From owner-freebsd-audit Sun Oct 8 0: 5:30 2000 Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 899CB37B66C for ; Sun, 8 Oct 2000 00:05:22 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id AAA18479 for audit@freebsd.org; Sun, 8 Oct 2000 00:05:59 -0700 (PDT) Date: Sun, 8 Oct 2000 00:05:59 -0700 From: Kris Kennaway To: audit@freebsd.org Subject: isdnd cleanup Message-ID: <20001008000559.A18475@citusc17.usc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG There were a couple of string functions I left alone, but they all seem safe. Kris Index: controller.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/controller.c,v retrieving revision 1.6 diff -u -r1.6 controller.c --- controller.c 1999/12/14 21:07:26 1.6 +++ controller.c 2000/10/08 06:39:37 @@ -242,7 +242,7 @@ { DBGL(DL_RCCF, (log(LL_DBG, "init_active_controller, tina-dd %d: executing [%s %d]", unit, tinainitprog, unit))); - sprintf(cmdbuf, "%s %d", tinainitprog, unit); + snprintf(cmdbuf, sizeof(cmdbuf), "%s %d", tinainitprog, unit); if((ret = system(cmdbuf)) != 0) { Index: curses.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/curses.c,v retrieving revision 1.6 diff -u -r1.6 curses.c --- curses.c 1999/12/14 21:07:26 1.6 +++ curses.c 2000/10/08 06:41:26 @@ -86,7 +86,7 @@ scrollok(lower_w, 1); - sprintf(buffer, "----- isdn controller channel state ------------- isdnd %02d.%02d.%d [pid %d] -", VERSION, REL, STEP, (int)getpid()); + snprintf(buffer, sizeof(buffer), "----- isdn controller channel state ------------- isdnd %02d.%02d.%d [pid %d] -", VERSION, REL, STEP, (int)getpid()); while(strlen(buffer) < COLS) strcat(buffer, "-"); @@ -100,7 +100,7 @@ /* 01234567890123456789012345678901234567890123456789012345678901234567890123456789 */ addstr("c tei b remote iface dir outbytes obps inbytes ibps units"); - sprintf(buffer, "----- isdn userland interface state ------------------------------------------"); + snprintf(buffer, sizeof(buffer), "----- isdn userland interface state ------------------------------------------"); while(strlen(buffer) < COLS) strcat(buffer, "-"); @@ -109,7 +109,7 @@ addstr(buffer); standend(); - sprintf(buffer, "----- isdnd logfile display --------------------------------------------------"); + snprintf(buffer, sizeof(buffer), "----- isdnd logfile display --------------------------------------------------"); while(strlen(buffer) < COLS) strcat(buffer, "-"); @@ -344,16 +344,16 @@ if(aliasing) { if(cep->direction == DIR_IN) - sprintf(buffer, "%s", get_alias(cep->real_phone_incoming)); + snprintf(buffer, sizeof(buffer), "%s", get_alias(cep->real_phone_incoming)); else - sprintf(buffer, "%s", get_alias(cep->remote_phone_dialout)); + snprintf(buffer, sizeof(buffer), "%s", get_alias(cep->remote_phone_dialout)); } else { if(cep->direction == DIR_IN) - sprintf(buffer, "%s/%s", cep->name, cep->real_phone_incoming); + snprintf(buffer, sizeof(buffer), "%s/%s", cep->name, cep->real_phone_incoming); else - sprintf(buffer, "%s/%s", cep->name, cep->remote_phone_dialout); + snprintf(buffer, sizeof(buffer), "%s/%s", cep->name, cep->remote_phone_dialout); } buffer[H_IFN - H_TELN - 1] = '\0'; @@ -566,7 +566,7 @@ if((ret_channel_state(i, CHAN_B1)) == CHAN_RUN) { - sprintf(buffer, "%d - Controller %d channel %s", ncols, i, "B1"); + snprintf(buffer, sizeof(buffer), "%d - Controller %d channel %s", ncols, i, "B1"); mvwaddstr(chan_w, nlines, 2, buffer); cc[ncols - 1].cntl = i; cc[ncols - 1].chn = CHAN_B1; @@ -575,7 +575,7 @@ } if((ret_channel_state(i, CHAN_B2)) == CHAN_RUN) { - sprintf(buffer, "%d - Controller %d channel %s", ncols, i, "B2"); + snprintf(buffer, sizeof(buffer), "%d - Controller %d channel %s", ncols, i, "B2"); mvwaddstr(chan_w, nlines, 2, buffer); cc[ncols - 1].cntl = i; cc[ncols - 1].chn = CHAN_B2; Index: exec.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/exec.c,v retrieving revision 1.6 diff -u -r1.6 exec.c --- exec.c 1999/12/14 21:07:26 1.6 +++ exec.c 2000/10/08 06:42:19 @@ -112,7 +112,7 @@ pid_t pid; int a; - sprintf(path, "%s/%s", ETCPATH, prog); + snprintf(path, sizeof(path), "%s/%s", ETCPATH, prog); arglist[0] = path; @@ -159,7 +159,7 @@ /* the obvious things */ device = bdrivername(cep->usrdevicename); - sprintf(devicename, "%s%d", device, cep->usrdeviceunit); + snprintf(devicename, sizeof(devicename), "%s%d", device, cep->usrdeviceunit); *av++ = (char*)prog; *av++ = "-d"; *av++ = devicename; @@ -201,7 +201,7 @@ device = bdrivername(cep->usrdevicename); - sprintf(devicename, "/dev/i4b%s%d", device, cep->usrdeviceunit); + snprintf(devicename, sizeof(devicename), "/dev/i4b%s%d", device, cep->usrdeviceunit); argv[0] = cep->answerprog; argv[1] = "-D"; Index: log.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/log.c,v retrieving revision 1.6 diff -u -r1.6 log.c --- log.c 1999/12/14 21:07:30 1.6 +++ log.c 2000/10/08 06:42:38 @@ -104,7 +104,7 @@ char *p; char buf[64]; - sprintf(buf, "%s%d", REGPROG_DEF, i); + snprintf(buf, sizeof(buf), "%s%d", REGPROG_DEF, i); rarr[i].re_flg = 0; Index: main.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/main.c,v retrieving revision 1.8 diff -u -r1.8 main.c --- main.c 1999/12/14 21:07:30 1.8 +++ main.c 2000/10/08 06:37:39 @@ -479,7 +479,7 @@ signal(SIGCHLD, SIG_IGN); /* remove handler */ - sprintf(sbuffer, "%s%s%s%s%s%s%s%s", + snprintf(sbuffer, sizeof(sbuffer), "%s%s%s%s%s%s%s%s", "cat << ENDOFDATA | ", mailer, " -s \"i4b isdnd: fatal error, terminating\" ", @@ -773,7 +773,7 @@ { char filename[MAXPATHLEN]; - sprintf(filename, "%s%s", acctfile, rotatesuffix); + snprintf(filename, sizeof(filename), "%s%s", acctfile, rotatesuffix); if((rename(acctfile, filename)) != 0) { @@ -800,7 +800,7 @@ { char filename[MAXPATHLEN]; - sprintf(filename, "%s%s", logfile, rotatesuffix); + snprintf(filename, sizeof(filename), "%s%s", logfile, rotatesuffix); if((rename(logfile, filename)) != 0) { Index: monitor.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/monitor.c,v retrieving revision 1.8 diff -u -r1.8 monitor.c --- monitor.c 2000/05/26 02:08:22 1.8 +++ monitor.c 2000/10/08 06:43:01 @@ -664,7 +664,7 @@ char nbuf[64]; p = &cfg_entry_tab[i]; /* get ptr to enry */ - sprintf(nbuf, "%s%d ", bdrivername(p->usrdevicename), p->usrdeviceunit); + snprintf(nbuf, sizeof(nbuf), "%s%d ", bdrivername(p->usrdevicename), p->usrdeviceunit); I4B_PREP_CMD(ictrl, I4B_MON_IDEV_CODE); /*XXX*/ I4B_PUT_2B(ictrl, I4B_MON_IDEV_STATE, 1); Index: pcause.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/pcause.c,v retrieving revision 1.6 diff -u -r1.6 pcause.c --- pcause.c 1999/12/14 21:07:31 1.6 +++ pcause.c 2000/10/08 06:43:26 @@ -45,7 +45,7 @@ { static char error_message[128]; - sprintf(error_message, "%d: ", GET_CAUSE_VAL(code)); + snprintf(error_message, sizeof(error_message), "%d: ", GET_CAUSE_VAL(code)); switch(GET_CAUSE_TYPE(code)) { Index: rates.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/rates.c,v retrieving revision 1.6 diff -u -r1.6 rates.c --- rates.c 1999/12/14 21:07:31 1.6 +++ rates.c 2000/10/08 06:39:05 @@ -91,7 +91,7 @@ int readrates(char *filename) { - char buffer[1024]; + char buffer[MAXPATHLEN]; register char *bp; struct rates *rt, *ort; int rateindx; @@ -108,7 +108,7 @@ if((fp = fopen(filename, "r")) == NULL) { - sprintf(error, "error open %s: %s", filename, sys_errlist[errno]); + snprintf(error, sizeof(error), "error open %s: %s", filename, sys_errlist[errno]); rate_error = error; return(WARNING); } @@ -140,12 +140,12 @@ } else { - sprintf(error, "rates: invalid rate type %c%c%c in line %d", *bp, *(bp+1), *(bp+2), line); + snprintf(error, sizeof(error), "rates: invalid rate type %c%c%c in line %d", *bp, *(bp+1), *(bp+2), line); goto rate_error; } if (rateindx >= NRATES) { - sprintf(error, "rates: invalid rate index %d in line %d", rateindx, line); + snprintf(error, sizeof(error), "rates: invalid rate index %d in line %d", rateindx, line); goto rate_error; } @@ -159,7 +159,7 @@ } else { - sprintf(error, "rates: invalid day digit %c in line %d", *bp, line); + snprintf(error, sizeof(error), "rates: invalid day digit %c in line %d", *bp, line); goto rate_error; } @@ -168,7 +168,7 @@ rt = (struct rates *)malloc(sizeof (struct rates)); if (rt == NULL) { - sprintf(error, "rates: cannot malloc space for rate structure"); + snprintf(error, sizeof(error), "rates: cannot malloc space for rate structure"); goto rate_error; } rt->next = NULL; @@ -202,7 +202,7 @@ rt = (struct rates *)malloc(sizeof (struct rates)); if (rt == NULL) { - sprintf(error, "rates: cannot malloc space2 for rate structure"); + snprintf(error, sizeof(error), "rates: cannot malloc space2 for rate structure"); goto rate_error; } ort->next = rt; @@ -218,7 +218,7 @@ } else { - sprintf(error, "rates: start_hr error in line %d", line); + snprintf(error, sizeof(error), "rates: start_hr error in line %d", line); goto rate_error; } @@ -230,7 +230,7 @@ } else { - sprintf(error, "rates: no '.' after start_hr in line %d", line); + snprintf(error, sizeof(error), "rates: no '.' after start_hr in line %d", line); goto rate_error; } @@ -243,7 +243,7 @@ } else { - sprintf(error, "rates: start_min error in line %d", line); + snprintf(error, sizeof(error), "rates: start_min error in line %d", line); goto rate_error; } @@ -257,7 +257,7 @@ } else { - sprintf(error, "rates: no '-' after start_min in line %d", line); + snprintf(error, sizeof(error), "rates: no '-' after start_min in line %d", line); goto rate_error; } @@ -270,7 +270,7 @@ } else { - sprintf(error, "rates: end_hr error in line %d", line); + snprintf(error, sizeof(error), "rates: end_hr error in line %d", line); goto rate_error; } @@ -282,7 +282,7 @@ } else { - sprintf(error, "rates: no '.' after end_hr in line %d", line); + snprintf(error, sizeof(error), "rates: no '.' after end_hr in line %d", line); goto rate_error; } @@ -295,7 +295,7 @@ } else { - sprintf(error, "rates: end_min error in line %d", line); + snprintf(error, sizeof(error), "rates: end_min error in line %d", line); goto rate_error; } @@ -306,7 +306,7 @@ if( rt->end_time <= rt->start_time ) { - sprintf(error, "rates: end_time must be greater then start_time %d", line); + snprintf(error, sizeof(error), "rates: end_time must be greater then start_time %d", line); goto rate_error; } @@ -318,7 +318,7 @@ } else { - sprintf(error, "rates: no ':' after end_min in line %d", line); + snprintf(error, sizeof(error), "rates: no ':' after end_min in line %d", line); goto rate_error; } @@ -332,7 +332,7 @@ } else { - sprintf(error, "rates: first rate digit error in line %d", line); + snprintf(error, sizeof(error), "rates: first rate digit error in line %d", line); goto rate_error; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message