mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-01 00:18:15 +01:00
use strncpy correctly
use strncat correctly check buffer size in graph_name Change paths from /tmp to /var/run for server sockets This has been building in my tree for ages, but has remained lightly tested. Reviewed by: jkh ages ago
This commit is contained in:
parent
fff3012516
commit
f520b5e894
@ -4,7 +4,7 @@
|
||||
*
|
||||
* Written by Bill Fenner, NRL, 1994
|
||||
*
|
||||
* $Id$
|
||||
* $Id: cfparse.y,v 1.7 1997/02/22 16:06:48 peter Exp $
|
||||
*/
|
||||
#include <stdio.h>
|
||||
#ifdef __STDC__
|
||||
@ -128,6 +128,7 @@ stmt : error
|
||||
inet_fmt($2, s1));
|
||||
|
||||
strncpy(ffr.ifr_name, ifr->ifr_name, IFNAMSIZ);
|
||||
ffr.ifr_name[IFNAMSIZ-1]='\0';
|
||||
if (ioctl(udp_socket, SIOCGIFFLAGS, (char *)&ffr)<0)
|
||||
fatal("ioctl SIOCGIFFLAGS on %s",ffr.ifr_name);
|
||||
if (ffr.ifr_flags & IFF_LOOPBACK)
|
||||
@ -166,6 +167,7 @@ stmt : error
|
||||
v->uv_subnetmask= 0;
|
||||
v->uv_subnetbcast= 0;
|
||||
strncpy(v->uv_name, ffr.ifr_name, IFNAMSIZ);
|
||||
v->uv_name[IFNAMSIZ-1]='\0';
|
||||
v->uv_groups = NULL;
|
||||
v->uv_neighbors = NULL;
|
||||
v->uv_acl = NULL;
|
||||
|
@ -9,7 +9,7 @@
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] =
|
||||
"$Id$";
|
||||
"$Id: config.c,v 1.11 1998/01/16 07:17:41 charnier Exp $";
|
||||
#endif /* not lint */
|
||||
|
||||
#include "defs.h"
|
||||
@ -125,6 +125,7 @@ config_vifs_from_kernel()
|
||||
v->uv_subnetmask = mask;
|
||||
v->uv_subnetbcast = subnet | ~mask;
|
||||
strncpy(v->uv_name, ifr.ifr_name, IFNAMSIZ);
|
||||
v->uv_name[IFNAMSIZ-1] = '\0';
|
||||
v->uv_groups = NULL;
|
||||
v->uv_neighbors = NULL;
|
||||
v->uv_acl = NULL;
|
||||
|
@ -21,7 +21,7 @@
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] =
|
||||
"$Id$";
|
||||
"$Id: mapper.c,v 1.12 1998/01/16 07:17:43 charnier Exp $";
|
||||
#endif /* not lint */
|
||||
|
||||
#include <err.h>
|
||||
@ -87,7 +87,7 @@ void ask2 __P((u_int32 dst));
|
||||
int retry_requests __P((Node *node));
|
||||
char * inet_name __P((u_int32 addr));
|
||||
void print_map __P((Node *node));
|
||||
char * graph_name __P((u_int32 addr, char *buf));
|
||||
char * graph_name __P((u_int32 addr, char *buf, int len));
|
||||
void graph_edges __P((Node *node));
|
||||
void elide_aliases __P((Node *node));
|
||||
void graph_map __P((void));
|
||||
@ -192,8 +192,9 @@ log(severity, syserr, format, va_alist)
|
||||
default:
|
||||
fmt[0] = '\0';
|
||||
if (severity == LOG_WARNING)
|
||||
strcat(fmt, "warning - ");
|
||||
strncat(fmt, format, 80);
|
||||
strcpy(fmt, "warning - ");
|
||||
strncat(fmt, format, sizeof(fmt)-strlen(fmt));
|
||||
fmt[sizeof(fmt)-1]='\0';
|
||||
vfprintf(stderr, fmt, ap);
|
||||
if (syserr == 0)
|
||||
fprintf(stderr, "\n");
|
||||
@ -703,15 +704,23 @@ void print_map(node)
|
||||
}
|
||||
|
||||
|
||||
char *graph_name(addr, buf)
|
||||
char *graph_name(addr, buf, len)
|
||||
u_int32 addr;
|
||||
char *buf;
|
||||
int len;
|
||||
{
|
||||
char *name;
|
||||
|
||||
if (show_names && (name = inet_name(addr)))
|
||||
strcpy(buf, name);
|
||||
else
|
||||
if (len < sizeof("255.255.255.255")) {
|
||||
fprintf(stderr,
|
||||
"Buffer too small in graph_name, provided %d bytes, but needed %d.\n",
|
||||
len, sizeof("255.255.255.255"));
|
||||
return NULL;
|
||||
}
|
||||
if (show_names && (name = inet_name(addr))) {
|
||||
strncpy(buf, name, len - 1);
|
||||
buf[len - 1] = '\0';
|
||||
} else
|
||||
inet_fmt(addr, buf);
|
||||
|
||||
return buf;
|
||||
@ -731,7 +740,7 @@ void graph_edges(node)
|
||||
printf(" %d {$ NP %d0 %d0 $} \"%s%s\" \n",
|
||||
(int) node->addr,
|
||||
node->addr & 0xFF, (node->addr >> 8) & 0xFF,
|
||||
graph_name(node->addr, name),
|
||||
graph_name(node->addr, name, sizeof(name)),
|
||||
node->u.interfaces ? "" : "*");
|
||||
for (ifc = node->u.interfaces; ifc; ifc = ifc->next)
|
||||
for (nb = ifc->neighbors; nb; nb = nb->next) {
|
||||
|
@ -61,7 +61,7 @@
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] =
|
||||
"$Id: mrinfo.c,v 1.13 1997/09/30 06:15:08 charnier Exp $";
|
||||
"$Id: mrinfo.c,v 1.14 1998/01/16 07:17:43 charnier Exp $";
|
||||
/* original rcsid:
|
||||
"@(#) Header: mrinfo.c,v 1.6 93/04/08 15:14:16 van Exp (LBL)";
|
||||
*/
|
||||
@ -158,8 +158,9 @@ log(severity, syserr, format, va_alist)
|
||||
default:
|
||||
fmt[0] = '\0';
|
||||
if (severity == LOG_WARNING)
|
||||
strcat(fmt, "warning - ");
|
||||
strncat(fmt, format, 80);
|
||||
strcpy(fmt, "warning - ");
|
||||
strncat(fmt, format, sizeof(fmt)-strlen(fmt));
|
||||
fmt[sizeof(fmt)-1]='\0';
|
||||
vfprintf(stderr, fmt, ap);
|
||||
if (syserr == 0)
|
||||
fprintf(stderr, "\n");
|
||||
|
@ -100,7 +100,7 @@
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] =
|
||||
"$Id: mtrace.c,v 1.12 1997/09/30 06:15:16 charnier Exp $";
|
||||
"$Id: mtrace.c,v 1.13 1998/01/16 07:17:44 charnier Exp $";
|
||||
#endif
|
||||
|
||||
#include <ctype.h>
|
||||
@ -2654,8 +2654,10 @@ log(severity, syserr, format, va_alist)
|
||||
case 2: if (severity > LOG_INFO ) return;
|
||||
default:
|
||||
fmt[0] = '\0';
|
||||
if (severity == LOG_WARNING) strcat(fmt, "warning - ");
|
||||
strncat(fmt, format, 80);
|
||||
if (severity == LOG_WARNING)
|
||||
strcpy(fmt, "warning - ");
|
||||
strncat(fmt, format, sizeof(fmt)-strlen(fmt));
|
||||
fmt[sizeof(fmt)-1]='\0';
|
||||
vfprintf(stderr, fmt, ap);
|
||||
if (syserr == 0)
|
||||
fprintf(stderr, "\n");
|
||||
|
@ -24,9 +24,10 @@
|
||||
* noted when applicable.
|
||||
*/
|
||||
|
||||
#define RSRR_SERV_PATH "/tmp/.rsrr_svr"
|
||||
#define RSRR_SERV_PATH "/var/run/rsrr_svr"
|
||||
/* Note this needs to be 14 chars for 4.3 BSD compatibility */
|
||||
#define RSRR_CLI_PATH "/tmp/.rsrr_cli"
|
||||
/* Note This appears to be unused */
|
||||
#define RSRR_CLI_PATH "/var/run/rsrr_cli"
|
||||
|
||||
#define RSRR_MAX_LEN 2048
|
||||
#define RSRR_HEADER_LEN (sizeof(struct rsrr_header))
|
||||
|
@ -9,7 +9,7 @@
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] =
|
||||
"$Id$";
|
||||
"$Id: vif.c,v 1.12 1998/01/16 07:17:45 charnier Exp $";
|
||||
#endif /* not lint */
|
||||
|
||||
#include "defs.h"
|
||||
@ -42,7 +42,7 @@ static void start_vif2 __P((vifi_t vifi));
|
||||
static void stop_vif __P((vifi_t vifi));
|
||||
static void age_old_hosts __P((void));
|
||||
static void send_probe_on_vif __P((struct uvif *v));
|
||||
static int info_version __P((char *p));
|
||||
static int info_version __P((char *p, int plen));
|
||||
static void DelVif __P((void *arg));
|
||||
static int SetTimer __P((int vifi, struct listaddr *g));
|
||||
static int DeleteTimer __P((int id));
|
||||
@ -876,7 +876,7 @@ accept_info_request(src, dst, p, datalen)
|
||||
len = 0;
|
||||
switch (*p) {
|
||||
case DVMRP_INFO_VERSION:
|
||||
len = info_version(q);
|
||||
len = info_version(q, RECV_BUF_SIZE-(q-(u_char *)send_buf));
|
||||
break;
|
||||
|
||||
case DVMRP_INFO_NEIGHBORS:
|
||||
@ -901,8 +901,9 @@ accept_info_request(src, dst, p, datalen)
|
||||
* Information response -- return version string
|
||||
*/
|
||||
static int
|
||||
info_version(p)
|
||||
info_version(p, plen)
|
||||
char *p;
|
||||
int plen;
|
||||
{
|
||||
int len;
|
||||
extern char versionstring[];
|
||||
@ -911,7 +912,8 @@ info_version(p)
|
||||
p++; /* skip over length */
|
||||
*p++ = 0; /* zero out */
|
||||
*p++ = 0; /* reserved fields */
|
||||
strcpy(p, versionstring); /* XXX strncpy!!! */
|
||||
strncpy(p, versionstring, plen - 4);
|
||||
p[plen-5] = '\0';
|
||||
|
||||
len = strlen(versionstring);
|
||||
return ((len + 3) / 4);
|
||||
|
Loading…
Reference in New Issue
Block a user