Close buffer overflows. This is partially based on an old version of

the fix from OpenBSD.

Reviewed by:	markm
This commit is contained in:
Kris Kennaway 2000-01-09 07:10:04 +00:00
parent f6517190b7
commit 3ef3eb1df1
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=55635

View File

@ -8,11 +8,13 @@
* NOTICE: This is free software. I hope you get some use from this program. * NOTICE: This is free software. I hope you get some use from this program.
* In return you should think about all the nice people who give away software. * In return you should think about all the nice people who give away software.
* Maybe you should write some free software too. * Maybe you should write some free software too.
*
* $FreeBSD$
*/ */
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <strings.h> #include <string.h>
#include <ctype.h> #include <ctype.h>
#include <errno.h> #include <errno.h>
#include <unistd.h> #include <unistd.h>
@ -164,7 +166,7 @@ apply_complete()
return; return;
} }
i = fscanf(fp, "%s %d %c", class, &dn, junk); i = fscanf(fp, "%19s %d %c", class, &dn, junk);
fclose(fp); fclose(fp);
if (i != 2) if (i != 2)
{ {
@ -254,7 +256,6 @@ read_piece(char *input_file)
{ {
int status = 0; int status = 0;
FILE *ifp, *ofp = 0; FILE *ifp, *ofp = 0;
int ofd;
int decoding = 0; int decoding = 0;
int got_one = 0; int got_one = 0;
int line_no = 0; int line_no = 0;
@ -293,8 +294,9 @@ read_piece(char *input_file)
if (!decoding) if (!decoding)
{ {
char *s; char *s;
int fd = -1;
if (sscanf(line, "CTM_MAIL BEGIN %s %d %d %c", if (sscanf(line, "CTM_MAIL BEGIN %29s %d %d %c",
delta, &pce, &npieces, junk) != 3) delta, &pce, &npieces, junk) != 3)
continue; continue;
@ -303,16 +305,16 @@ read_piece(char *input_file)
got_one++; got_one++;
strcpy(tname, piece_dir); strcpy(tname, piece_dir);
strcat(tname, "/p.XXXXXX"); strcat(tname, "/p.XXXXXXXXXX");
if ((ofd = mkstemp(tname)) < 0) if ((fd = mkstemp(tname)) == -1 ||
(ofp = fdopen(fd, "w")) == NULL)
{ {
err("*mkstemp: '%s'", tname); if (fd != -1) {
status++; err("cannot open '%s' for writing", tname);
continue; close(fd);
} }
if ((ofp = fdopen(ofd, "w")) == NULL) else
{ err("*mkstemp: '%s'", tname);
err("cannot open '%s' for writing", tname);
status++; status++;
continue; continue;
} }
@ -493,20 +495,21 @@ int
combine(char *delta, int npieces, char *dname, char *pname, char *tname) combine(char *delta, int npieces, char *dname, char *pname, char *tname)
{ {
FILE *dfp, *pfp; FILE *dfp, *pfp;
int dfd;
int i, n, e; int i, n, e;
char buf[BUFSIZ]; char buf[BUFSIZ];
int fd = -1;
strcpy(tname, delta_dir); strcpy(tname, delta_dir);
strcat(tname, "/d.XXXXXX"); strcat(tname, "/d.XXXXXXXXXX");
if ((dfd = mkstemp(tname)) < 0) if ((fd = mkstemp(tname)) == -1 ||
(dfp = fdopen(fd, "w")) == NULL)
{ {
err("*mkstemp: '%s'", tname); if (fd != -1) {
return 0; close(fd);
} err("cannot open '%s' for writing", tname);
if ((dfp = fdopen(dfd, "w")) == NULL) }
{ else
err("cannot open '%s' for writing", tname); err("*mktemp: '%s'", tname);
return 0; return 0;
} }