
count += sl->users; count += sl->users;
} }
sprintf(buf, "There %s %d user%s connected", (count != 1)?"are":"is", count, (count != 1)?"s":""); snprintf(buf, 200, "There %s %d user%s connected", (count != 1)?"are":"is", count, (count != 1)?"s":"");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
sprintf(buf, "100:0;"); snprintf(buf, 200, "100:0;");
return buf; return buf;
} }
} }
sprintf(buf, "100:1,Too many users connected;"); snprintf(buf, 200, "100:1,Too many users connected;");
return buf; return buf;
} }
@ -474,12 +474,12 @@ char *chat_close(char *data)
send_all("QUIT %s@%s Leaving chat\r\n", tmpu->name, CFG.myfqdn); send_all("QUIT %s@%s Leaving chat\r\n", tmpu->name, CFG.myfqdn);
del_user(&users, CFG.myfqdn, tmpu->name); del_user(&users, CFG.myfqdn, tmpu->name);
Syslog('-', "Closing chat for pid %s", pid); Syslog('-', "Closing chat for pid %s", pid);
sprintf(buf, "100:0;"); snprintf(buf, 200, "100:0;");
return buf; return buf;
} }
} }
Syslog('-', "Pid %s was not connected to chatserver"); Syslog('-', "Pid %s was not connected to chatserver");
sprintf(buf, "100:1,*** ERROR - Not connected to server;"); snprintf(buf, 200, "100:1,*** ERROR - Not connected to server;");
return buf; return buf;
} }
@ -499,12 +499,12 @@ char *chat_put(char *data)
memset(&buf, 0, sizeof(buf)); memset(&buf, 0, sizeof(buf));
if (IsSema((char *)"upsalarm")) { if (IsSema((char *)"upsalarm")) {
sprintf(buf, "100:2,1,*** Power alarm, running on UPS;"); snprintf(buf, 200, "100:2,1,*** Power alarm, running on UPS;");
return buf; return buf;
} }
if (s_bbsopen == FALSE) { if (s_bbsopen == FALSE) {
sprintf(buf, "100:2,1,*** The BBS is closed now;"); snprintf(buf, 200, "100:2,1,*** The BBS is closed now;");
return buf; return buf;
} }
@ -523,14 +523,14 @@ char *chat_put(char *data)
chat_help(atoi(pid)); chat_help(atoi(pid));
goto ack; goto ack;
} else if (strncasecmp(msg, "/echo", 5) == 0) { } else if (strncasecmp(msg, "/echo", 5) == 0) {
sprintf(buf, "%s", msg); snprintf(buf, 200, "%s", msg);
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
goto ack; goto ack;
} else if ((strncasecmp(msg, "/exit", 5) == 0) || } else if ((strncasecmp(msg, "/exit", 5) == 0) ||
(strncasecmp(msg, "/quit", 5) == 0) || (strncasecmp(msg, "/quit", 5) == 0) ||
(strncasecmp(msg, "/bye", 4) == 0)) { (strncasecmp(msg, "/bye", 4) == 0)) {
part(tmpu->pid, (char *)"Quitting"); part(tmpu->pid, (char *)"Quitting");
sprintf(buf, "Goodbye"); snprintf(buf, 200, "Goodbye");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
goto hangup; goto hangup;
} else if ((strncasecmp(msg, "/join", 5) == 0) || } else if ((strncasecmp(msg, "/join", 5) == 0) ||
@ -540,10 +540,10 @@ char *chat_put(char *data)
cmd = strtok(NULL, "\0"); cmd = strtok(NULL, "\0");
Syslog('-', "\"%s\"", cmd); Syslog('-', "\"%s\"", cmd);
if ((cmd == NULL) || (cmd[0] != '#') || (strcmp(cmd, "#") == 0)) { if ((cmd == NULL) || (cmd[0] != '#') || (strcmp(cmd, "#") == 0)) {
sprintf(buf, "** Try /join #channel"); snprintf(buf, 200, "** Try /join #channel");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
} else if (strlen(tmpu->channel)) { } else if (strlen(tmpu->channel)) {
sprintf(buf, "** Cannot join while in a channel"); snprintf(buf, 200, "** Cannot join while in a channel");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
} else { } else {
Syslog('-', "Trying to join channel %s", cmd); Syslog('-', "Trying to join channel %s", cmd);
@ -555,42 +555,42 @@ char *chat_put(char *data)
first = TRUE; first = TRUE;
for (tmpc = channels; tmpc; tmpc = tmpc->next) { for (tmpc = channels; tmpc; tmpc = tmpc->next) {
if (first) { if (first) {
sprintf(buf, "Cnt Channel name Channel topic"); snprintf(buf, 200, "Cnt Channel name Channel topic");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
sprintf(buf, "--- -------------------- ------------------------------------------------------"); snprintf(buf, 200, "--- -------------------- ------------------------------------------------------");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
} }
first = FALSE; first = FALSE;
sprintf(buf, "%3d %-20s %-54s", tmpc->users, tmpc->name, tmpc->topic); snprintf(buf, 200, "%3d %-20s %-54s", tmpc->users, tmpc->name, tmpc->topic);
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
} }
if (first) { if (first) {
sprintf(buf, "No active channels to list"); snprintf(buf, 200, "No active channels to list");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
} }
goto ack; goto ack;
} else if (strncasecmp(msg, "/names", 6) == 0) { } else if (strncasecmp(msg, "/names", 6) == 0) {
if (strlen(tmpu->channel)) { if (strlen(tmpu->channel)) {
sprintf(buf, "Present in channel %s:", tmpu->channel); snprintf(buf, 200, "Present in channel %s:", tmpu->channel);
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
sprintf(buf, "Nick Real name Flags"); snprintf(buf, 200, "Nick Real name Flags");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
sprintf(buf, "---------------------------------------- ------------------------------ -------"); snprintf(buf, 200, "---------------------------------------- ------------------------------ -------");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
count = 0; count = 0;
for (tmp = users; tmp; tmp = tmp->next) { for (tmp = users; tmp; tmp = tmp->next) {
if (strcmp(tmp->channel, tmpu->channel) == 0) { if (strcmp(tmp->channel, tmpu->channel) == 0) {
sprintf(temp, "%s@%s", tmp->nick, tmp->server); snprintf(temp, 81, "%s@%s", tmp->nick, tmp->server);
sprintf(buf, "%-40s %-30s %s", temp, tmp->realname, snprintf(buf, 200, "%-40s %-30s %s", temp, tmp->realname,
tmp->sysop ? (char *)"sysop" : (char *)""); tmp->sysop ? (char *)"sysop" : (char *)"");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
count++; count++;
} }
} }
sprintf(buf, "%d user%s in this channel", count, (count == 1) ?"":"s"); snprintf(buf, 200, "%d user%s in this channel", count, (count == 1) ?"":"s");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
} else { } else {
sprintf(buf, "** Not in a channel"); snprintf(buf, 200, "** Not in a channel");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
} }
goto ack; goto ack;
@ -598,7 +598,7 @@ char *chat_put(char *data)
cmd = strtok(msg, " \0"); cmd = strtok(msg, " \0");
cmd = strtok(NULL, "\0"); cmd = strtok(NULL, "\0");
if ((cmd == NULL) || (strlen(cmd) == 0) || (strlen(cmd) > 9)) { if ((cmd == NULL) || (strlen(cmd) == 0) || (strlen(cmd) > 9)) {
sprintf(buf, "** Nickname must be between 1 and 9 characters"); snprintf(buf, 200, "** Nickname must be between 1 and 9 characters");
} else { } else {
found = FALSE; found = FALSE;
for (tmp = users; tmp; tmp = tmp->next) { for (tmp = users; tmp; tmp = tmp->next) {
@ -609,14 +609,14 @@ char *chat_put(char *data)
if (!found ) { if (!found ) {
strncpy(tmpu->nick, cmd, 9); strncpy(tmpu->nick, cmd, 9);
sprintf(buf, "Nick set to \"%s\"", cmd); snprintf(buf, 200, "Nick set to \"%s\"", cmd);
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
send_all("NICK %s %s %s %s\r\n", tmpu->nick, tmpu->name, CFG.myfqdn, tmpu->realname); send_all("NICK %s %s %s %s\r\n", tmpu->nick, tmpu->name, CFG.myfqdn, tmpu->realname);
usrchg = TRUE; usrchg = TRUE;
chat_dump(); chat_dump();
goto ack; goto ack;
} }
sprintf(buf, "Can't set nick"); snprintf(buf, 200, "Can't set nick");
} }
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
chat_dump(); chat_dump();
@ -627,34 +627,34 @@ char *chat_put(char *data)
cmd = strtok(NULL, "\0"); cmd = strtok(NULL, "\0");
Syslog('-', "\"%s\"", printable(cmd, 0)); Syslog('-', "\"%s\"", printable(cmd, 0));
if (part(tmpu->pid, cmd ? cmd : (char *)"Quitting") == FALSE) { if (part(tmpu->pid, cmd ? cmd : (char *)"Quitting") == FALSE) {
sprintf(buf, "** Not in a channel"); snprintf(buf, 200, "** Not in a channel");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
} }
chat_dump(); chat_dump();
goto ack; goto ack;
} else if (strncasecmp(msg, "/topic", 6) == 0) { } else if (strncasecmp(msg, "/topic", 6) == 0) {
if (strlen(tmpu->channel)) { if (strlen(tmpu->channel)) {
sprintf(buf, "** Internal system error"); snprintf(buf, 200, "** Internal system error");
for (tmpc = channels; tmpc; tmpc = tmpc->next) { for (tmpc = channels; tmpc; tmpc = tmpc->next) {
if (strcmp(tmpu->channel, tmpc->name) == 0) { if (strcmp(tmpu->channel, tmpc->name) == 0) {
if ((strcmp(tmpu->name, tmpc->owner) == 0) || (strcmp(tmpu->nick, tmpc->owner) == 0)) { if ((strcmp(tmpu->name, tmpc->owner) == 0) || (strcmp(tmpu->nick, tmpc->owner) == 0)) {
cmd = strtok(msg, " \0"); cmd = strtok(msg, " \0");
cmd = strtok(NULL, "\0"); cmd = strtok(NULL, "\0");
if ((cmd == NULL) || (strlen(cmd) == 0) || (strlen(cmd) > 54)) { if ((cmd == NULL) || (strlen(cmd) == 0) || (strlen(cmd) > 54)) {
sprintf(buf, "** Topic must be between 1 and 54 characters"); snprintf(buf, 200, "** Topic must be between 1 and 54 characters");
} else { } else {
strncpy(tmpc->topic, cmd, 54); strncpy(tmpc->topic, cmd, 54);
sprintf(buf, "Topic set to \"%s\"", cmd); snprintf(buf, 200, "Topic set to \"%s\"", cmd);
send_all("TOPIC %s %s\r\n", tmpc->name, tmpc->topic); send_all("TOPIC %s %s\r\n", tmpc->name, tmpc->topic);
} }
} else { } else {
sprintf(buf, "** You are not the channel owner"); snprintf(buf, 200, "** You are not the channel owner");
} }
break; break;
} }
} }
} else { } else {
sprintf(buf, "** Not in a channel"); snprintf(buf, 200, "** Not in a channel");
} }
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
chat_dump(); chat_dump();
@ -664,7 +664,7 @@ char *chat_put(char *data)
* If still here, the command was not recognized. * If still here, the command was not recognized.
*/ */
cmd = strtok(msg, " \t\r\n\0"); cmd = strtok(msg, " \t\r\n\0");
sprintf(buf, "*** \"%s\" :Unknown command", cmd+1); snprintf(buf, 200, "*** \"%s\" :Unknown command", cmd+1);
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
goto ack; goto ack;
} }
@ -673,7 +673,7 @@ char *chat_put(char *data)
/* /*
* Trying messages while not in a channel * Trying messages while not in a channel
*/ */
sprintf(buf, "** No channel joined. Try /join #channel"); snprintf(buf, 200, "** No channel joined. Try /join #channel");
system_msg(tmpu->pid, buf); system_msg(tmpu->pid, buf);
chat_dump(); chat_dump();
goto ack; goto ack;
@ -686,15 +686,15 @@ char *chat_put(char *data)
} }
} }
Syslog('-', "Pid %s was not connected to chatserver"); Syslog('-', "Pid %s was not connected to chatserver");
sprintf(buf, "100:2,1,*** ERROR - Not connected to server;"); snprintf(buf, 200, "100:2,1,*** ERROR - Not connected to server;");
return buf; return buf;
ack: ack:
sprintf(buf, "100:0;"); snprintf(buf, 200, "100:0;");
return buf; return buf;
hangup: hangup:
sprintf(buf, "100:2,1,Disconnecting;"); snprintf(buf, 200, "100:2,1,Disconnecting;");
return buf; return buf;
} }
@ -711,12 +711,12 @@ char *chat_get(char *data)
usr_list *tmpu; usr_list *tmpu;
if (IsSema((char *)"upsalarm")) { if (IsSema((char *)"upsalarm")) {
sprintf(buf, "100:2,1,*** Power failure, running on UPS;"); snprintf(buf, 200, "100:2,1,*** Power failure, running on UPS;");
return buf; return buf;
} }
if (s_bbsopen == FALSE) { if (s_bbsopen == FALSE) {
sprintf(buf, "100:2,1,*** The BBS is closed now;"); snprintf(buf, 200, "100:2,1,*** The BBS is closed now;");
return buf; return buf;
} }
@ -735,16 +735,16 @@ char *chat_get(char *data)
/* /*
* Message is for us * Message is for us
*/ */
sprintf(buf, "100:2,0,%s;", chat_messages[tmpu->pointer].message); snprintf(buf, 200, "100:2,0,%s;", chat_messages[tmpu->pointer].message);
Syslog('-', "%s", buf); Syslog('-', "%s", buf);
return buf; return buf;
} }
} }
sprintf(buf, "100:0;"); snprintf(buf, 200, "100:0;");
return buf; return buf;
} }
} }
sprintf(buf, "100:2,1,*** ERROR - Not connected to server;"); snprintf(buf, 200, "100:2,1,*** ERROR - Not connected to server;");
return buf; return buf;
} }
@ -773,7 +773,7 @@ char *chat_checksysop(char *data)
if (atoi(pid) != tmpu->pid) { if (atoi(pid) != tmpu->pid) {
if (strlen(tmpu->channel) && (strcasecmp(tmpu->channel, "#sysop") == 0) && tmpu->sysop) { if (strlen(tmpu->channel) && (strcasecmp(tmpu->channel, "#sysop") == 0) && tmpu->sysop) {
Syslog('-', "Sending ACK on check"); Syslog('-', "Sending ACK on check");
sprintf(buf, "100:1,1;"); snprintf(buf, 20, "100:1,1;");
reg_sysoptalk(pid); reg_sysoptalk(pid);
return buf; return buf;
} }
@ -781,7 +781,7 @@ char *chat_checksysop(char *data)
} }
} }
sprintf(buf, "100:1,0;"); snprintf(buf, 20, "100:1,0;");
return buf; return buf;
} }

View File

@ -4,7 +4,7 @@
* Purpose ...............: MBSE BBS Daemon * Purpose ...............: MBSE BBS Daemon
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -58,12 +58,12 @@ int userlog(char *);
int userlog(char *param) int userlog(char *param)
{ {
char *prname, *prpid, *grade, *msg; char *prname, *prpid, *grade, *msg;
static char lfn[64], token[14]; static char lfn[PATH_MAX], token[14];
lfn[0] = '\0'; lfn[0] = '\0';
strcpy(token, strtok(param, ",")); strcpy(token, strtok(param, ","));
strcpy(token, strtok(NULL, ",")); strcpy(token, strtok(NULL, ","));
sprintf(lfn, "%s/log/%s", getenv("MBSE_ROOT"), token); snprintf(lfn, PATH_MAX, "%s/log/%s", getenv("MBSE_ROOT"), token);
prname = strtok(NULL, ","); prname = strtok(NULL, ",");
prpid = strtok(NULL, ","); prpid = strtok(NULL, ",");
grade = strtok(NULL, ","); grade = strtok(NULL, ",");
@ -111,7 +111,7 @@ char *exe_cmd(char *in)
*/ */
if (strncmp(cmd, "AINI", 4) == 0) { if (strncmp(cmd, "AINI", 4) == 0) {
if ((result = reg_newcon(token)) != -1) { if ((result = reg_newcon(token)) != -1) {
sprintf(obuf, "100:1,%d;", result); snprintf(obuf, SS_BUFSIZE, "100:1,%d;", result);
return obuf; return obuf;
} else { } else {
stat_inc_serr(); stat_inc_serr();
@ -183,7 +183,7 @@ char *exe_cmd(char *in)
*/ */
if (strncmp(cmd, "ALOG", 4) == 0) { if (strncmp(cmd, "ALOG", 4) == 0) {
if (userlog(token) != 0) if (userlog(token) != 0)
sprintf(obuf, "201:1,%d;", oserr); snprintf(obuf, SS_BUFSIZE, "201:1,%d;", oserr);
return obuf; return obuf;
} }
@ -260,7 +260,7 @@ char *exe_cmd(char *in)
*/ */
if (strncmp(cmd, "CSPM", 4) == 0) { if (strncmp(cmd, "CSPM", 4) == 0) {
if ((result = reg_spm(token))) if ((result = reg_spm(token)))
sprintf(obuf, "100:1,%d;", result); snprintf(obuf, SS_BUFSIZE, "100:1,%d;", result);
return obuf; return obuf;
} }
@ -281,7 +281,7 @@ char *exe_cmd(char *in)
*/ */
if (strncmp(cmd, "CPAG", 4) == 0) { if (strncmp(cmd, "CPAG", 4) == 0) {
if ((result = reg_page(token))) { if ((result = reg_page(token))) {
sprintf(obuf, "100:1,%d;", result); snprintf(obuf, SS_BUFSIZE, "100:1,%d;", result);
Syslog('+', "%s", obuf); Syslog('+', "%s", obuf);
} }
return obuf; return obuf;
@ -412,7 +412,7 @@ char *exe_cmd(char *in)
* 100:n,data; * 100:n,data;
*/ */
if (strncmp(cmd, "GPNG", 4) == 0) { if (strncmp(cmd, "GPNG", 4) == 0) {
sprintf(obuf, "100:%s", token); snprintf(obuf, SS_BUFSIZE, "100:%s", token);
return obuf; return obuf;
} }
@ -421,7 +421,7 @@ char *exe_cmd(char *in)
* 100:1,Version ...; * 100:1,Version ...;
*/ */
if (strncmp(cmd, "GVER", 4) == 0) { if (strncmp(cmd, "GVER", 4) == 0) {
sprintf(obuf, "100:1,Version %s;", VERSION); snprintf(obuf, SS_BUFSIZE, "100:1,Version %s;", VERSION);
return obuf; return obuf;
} }
@ -491,11 +491,11 @@ char *exe_cmd(char *in)
*/ */
if (strncmp(cmd, "SBBS", 4) == 0) { if (strncmp(cmd, "SBBS", 4) == 0) {
switch(stat_bbs_stat()) { switch(stat_bbs_stat()) {
case 0: sprintf(obuf, "100:2,0,The system is open for use;"); case 0: snprintf(obuf, SS_BUFSIZE, "100:2,0,The system is open for use;");
break; break;
case 1: sprintf(obuf, "100:2,1,The system is closed right now!;"); case 1: snprintf(obuf, SS_BUFSIZE, "100:2,1,The system is closed right now!;");
break; break;
case 2: sprintf(obuf, "100:2,2,The system is closed for Zone Mail Hour!;"); case 2: snprintf(obuf, SS_BUFSIZE, "100:2,2,The system is closed for Zone Mail Hour!;");
break; break;
} }
return obuf; return obuf;
@ -584,7 +584,7 @@ void do_cmd(char *cmd)
if (logtrans) if (logtrans)
Syslog('-', "< %s", cmd); Syslog('-', "< %s", cmd);
sprintf(buf, "%s", exe_cmd(cmd)); snprintf(buf, SS_BUFSIZE, "%s", exe_cmd(cmd));
if (logtrans) if (logtrans)
Syslog('-', "> %s", buf); Syslog('-', "> %s", buf);

View File

@ -239,7 +239,7 @@ char *disk_reset(void)
static char buf[10]; static char buf[10];
disk_reread = TRUE; disk_reread = TRUE;
sprintf(buf, "100:0;"); snprintf(buf, 10, "100:0;");
return buf; return buf;
} }
@ -263,7 +263,7 @@ char *disk_check(char *token)
/* /*
* Answer Error * Answer Error
*/ */
sprintf(buf, "100:1,3"); snprintf(buf, SS_BUFSIZE, "100:1,3");
return buf; return buf;
} }
@ -279,9 +279,9 @@ char *disk_check(char *token)
Syslog('!', "disk_check() mutex_unlock failed rc=%d", rc); Syslog('!', "disk_check() mutex_unlock failed rc=%d", rc);
if (lowest < needed) { if (lowest < needed) {
sprintf(buf, "100:2,0,%ld;", lowest); snprintf(buf, SS_BUFSIZE, "100:2,0,%ld;", lowest);
} else { } else {
sprintf(buf, "100:2,1,%ld;", lowest); snprintf(buf, SS_BUFSIZE, "100:2,1,%ld;", lowest);
} }
return buf; return buf;
} }
@ -301,7 +301,7 @@ char *disk_getfs()
buf[0] = '\0'; buf[0] = '\0';
if (mfs == NULL) { if (mfs == NULL) {
sprintf(buf, "100:0;"); snprintf(buf, SS_BUFSIZE, "100:0;");
return buf; return buf;
} }
@ -315,7 +315,7 @@ char *disk_getfs()
else else
ans = xstrcat(ans, (char *)","); ans = xstrcat(ans, (char *)",");
tt[0] = '\0'; tt[0] = '\0';
sprintf(tt, "%lu %lu %s %s %d", tmp->size, tmp->avail, tmp->mountpoint, tmp->fstype, tmp->ro); snprintf(tt, 80, "%lu %lu %s %s %d", tmp->size, tmp->avail, tmp->mountpoint, tmp->fstype, tmp->ro);
ans = xstrcat(ans, tt); ans = xstrcat(ans, tt);
if (i == 10) /* No more then 10 filesystems */ if (i == 10) /* No more then 10 filesystems */
break; break;
@ -324,9 +324,9 @@ char *disk_getfs()
Syslog('!', "disk_getfs() mutex_unlock failed rc=%d", rc); Syslog('!', "disk_getfs() mutex_unlock failed rc=%d", rc);
if (strlen(ans) > (SS_BUFSIZE - 8)) if (strlen(ans) > (SS_BUFSIZE - 8))
sprintf(buf, "100:0;"); snprintf(buf, SS_BUFSIZE, "100:0;");
else else
sprintf(buf, "100:%d%s;", i, ans); snprintf(buf, SS_BUFSIZE, "100:%d%s;", i, ans);
if (ans != NULL) if (ans != NULL)
free(ans); free(ans);
@ -426,9 +426,9 @@ void add_path(char *lpath)
* mounted filesystem that matches must be the one we seek. * mounted filesystem that matches must be the one we seek.
*/ */
if (strncmp(fs, rpath, strlen(fs)) == 0) { if (strncmp(fs, rpath, strlen(fs)) == 0) {
sprintf(fsname, "%s", fs); snprintf(fsname, PATH_MAX, "%s", fs);
fs = strtok(NULL, " \t"); fs = strtok(NULL, " \t");
sprintf(fstype, "%s", fs); snprintf(fstype, PATH_MAX, "%s", fs);
} }
} }
fclose(fp); fclose(fp);
@ -442,8 +442,8 @@ void add_path(char *lpath)
for (i = 0; i < mntsize; i++) { for (i = 0; i < mntsize; i++) {
if (strncmp(mntbuf[i].f_mntonname, rpath, strlen(mntbuf[i].f_mntonname)) == 0) { if (strncmp(mntbuf[i].f_mntonname, rpath, strlen(mntbuf[i].f_mntonname)) == 0) {
sprintf(fsname, "%s", mntbuf[i].f_mntonname); snprintf(fsname, PATH_MAX, "%s", mntbuf[i].f_mntonname);
sprintf(fstype, "%s", mntbuf[i].f_fstypename); snprintf(fstype, PATH_MAX, "%s", mntbuf[i].f_fstypename);
} }
} }
fill_mfslist(&mfs, fsname, fstype); fill_mfslist(&mfs, fsname, fstype);
@ -520,7 +520,7 @@ void *disk_thread(void)
add_path(CFG.tmaillong); add_path(CFG.tmaillong);
temp = calloc(PATH_MAX, sizeof(char )); temp = calloc(PATH_MAX, sizeof(char ));
sprintf(temp, "%s/etc/fareas.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/fareas.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r"))) { if ((fp = fopen(temp, "r"))) {
Syslog('d', "+ %s", temp); Syslog('d', "+ %s", temp);
fread(&areahdr, sizeof(areahdr), 1, fp); fread(&areahdr, sizeof(areahdr), 1, fp);
@ -537,7 +537,7 @@ void *disk_thread(void)
if (T_Shutdown) if (T_Shutdown)
break; break;
sprintf(temp, "%s/etc/mareas.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/mareas.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r"))) { if ((fp = fopen(temp, "r"))) {
Syslog('d', "+ %s", temp); Syslog('d', "+ %s", temp);
fread(&msgshdr, sizeof(msgshdr), 1, fp); fread(&msgshdr, sizeof(msgshdr), 1, fp);
@ -554,7 +554,7 @@ void *disk_thread(void)
if (T_Shutdown) if (T_Shutdown)
break; break;
sprintf(temp, "%s/etc/language.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/language.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r"))) { if ((fp = fopen(temp, "r"))) {
Syslog('d', "+ %s", temp); Syslog('d', "+ %s", temp);
fread(&langhdr, sizeof(langhdr), 1, fp); fread(&langhdr, sizeof(langhdr), 1, fp);
@ -573,7 +573,7 @@ void *disk_thread(void)
if (T_Shutdown) if (T_Shutdown)
break; break;
sprintf(temp, "%s/etc/nodes.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/nodes.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r"))) { if ((fp = fopen(temp, "r"))) {
Syslog('d', "+ %s", temp); Syslog('d', "+ %s", temp);
fread(&nodeshdr, sizeof(nodeshdr), 1, fp); fread(&nodeshdr, sizeof(nodeshdr), 1, fp);
@ -593,7 +593,7 @@ void *disk_thread(void)
if (T_Shutdown) if (T_Shutdown)
break; break;
sprintf(temp, "%s/etc/fgroups.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/fgroups.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r"))) { if ((fp = fopen(temp, "r"))) {
Syslog('d', "+ %s", temp); Syslog('d', "+ %s", temp);
fread(&fgrouphdr, sizeof(fgrouphdr), 1, fp); fread(&fgrouphdr, sizeof(fgrouphdr), 1, fp);
@ -609,7 +609,7 @@ void *disk_thread(void)
if (T_Shutdown) if (T_Shutdown)
break; break;
sprintf(temp, "%s/etc/mgroups.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/mgroups.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r"))) { if ((fp = fopen(temp, "r"))) {
Syslog('d', "+ %s", temp); Syslog('d', "+ %s", temp);
fread(&mgrouphdr, sizeof(mgrouphdr), 1, fp); fread(&mgrouphdr, sizeof(mgrouphdr), 1, fp);
@ -625,7 +625,7 @@ void *disk_thread(void)
if (T_Shutdown) if (T_Shutdown)
break; break;
sprintf(temp, "%s/etc/hatch.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/hatch.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r"))) { if ((fp = fopen(temp, "r"))) {
Syslog('d', "+ %s", temp); Syslog('d', "+ %s", temp);
fread(&hatchhdr, sizeof(hatchhdr), 1, fp); fread(&hatchhdr, sizeof(hatchhdr), 1, fp);
@ -641,7 +641,7 @@ void *disk_thread(void)
if (T_Shutdown) if (T_Shutdown)
break; break;
sprintf(temp, "%s/etc/magic.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/magic.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r"))) { if ((fp = fopen(temp, "r"))) {
Syslog('d', "+ %s", temp); Syslog('d', "+ %s", temp);
fread(&magichdr, sizeof(magichdr), 1, fp); fread(&magichdr, sizeof(magichdr), 1, fp);

View File

@ -516,7 +516,7 @@ void send_all(const char *format, ...)
va_list va_ptr; va_list va_ptr;
va_start(va_ptr, format); va_start(va_ptr, format);
vsprintf(buf, format, va_ptr); vsnprintf(buf, 512, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
@ -538,7 +538,7 @@ void broadcast(char *origin, const char *format, ...)
char buf[512]; char buf[512];
va_start(va_ptr, format); va_start(va_ptr, format);
vsprintf(buf, format, va_ptr); vsnprintf(buf, 512, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
for (tnsl = ncsl; tnsl; tnsl = tnsl->next) { for (tnsl = ncsl; tnsl; tnsl = tnsl->next) {
@ -559,7 +559,7 @@ int send_msg(ncs_list *tnsl, const char *format, ...)
va_list va_ptr; va_list va_ptr;
va_start(va_ptr, format); va_start(va_ptr, format);
vsprintf(buf, format, va_ptr); vsnprintf(buf, 512, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
Syslog('r', "> %s: %s", tnsl->server, printable(buf, 0)); Syslog('r', "> %s: %s", tnsl->server, printable(buf, 0));
@ -583,7 +583,7 @@ void check_servers(void)
struct servent *se; struct servent *se;
struct hostent *he; struct hostent *he;
sprintf(scfgfn, "%s/etc/ibcsrv.data", getenv("MBSE_ROOT")); snprintf(scfgfn, PATH_MAX, "%s/etc/ibcsrv.data", getenv("MBSE_ROOT"));
/* /*
* Check if configuration is changed, if so then apply the changes. * Check if configuration is changed, if so then apply the changes.
@ -1247,7 +1247,7 @@ int command_join(char *hostname, char *parameters)
pthread_mutex_unlock(&b_mutex); pthread_mutex_unlock(&b_mutex);
Syslog('+', "IBC: user %s joined channel %s", nick, channel); Syslog('+', "IBC: user %s joined channel %s", nick, channel);
usrchg = TRUE; usrchg = TRUE;
sprintf(msg, "* %s@%s has joined %s", nick, server, channel); snprintf(msg, 81, "* %s@%s has joined %s", nick, server, channel);
chat_msg(channel, NULL, msg); chat_msg(channel, NULL, msg);
} }
} }
@ -1306,10 +1306,10 @@ int command_part(char *hostname, char *parameters)
pthread_mutex_unlock(&b_mutex); pthread_mutex_unlock(&b_mutex);
if (message) { if (message) {
Syslog('+', "IBC: user %s left channel %s: %s", nick, channel, message); Syslog('+', "IBC: user %s left channel %s: %s", nick, channel, message);
sprintf(msg, "* %s@%s has left: %s", nick, server, message); snprintf(msg, 81, "* %s@%s has left: %s", nick, server, message);
} else { } else {
Syslog('+', "IBC: user %s left channel %s", nick, channel); Syslog('+', "IBC: user %s left channel %s", nick, channel);
sprintf(msg, "* %s@%s has silently left this channel", nick, server); snprintf(msg, 81, "* %s@%s has silently left this channel", nick, server);
} }
chat_msg(channel, NULL, msg); chat_msg(channel, NULL, msg);
usrchg = TRUE; usrchg = TRUE;
@ -1350,7 +1350,7 @@ int command_topic(char *hostname, char *parameters)
chnchg = TRUE; chnchg = TRUE;
strncpy(tmp->topic, topic, 54); strncpy(tmp->topic, topic, 54);
Syslog('+', "IBC: channel %s topic: %s", channel, topic); Syslog('+', "IBC: channel %s topic: %s", channel, topic);
sprintf(msg, "* Channel topic is now: %s", tmp->topic); snprintf(msg, 81, "* Channel topic is now: %s", tmp->topic);
chat_msg(channel, NULL, msg); chat_msg(channel, NULL, msg);
break; break;
} }

View File

@ -4,7 +4,7 @@
* Purpose ...............: Give system information * Purpose ...............: Give system information
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -44,9 +44,9 @@ char *get_sysinfo(void)
char *temp; char *temp;
time_t startdate; time_t startdate;
sprintf(buf, "201:1,16;"); snprintf(buf, SS_BUFSIZE, "201:1,16;");
temp = calloc(PATH_MAX, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/sysinfo.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/sysinfo.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) == NULL) { if ((fp = fopen(temp, "r")) == NULL) {
free(temp); free(temp);
@ -56,7 +56,7 @@ char *get_sysinfo(void)
if (fread(&SYSINFO, sizeof(SYSINFO), 1, fp) == 1) { if (fread(&SYSINFO, sizeof(SYSINFO), 1, fp) == 1) {
startdate = SYSINFO.StartDate; startdate = SYSINFO.StartDate;
sprintf(buf, "100:7,%ld,%ld,%ld,%ld,%ld,%s,%s;", SYSINFO.SystemCalls, snprintf(buf, SS_BUFSIZE, "100:7,%ld,%ld,%ld,%ld,%ld,%s,%s;", SYSINFO.SystemCalls,
SYSINFO.Pots, SYSINFO.ISDN, SYSINFO.Network, SYSINFO.Local, SYSINFO.Pots, SYSINFO.ISDN, SYSINFO.Network, SYSINFO.Local,
ctime(&startdate), SYSINFO.LastCaller); ctime(&startdate), SYSINFO.LastCaller);
} }
@ -74,17 +74,18 @@ char *get_lastcallercount(void)
char *temp; char *temp;
FILE *fp; FILE *fp;
sprintf(buf, "201:1,16;"); snprintf(buf, SS_BUFSIZE, "201:1,16;");
temp = calloc(128, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/lastcall.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/lastcall.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) == NULL) { if ((fp = fopen(temp, "r")) == NULL) {
free(temp); free(temp);
return buf; return buf;
} }
fread(&LCALLhdr, sizeof(LCALLhdr), 1, fp); fread(&LCALLhdr, sizeof(LCALLhdr), 1, fp);
fseek(fp, 0, SEEK_END); fseek(fp, 0, SEEK_END);
sprintf(buf, "100:1,%ld;", ((ftell(fp) - LCALLhdr.hdrsize) / LCALLhdr.recsize)); snprintf(buf, SS_BUFSIZE, "100:1,%ld;", ((ftell(fp) - LCALLhdr.hdrsize) / LCALLhdr.recsize));
fclose(fp); fclose(fp);
free(temp);
return buf; return buf;
} }
@ -96,9 +97,9 @@ char *get_lastcallerrec(int Rec)
char *temp, action[9]; char *temp, action[9];
FILE *fp; FILE *fp;
sprintf(buf, "201:1,16;"); snprintf(buf, SS_BUFSIZE, "201:1,16;");
temp = calloc(128, sizeof(char)); temp = calloc(PATH_MAX, sizeof(char));
sprintf(temp, "%s/etc/lastcall.data", getenv("MBSE_ROOT")); snprintf(temp, PATH_MAX, "%s/etc/lastcall.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp, "r")) == NULL) { if ((fp = fopen(temp, "r")) == NULL) {
free(temp); free(temp);
return buf; return buf;
@ -127,11 +128,12 @@ char *get_lastcallerrec(int Rec)
if (LCALL.Door) if (LCALL.Door)
action[7] = 'E'; action[7] = 'E';
action[8] = '\0'; action[8] = '\0';
sprintf(buf, "100:9,%s,%s,%d,%s,%s,%d,%d,%s,%s;", LCALL.UserName, LCALL.Location, snprintf(buf, SS_BUFSIZE, "100:9,%s,%s,%d,%s,%s,%d,%d,%s,%s;", LCALL.UserName, LCALL.Location,
LCALL.SecLevel, LCALL.Device, LCALL.TimeOn, LCALL.SecLevel, LCALL.Device, LCALL.TimeOn,
LCALL.CallTime, LCALL.Calls, LCALL.Speed, action); LCALL.CallTime, LCALL.Calls, LCALL.Speed, action);
} }
free(temp);
fclose(fp); fclose(fp);
return buf; return buf;
} }

View File

@ -4,7 +4,7 @@
* Purpose ...............: Buffers for registration information. * Purpose ...............: Buffers for registration information.
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -389,7 +389,7 @@ char *reg_ipm(char *data)
int rec; int rec;
buf[0] = '\0'; buf[0] = '\0';
sprintf(buf, "100:0;"); snprintf(buf, 128, "100:0;");
cnt = strtok(data, ","); cnt = strtok(data, ",");
pid = strtok(NULL, ";"); pid = strtok(NULL, ";");
@ -401,7 +401,7 @@ char *reg_ipm(char *data)
return buf; return buf;
buf[0] = '\0'; buf[0] = '\0';
sprintf(buf, "100:2,%s,%s;", reginfo[rec].fname[reginfo[rec].ptr_out], reginfo[rec].msg[reginfo[rec].ptr_out]); snprintf(buf, 128, "100:2,%s,%s;", reginfo[rec].fname[reginfo[rec].ptr_out], reginfo[rec].msg[reginfo[rec].ptr_out]);
if (reginfo[rec].ptr_out < RB) if (reginfo[rec].ptr_out < RB)
reginfo[rec].ptr_out++; reginfo[rec].ptr_out++;
else else
@ -463,7 +463,7 @@ int reg_spm(char *data)
if (CFG.iAutoLog && strlen(CFG.chat_log)) { if (CFG.iAutoLog && strlen(CFG.chat_log)) {
logm = calloc(PATH_MAX, sizeof(char)); logm = calloc(PATH_MAX, sizeof(char));
sprintf(logm, "%s/log/%s", getenv("MBSE_ROOT"), CFG.chat_log); snprintf(logm, PATH_MAX, "%s/log/%s", getenv("MBSE_ROOT"), CFG.chat_log);
ulog(logm, (char *)"+", from, (char *)"-1", txt); ulog(logm, (char *)"+", from, (char *)"-1", txt);
free(logm); free(logm);
} }
@ -507,9 +507,9 @@ char *reg_fre(void)
} }
if (users || utils) if (users || utils)
sprintf(buf, "100:1,Running utilities: %02d Active users: %02d;", utils, users); snprintf(buf, 80, "100:1,Running utilities: %02d Active users: %02d;", utils, users);
else else
sprintf(buf, "100:0;"); snprintf(buf, 80, "100:0;");
return buf; return buf;
} }
@ -525,7 +525,7 @@ char *get_reginfo(int first)
static char buf[256]; static char buf[256];
memset(&buf, 0, sizeof(buf)); memset(&buf, 0, sizeof(buf));
sprintf(buf, "100:0;"); snprintf(buf, 256, "100:0;");
/* /*
* Loop forever until an error occours, eof is reached or * Loop forever until an error occours, eof is reached or
@ -542,7 +542,7 @@ char *get_reginfo(int first)
return buf; return buf;
if ((int)reginfo[entrypos].pid != 0) { if ((int)reginfo[entrypos].pid != 0) {
sprintf(buf, "100:7,%d,%s,%s,%s,%s,%s,%d;", snprintf(buf, 256, "100:7,%d,%s,%s,%s,%s,%s,%d;",
reginfo[entrypos].pid, reginfo[entrypos].tty, reginfo[entrypos].pid, reginfo[entrypos].tty,
reginfo[entrypos].uname, reginfo[entrypos].prg, reginfo[entrypos].uname, reginfo[entrypos].prg,
reginfo[entrypos].city, reginfo[entrypos].doing, reginfo[entrypos].city, reginfo[entrypos].doing,
@ -633,15 +633,15 @@ char *reg_checkpage(char *data)
memset(&buf, 0, sizeof(buf)); memset(&buf, 0, sizeof(buf));
for (i = 1; i < MAXCLIENT; i++) { for (i = 1; i < MAXCLIENT; i++) {
if (reginfo[i].pid && reginfo[i].paging) { if (reginfo[i].pid && reginfo[i].paging) {
sprintf(buf, "100:3,%d,1,%s;", reginfo[i].pid, reginfo[i].reason); snprintf(buf, 128, "100:3,%d,1,%s;", reginfo[i].pid, reginfo[i].reason);
return buf; return buf;
} }
if (reginfo[i].pid && reginfo[i].haspaged) { if (reginfo[i].pid && reginfo[i].haspaged) {
sprintf(buf, "100:3,%d,0,%s;", reginfo[i].pid, reginfo[i].reason); snprintf(buf, 128, "100:3,%d,0,%s;", reginfo[i].pid, reginfo[i].reason);
return buf; return buf;
} }
} }
sprintf(buf, "100:0;"); snprintf(buf, 128, "100:0;");
return buf; return buf;
} }

View File

@ -102,7 +102,7 @@ void status_init()
size_t cnt; size_t cnt;
int stat_fd; int stat_fd;
sprintf(stat_fn, "%s/var/status.mbsed", getenv("MBSE_ROOT")); snprintf(stat_fn, PATH_MAX, "%s/var/status.mbsed", getenv("MBSE_ROOT"));
/* /*
* First check if this is the very first time we start the show. * First check if this is the very first time we start the show.
@ -224,7 +224,7 @@ int get_zmh()
#else #else
l_date = *gmtime(&Now); l_date = *gmtime(&Now);
#endif #endif
sprintf(sstime, "%02d:%02d", l_date.tm_hour, l_date.tm_min); snprintf(sstime, 6, "%02d:%02d", l_date.tm_hour, l_date.tm_min);
if ((strncmp(sstime, TCFG.zmh_start, 5) >= 0) && (strncmp(sstime, TCFG.zmh_end, 5) < 0)) { if ((strncmp(sstime, TCFG.zmh_start, 5) >= 0) && (strncmp(sstime, TCFG.zmh_end, 5) < 0)) {
if (!ZMH) { if (!ZMH) {
@ -319,7 +319,7 @@ char *stat_status()
chncnt++; chncnt++;
for (tmpu = users; tmpu; tmpu = tmpu->next) for (tmpu = users; tmpu; tmpu = tmpu->next)
usrcnt++; usrcnt++;
sprintf(buf, "100:23,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%d,%d,%d,%d,%d,%2.2f,%lu,%d,%d,%d;", snprintf(buf, 160, "100:23,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%ld,%d,%d,%d,%d,%d,%2.2f,%lu,%d,%d,%d;",
(long)status.start, (long)status.laststart, (long)status.daily, (long)status.start, (long)status.laststart, (long)status.daily,
status.startups, status.clients, status.startups, status.clients,
status.total.tot_clt, status.total.peak_clt, status.total.tot_clt, status.total.peak_clt,
@ -360,7 +360,7 @@ char *getseq(void)
buf[0] = '\0'; buf[0] = '\0';
status.sequence++; status.sequence++;
status_write(); status_write();
sprintf(buf, "100:1,%lu;", status.sequence); snprintf(buf, 80, "100:1,%lu;", status.sequence);
return buf; return buf;
} }
@ -413,7 +413,7 @@ char *sem_status(char *data)
int value; int value;
buf[0] = '\0'; buf[0] = '\0';
sprintf(buf, "200:1,16;"); snprintf(buf, 40, "200:1,16;");
cnt = strtok(data, ","); cnt = strtok(data, ",");
sem = strtok(NULL, ";"); sem = strtok(NULL, ";");
@ -442,7 +442,7 @@ char *sem_status(char *data)
return buf; return buf;
} }
sprintf(buf, "100:1,%s;", value ? "1":"0"); snprintf(buf, 40, "100:1,%s;", value ? "1":"0");
return buf; return buf;
} }
@ -456,10 +456,10 @@ char *sem_create(char *data)
cnt = strtok(data, ","); cnt = strtok(data, ",");
sem = strtok(NULL, ";"); sem = strtok(NULL, ";");
buf[0] = '\0'; buf[0] = '\0';
sprintf(buf, "200:1,16;"); snprintf(buf, 40, "200:1,16;");
if (sem_set(sem, TRUE)) if (sem_set(sem, TRUE))
sprintf(buf, "100:0;"); snprintf(buf, 40, "100:0;");
return buf; return buf;
} }
@ -474,10 +474,10 @@ char *sem_remove(char *data)
cnt = strtok(data, ","); cnt = strtok(data, ",");
sem = strtok(NULL, ";"); sem = strtok(NULL, ";");
buf[0] = '\0'; buf[0] = '\0';
sprintf(buf, "200:1,16;"); snprintf(buf, 40, "200:1,16;");
if (sem_set(sem, FALSE)) if (sem_set(sem, FALSE))
sprintf(buf, "100:0;"); snprintf(buf, 40, "100:0;");
return buf; return buf;
} }

View File

@ -4,7 +4,7 @@
* Purpose ...............: MBSE BBS Task Manager, utilities * Purpose ...............: MBSE BBS Task Manager, utilities
* *
***************************************************************************** *****************************************************************************
* Copyright (C) 1997-2004 * Copyright (C) 1997-2005
* *
* Michiel Broek FIDO: 2:280/2802 * Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10 * Beekmansbos 10
@ -75,7 +75,7 @@ char *date(void)
#else #else
ptm = *localtime(&now); ptm = *localtime(&now);
#endif #endif
sprintf(buf,"%02d-%s-%04d %02d:%02d:%02d", ptm.tm_mday, mon[ptm.tm_mon], ptm.tm_year+1900, snprintf(buf, 20, "%02d-%s-%04d %02d:%02d:%02d", ptm.tm_mday, mon[ptm.tm_mon], ptm.tm_year+1900,
ptm.tm_hour, ptm.tm_min, ptm.tm_sec); ptm.tm_hour, ptm.tm_min, ptm.tm_sec);
return(buf); return(buf);
} }
@ -92,7 +92,7 @@ char *rfcdate(time_t now)
#else #else
ptm = *localtime(&now); ptm = *localtime(&now);
#endif #endif
sprintf(buf,"%02d-%s-%04d %02d:%02d:%02d", ptm.tm_mday, mon[ptm.tm_mon], ptm.tm_year+1900, snprintf(buf, 20, "%02d-%s-%04d %02d:%02d:%02d", ptm.tm_mday, mon[ptm.tm_mon], ptm.tm_year+1900,
ptm.tm_hour, ptm.tm_min, ptm.tm_sec); ptm.tm_hour, ptm.tm_min, ptm.tm_sec);
return(buf); return(buf);
} }
@ -106,7 +106,7 @@ void WriteError(const char *format, ...)
outputstr = calloc(10240, sizeof(char)); outputstr = calloc(10240, sizeof(char));
va_start(va_ptr, format); va_start(va_ptr, format);
vsprintf(outputstr, format, va_ptr); vsnprintf(outputstr, 10240, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
Syslog('?', outputstr); Syslog('?', outputstr);
free(outputstr); free(outputstr);
@ -127,7 +127,7 @@ void Syslog(int grade, const char *format, ...)
debug = isalpha(grade); debug = isalpha(grade);
va_start(va_ptr, format); va_start(va_ptr, format);
vsprintf(outstr, format, va_ptr); vsnprintf(outstr, 1024, format, va_ptr);
va_end(va_ptr); va_end(va_ptr);
tcrc = StringCRC32(outstr); tcrc = StringCRC32(outstr);
@ -140,7 +140,7 @@ void Syslog(int grade, const char *format, ...)
if (!debug) { if (!debug) {
logname = calloc(PATH_MAX, sizeof(char)); logname = calloc(PATH_MAX, sizeof(char));
oldmask=umask(066); oldmask=umask(066);
sprintf(logname, "%s/log/mbtask.log", getenv("MBSE_ROOT")); snprintf(logname, PATH_MAX, "%s/log/mbtask.log", getenv("MBSE_ROOT"));
logfile = fopen(logname, "a"); logfile = fopen(logname, "a");
umask(oldmask); umask(oldmask);
if (logfile == NULL) { if (logfile == NULL) {
@ -152,7 +152,7 @@ void Syslog(int grade, const char *format, ...)
debugname = calloc(PATH_MAX, sizeof(char)); debugname = calloc(PATH_MAX, sizeof(char));
oldmask=umask(066); oldmask=umask(066);
sprintf(debugname, "%s/log/%s", getenv("MBSE_ROOT"), CFG.debuglog); snprintf(debugname, PATH_MAX, "%s/log/%s", getenv("MBSE_ROOT"), CFG.debuglog);
debugfile = fopen(debugname, "a"); debugfile = fopen(debugname, "a");
umask(oldmask); umask(oldmask);
if (debugfile == NULL) { if (debugfile == NULL) {
@ -287,7 +287,7 @@ void CreateSema(char *sem)
FILE *fp; FILE *fp;
int oldmask; int oldmask;
sprintf(temp, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); snprintf(temp, PATH_MAX, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem);
if (access(temp, F_OK) == 0) if (access(temp, F_OK) == 0)
return; return;
oldmask = umask(002); oldmask = umask(002);
@ -306,7 +306,7 @@ void TouchSema(char *sem)
FILE *fp; FILE *fp;
int oldmask; int oldmask;
sprintf(temp, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); snprintf(temp, PATH_MAX, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem);
oldmask = umask(002); oldmask = umask(002);
if ((fp = fopen(temp, "w"))) if ((fp = fopen(temp, "w")))
fclose(fp); fclose(fp);
@ -321,7 +321,7 @@ void RemoveSema(char *sem)
{ {
char temp[PATH_MAX]; char temp[PATH_MAX];
sprintf(temp, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); snprintf(temp, PATH_MAX, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem);
if (access(temp, F_OK)) if (access(temp, F_OK))
return; return;
if (unlink(temp) == -1) if (unlink(temp) == -1)
@ -334,7 +334,7 @@ int IsSema(char *sem)
{ {
char temp[PATH_MAX]; char temp[PATH_MAX];
sprintf(temp, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem); snprintf(temp, PATH_MAX, "%s/var/sema/%s", getenv("MBSE_ROOT"), sem);
return (access(temp, F_OK) == 0); return (access(temp, F_OK) == 0);
} }
@ -433,15 +433,15 @@ char *ascfnode(faddr *a, int fl)
buf[0] = '\0'; buf[0] = '\0';
if ((fl & 0x08) && (a->zone)) if ((fl & 0x08) && (a->zone))
sprintf(buf+strlen(buf),"%u:",a->zone); snprintf(buf+strlen(buf), 10, "%u:",a->zone);
if (fl & 0x04) if (fl & 0x04)
sprintf(buf+strlen(buf),"%u/",a->net); snprintf(buf+strlen(buf), 10, "%u/",a->net);
if (fl & 0x02) if (fl & 0x02)
sprintf(buf+strlen(buf),"%u",a->node); snprintf(buf+strlen(buf), 10, "%u",a->node);
if ((fl & 0x01) && (a->point)) if ((fl & 0x01) && (a->point))
sprintf(buf+strlen(buf),".%u",a->point); snprintf(buf+strlen(buf), 10, ".%u",a->point);
if ((fl & 0x10) && (strlen(a->domain))) if ((fl & 0x10) && (strlen(a->domain)))
sprintf(buf+strlen(buf),"@%s",a->domain); snprintf(buf+strlen(buf), 14, "@%s",a->domain);
return buf; return buf;
} }
@ -456,15 +456,15 @@ char *fido2str(fidoaddr a, int fl)
buf[0] = '\0'; buf[0] = '\0';
if ((fl & 0x08) && (a.zone)) if ((fl & 0x08) && (a.zone))
sprintf(buf+strlen(buf),"%u:",a.zone); snprintf(buf+strlen(buf), 10, "%u:",a.zone);
if (fl & 0x04) if (fl & 0x04)
sprintf(buf+strlen(buf),"%u/",a.net); snprintf(buf+strlen(buf), 10, "%u/",a.net);
if (fl & 0x02) if (fl & 0x02)
sprintf(buf+strlen(buf),"%u",a.node); snprintf(buf+strlen(buf), 10, "%u",a.node);
if ((fl & 0x01) && (a.point)) if ((fl & 0x01) && (a.point))
sprintf(buf+strlen(buf),".%u",a.point); snprintf(buf+strlen(buf), 10, ".%u",a.point);
if ((fl & 0x10) && (strlen(a.domain))) if ((fl & 0x10) && (strlen(a.domain)))
sprintf(buf+strlen(buf),"@%s",a.domain); snprintf(buf+strlen(buf), 14, "@%s",a.domain);
return buf; return buf;
} }
@ -478,7 +478,7 @@ char *Dos2Unix(char *dosname)
memset(&buf, 0, sizeof(buf)); memset(&buf, 0, sizeof(buf));
memset(&buf2, 0, sizeof(buf2)); memset(&buf2, 0, sizeof(buf2));
sprintf(buf, "%s", dosname); snprintf(buf, PATH_MAX, "%s", dosname);
p = buf; p = buf;
if (strlen(CFG.dospath)) { if (strlen(CFG.dospath)) {
@ -517,7 +517,7 @@ char *dayname(void)
#else #else
ptm = *localtime(&tt); ptm = *localtime(&tt);
#endif #endif
sprintf(buf, "%s", dow[ptm.tm_wday]); snprintf(buf, 3, "%s", dow[ptm.tm_wday]);
return buf; return buf;
} }
@ -537,7 +537,7 @@ int SearchFidonet(unsigned short zone)
char fidonet_fil[PATH_MAX]; char fidonet_fil[PATH_MAX];
int i; int i;
sprintf(fidonet_fil, "%s/etc/fidonet.data", getenv("MBSE_ROOT")); snprintf(fidonet_fil, PATH_MAX, "%s/etc/fidonet.data", getenv("MBSE_ROOT"));
if ((fil = fopen(fidonet_fil, "r")) == NULL) { if ((fil = fopen(fidonet_fil, "r")) == NULL) {
return FALSE; return FALSE;
} }
@ -603,7 +603,7 @@ char *printable(char *s, int l)
case '\n': *p++='\\'; *p++='n'; break; case '\n': *p++='\\'; *p++='n'; break;
case '\t': *p++='\\'; *p++='t'; break; case '\t': *p++='\\'; *p++='t'; break;
case '\b': *p++='\\'; *p++='b'; break; case '\b': *p++='\\'; *p++='b'; break;
default: sprintf(p,"\\%02x", (*s & 0xff)); p+=3; break; default: snprintf(p, 4, "\\%02x", (*s & 0xff)); p+=3; break;
} }
s++; s++;
} }