From owner-cvs-usrsbin Thu Jan 9 23:53:33 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id XAA27821 for cvs-usrsbin-outgoing; Thu, 9 Jan 1997 23:53:33 -0800 (PST) Received: (from imp@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id XAA27814; Thu, 9 Jan 1997 23:53:31 -0800 (PST) Date: Thu, 9 Jan 1997 23:53:31 -0800 (PST) From: Warner Losh Message-Id: <199701100753.XAA27814@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-usrsbin Subject: cvs commit: src/usr.sbin/ppp alias_ftp.c arp.c auth.c ccp.c chat.c chat.h command.c ipcp.c log.c main.c modem.c os.c passwdauth.c Sender: owner-cvs-usrsbin@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk imp 97/01/09 23:53:31 Modified: usr.sbin/ppp alias_ftp.c arp.c auth.c ccp.c chat.c chat.h command.c ipcp.c log.c main.c modem.c os.c passwdauth.c Log: Fix many buffer overruns in the code. Specifically, disallow ExpandString to be used to expand things beyond the size of the buffer passed in. Also do a general cleanup of sprintf -> snprintf as well as strcpy and strncat safety. Also expand some buffers to allow for the largest possible data that might be used. This is a 2.2 candidate. However, it needs to be vetted on -current since little testing has been done on this due to my lack of PPP on this machine. Reviewed by: Jordan Hubbard, Peter Wemm, Guido van Rooij Revision Changes Path 1.2 +1 -1 src/usr.sbin/ppp/alias_ftp.c 1.7 +3 -2 src/usr.sbin/ppp/arp.c 1.8 +3 -3 src/usr.sbin/ppp/auth.c 1.8 +3 -3 src/usr.sbin/ppp/ccp.c 1.13 +43 -24 src/usr.sbin/ppp/chat.c 1.2 +2 -2 src/usr.sbin/ppp/chat.h 1.28 +7 -1 src/usr.sbin/ppp/command.c 1.11 +8 -6 src/usr.sbin/ppp/ipcp.c 1.5 +8 -7 src/usr.sbin/ppp/log.c 1.27 +2 -2 src/usr.sbin/ppp/main.c 1.27 +6 -4 src/usr.sbin/ppp/modem.c 1.10 +5 -5 src/usr.sbin/ppp/os.c 1.3 +1 -1 src/usr.sbin/ppp/passwdauth.c