hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2025-01-11 17:04:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

String buffer safety cleanup. I don't think any of these were exploitable

Browse Source 
remotely, but they would be if e.g. it happened to call the logging
function using a DNS hostname.

Also replace random() by arc4random() - only one of these is arguably
required since it's directly used in the protocol, but we might as
well replace both to avoid using two different PRNGs.

Reviewed by:	green, alex
This commit is contained in:
Kris Kennaway 2000-10-09 06:08:00 +00:00
parent b2338d532a
commit aed217b4c6
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=66858
4 changed files with 8 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
usr.sbin/mrouted/cfparse.y
View File

@ -658,7 +658,7 @@ static void
fatal(char *fmt, ...)
{
va_list ap;
char buf[200];
char buf[MAXHOSTNAMELEN + 100];
va_start(ap, fmt);
#else
@ -669,11 +669,11 @@ char *fmt;
va_dcl
{
va_list ap;
char buf[200];
char buf[MAXHOSTNAMELEN + 100];
va_start(ap);
#endif
vsprintf(buf, fmt, ap);
vsnprintf(buf, sizeof(buf), fmt, ap);
va_end(ap);
log(LOG_ERR,0,"%s: %s near line %d", configfilename, buf, lineno);
@ -699,7 +699,7 @@ va_dcl
va_start(ap);
#endif
vsprintf(buf, fmt, ap);
vsnprintf(buf, sizeof(buf), fmt, ap);
va_end(ap);
log(LOG_WARNING,0,"%s: %s near line %d", configfilename, buf, lineno);

6
usr.sbin/mrouted/main.c
View File

@ -266,8 +266,6 @@ main(argc, argv)
#ifdef SYSV
srand48(time(NULL));
#else
srandom(gethostid());
#endif
/*
@ -966,7 +964,7 @@ log(severity, syserr, format, va_alist)
va_start(ap);
#endif
vsprintf(&fmt[10], format, ap);
vsnprintf(&fmt[10], sizeof(fmt) - 10, format, ap);
va_end(ap);
msg = (severity == LOG_WARNING) ? fmt : &fmt[10];
@ -987,7 +985,7 @@ log(severity, syserr, format, va_alist)
gettimeofday(&now,NULL);
now_sec = now.tv_sec;
thyme = localtime(&now_sec);
sprintf(logmsg[logmsgno++], "%02d:%02d:%02d.%03ld %s err %d",
snprintf(logmsg[logmsgno++], LOGMSGSIZE, "%02d:%02d:%02d.%03ld %s err %d",
thyme->tm_hour, thyme->tm_min, thyme->tm_sec,
now.tv_usec / 1000, msg, syserr);
logmsgno %= NLOGMSGS;

4
usr.sbin/mrouted/mtrace.c
View File

@ -1263,7 +1263,7 @@ send_recv(dst, type, code, tries, save, callback)
#ifdef SYSV
TR_SETQID(query->tr_rttlqid, ((u_int32)lrand48() >> 8));
#else
TR_SETQID(query->tr_rttlqid, ((u_int32)random() >> 8));
TR_SETQID(query->tr_rttlqid, ((u_int32)arc4random() >> 8));
#endif
/*
@ -2745,8 +2745,6 @@ char *argv[];
seed = tv.tv_usec ^ lcl_addr;
#ifdef SYSV
srand48(seed);
#else
srandom(seed);
#endif
/*

2
usr.sbin/mrouted/prune.c
View File

@ -32,7 +32,7 @@ extern int allow_black_holes;
#ifdef SYSV
#define JITTERED_VALUE(x) ((x)/2 + (lrand48() % (x)))
#else
#define JITTERED_VALUE(x) ((x)/2 + (random() % (x)))
#define JITTERED_VALUE(x) ((x)/2 + (arc4random() % (x)))
#endif
#define CACHE_LIFETIME(x) JITTERED_VALUE(x) /* XXX */