Date: Sat, 26 Feb 2000 11:00:39 -0500 (EST) From: Mike Heffner <mheffner@mailandnews.com> To: FreeBSD-audit <FreeBSD-audit@freebsd.org> Subject: hylafax patch #2 (fwd) Message-ID: <XFMail.20000226110039.mheffner@mailandnews.com>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Here's a new patch for hylafax that Sean Winn sent me. Just forwarding it along incase someone has time to review. -- -----FW: <Pine.BSF.4.21.0002261941430.37894-100000@vampire.gothic.net.au>----- Date: Sat, 26 Feb 2000 19:53:29 +1100 (EST) From: Sean Winn <sean@gothic.net.au> To: Mike Heffner <spock@techfour.net> Subject: RE: hylafax patch (fwd) Cc: Kris Kennaway <kris@FreeBSD.org>, Alexander Langer <alex@big.endian.de> On Thu, 24 Feb 2000, Mike Heffner wrote: [snip] Here is the same patch with the magic numbers replaced with sizeof, and typos fixed ... it applies, compiles and installs. It still needs review of course, to make sure it's covered all the bases on strcpy/snprintf. What I've noticed is that it doesn't address any potential file races in the slightest. Whatever else is wrong with hylafax is still there; based on the number of potential problems in it already just on the strcpy/sprintf front, I'd be sure there are more. -- Sean Winn email: sean@gothic.net.au All opinions valued at $0.02, and not subject to inflation. --------------End of forwarded message------------------------- -----FW: <Pine.BSF.4.21.0002261954070.42724-200000@vampire.gothic.net.au>----- Date: Sat, 26 Feb 2000 19:55:24 +1100 (EST) From: Sean Winn <sean@gothic.net.au> To: Mike Heffner <spock@techfour.net> Subject: RE: hylafax patch (fwd) - with patch this time. Cc: Kris Kennaway <kris@FreeBSD.org>, Alexander Langer <alex@big.endian.de> On Thu, 24 Feb 2000, Mike Heffner wrote: Patch attached this time :) -- Sean Winn email: sean@gothic.net.au All opinions valued at $0.02, and not subject to inflation. --------------End of forwarded message------------------------- /**************************************** * Mike Heffner <spock@techfour.net> * * Fredericksburg, VA -- ICQ# 882073 * * Sent at: 26-Feb-2000 -- 10:53:20 EST * * http://my.ispchannel.com/~mheffner * ****************************************/ [-- Attachment #2 --] diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxalter/faxalter.c++ ./faxalter/faxalter.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxalter/faxalter.c++ Sat Feb 14 11:48:38 1998 +++ ./faxalter/faxalter.c++ Sun Feb 20 22:19:27 2000 @@ -185,7 +185,7 @@ va_list ap; va_start(ap, fmt0); char fmt[1024]; - sprintf(fmt, "%s %s\n", groups ? "JGPARM" : "JPARM", fmt0); + snprintf(fmt, sizeof fmt, "%s %s\n", groups ? "JGPARM" : "JPARM", fmt0); script.append(fxStr::vformat(fmt, ap)); va_end(ap); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/ClassModem.c++ ./faxd/ClassModem.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/ClassModem.c++ Sat Feb 14 11:49:16 1998 +++ ./faxd/ClassModem.c++ Sun Feb 20 22:19:27 2000 @@ -169,7 +169,7 @@ { protoTrace("DIAL %s", number); char buf[256]; - sprintf(buf, (const char*) conf.dialCmd, number); + snprintf(buf, sizeof buf, (const char*) conf.dialCmd, number); emsg = ""; CallStatus cs = (atCmd(buf, AT_NOTHING) ? dialResponse(emsg) : FAILURE); if (cs != OK && emsg == "") diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/FaxMachineLog.c++ ./faxd/FaxMachineLog.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/FaxMachineLog.c++ Sat Feb 14 11:49:21 1998 +++ ./faxd/FaxMachineLog.c++ Sun Feb 20 22:19:27 2000 @@ -77,7 +77,7 @@ timeval tv; (void) gettimeofday(&tv, 0); strftime(buf, sizeof (buf), "%h %d %T", localtime((time_t*) &tv.tv_sec)); - sprintf(buf+strlen(buf), ".%02u: [%5d]: ", tv.tv_usec / 10000, pid); + snprintf(buf+strlen(buf), sizeof buf - (strlen(buf)+1),".%02u: [%5d]: ", tv.tv_usec / 10000, pid); /* * Copy format string into a local buffer so * that we can substitute for %m, a la syslog. @@ -96,6 +96,6 @@ fmt.put(fp[0]); } fmt.put('\n'); fmt.put('\0'); - vsprintf(buf+strlen(buf), (const char*) fmt, ap); + vsnprintf(buf+strlen(buf), sizeof buf - (strlen(buf)+1), (const char*) fmt, ap); (void) Sys::write(fd, buf, strlen(buf)); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/FaxRecv.c++ ./faxd/FaxRecv.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/FaxRecv.c++ Sat Feb 14 11:49:23 1998 +++ ./faxd/FaxRecv.c++ Sun Feb 20 22:19:27 2000 @@ -139,7 +139,7 @@ * number file to reflect the allocation. */ (void) flock(ftmp, LOCK_EX|LOCK_NB); - sprintf(line, "%u", seqnum); + snprintf(line, sizeof line, "%u", seqnum); (void) lseek(fseqf, 0, SEEK_SET); if (Sys::write(fseqf, line, strlen(line)) != strlen(line) || ftruncate(fseqf,strlen(line))) { diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/FaxRequest.c++ ./faxd/FaxRequest.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/FaxRequest.c++ Sat Feb 14 11:49:24 1998 +++ ./faxd/FaxRequest.c++ Sun Feb 20 22:19:27 2000 @@ -679,7 +679,7 @@ FaxRequest::error(const char* fmt0 ...) { char fmt[128]; - sprintf(fmt, "%s: line %u: %s", (const char*) qfile, (u_int) lineno, fmt0); + snprintf(fmt, sizeof fmt, "%s: line %u: %s", (const char*) qfile, (u_int) lineno, fmt0); va_list ap; va_start(ap, fmt0); vlogError(fmt, ap); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/Job.c++ ./faxd/Job.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/Job.c++ Sat Feb 14 11:49:32 1998 +++ ./faxd/Job.c++ Sun Feb 20 22:19:27 2000 @@ -171,7 +171,7 @@ #define N(a) (sizeof (a) / sizeof (a[0])) if ((u_int) status >= N(names)) { static char s[30]; - sprintf(s, "status_%u", (u_int) status); + snprintf(s, sizeof s, "status_%u", (u_int) status); return (s); } else return (names[status]); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/ModemServer.c++ ./faxd/ModemServer.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/ModemServer.c++ Sat Feb 14 11:49:34 1998 +++ ./faxd/ModemServer.c++ Sun Feb 20 22:19:27 2000 @@ -604,7 +604,7 @@ } while (ftmp < 0 && errno == EEXIST && --ntry >= 0); umask(omask); if (ftmp >= 0) { - sprintf(line, "%u", seqnum); + snprintf(line, sizeof line, "%u", seqnum); (void) lseek(fseqf, 0, SEEK_SET); if (Sys::write(fseqf, line, strlen(line)) != strlen(line) || ftruncate(fseqf,strlen(line))) @@ -806,7 +806,7 @@ va_list ap; va_start(ap, fmt0); char fmt[256]; - sprintf(fmt, "MODEM %s", fmt0); + snprintf(fmt, sizeof fmt, "MODEM %s", fmt0); vtraceStatus(FAXTRACE_MODEMOPS, fmt, ap); va_end(ap); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/ServerConfig.c++ ./faxd/ServerConfig.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/ServerConfig.c++ Sat Feb 14 11:49:36 1998 +++ ./faxd/ServerConfig.c++ Sun Feb 20 22:19:27 2000 @@ -373,9 +373,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof fmt, "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof fmt, "Warning, %s.", fmt0); vlogError(fmt, ap); } @@ -384,9 +384,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof fmt, "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof fmt, "Warning, %s.", fmt0); vlogWarning(fmt, ap); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/UUCPLock.c++ ./faxd/UUCPLock.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/UUCPLock.c++ Mon Feb 21 15:19:44 2000 +++ ./faxd/UUCPLock.c++ Mon Feb 21 14:56:29 2000 @@ -313,7 +313,7 @@ AsciiUUCPLock::setPID(pid_t pid) { // XXX should this be %d or %ld? depends on pid_t - sprintf((char*) data, "%*d\n", UUCP_PIDDIGITS, pid); + snprintf((char*) data, UUCP_PIDDIGITS+2, "%*d\n", UUCP_PIDDIGITS, pid); } fxBool diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/faxApp.c++ ./faxd/faxApp.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/faxApp.c++ Sat Feb 14 11:49:39 1998 +++ ./faxd/faxApp.c++ Sun Feb 20 22:19:27 2000 @@ -231,7 +231,7 @@ logError("fcntl: %m"); } char msg[4096]; - vsprintf(msg, fmt, ap); + vsnprintf(msg, sizeof msg, fmt, ap); u_int len = strlen(msg)+1; if (Sys::write(faxqfifo, msg, len) != len) { if (errno == EBADF || errno == EPIPE) // reader expired @@ -263,7 +263,7 @@ faxApp::sendModemStatus(const char* devid, const char* fmt0 ...) { char fmt[2*1024]; - sprintf(fmt, "+%s:%s", devid, fmt0); + snprintf(fmt, sizeof fmt, "+%s:%s", devid, fmt0); va_list ap; va_start(ap, fmt0); fxBool ok = vsendQueuer(fmt, ap); @@ -278,7 +278,7 @@ faxApp::sendJobStatus(const char* jobid, const char* fmt0 ...) { char fmt[2*1024]; - sprintf(fmt, "*%s:%s", jobid, fmt0); + snprintf(fmt, sizeof fmt, "*%s:%s", jobid, fmt0); va_list ap; va_start(ap, fmt0); fxBool ok = vsendQueuer(fmt, ap); @@ -293,7 +293,7 @@ faxApp::sendRecvStatus(const char* devid, const char* fmt0 ...) { char fmt[2*1024]; - sprintf(fmt, "@%s:%s", devid, fmt0); + snprintf(fmt, sizeof fmt, "@%s:%s", devid, fmt0); va_list ap; va_start(ap, fmt0); fxBool ok = vsendQueuer(fmt, ap); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/faxQueueApp.c++ ./faxd/faxQueueApp.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/faxQueueApp.c++ Sat Feb 14 11:49:42 1998 +++ ./faxd/faxQueueApp.c++ Sun Feb 20 22:19:27 2000 @@ -971,10 +971,10 @@ * -m <maxpages> max pages to generate * -1|-2 1d or 2d encoding */ - char rbuf[20]; sprintf(rbuf, "%u", params.verticalRes()); - char wbuf[20]; sprintf(wbuf, "%u", params.pageWidth()); - char lbuf[20]; sprintf(lbuf, "%d", params.pageLength()); - char mbuf[20]; sprintf(mbuf, "%u", dci.getMaxSendPages()); + char rbuf[20]; snprintf(rbuf, sizeof rbuf, "%u", params.verticalRes()); + char wbuf[20]; snprintf(wbuf, sizeof wbuf, "%u", params.pageWidth()); + char lbuf[20]; snprintf(lbuf, sizeof lbuf, "%d", params.pageLength()); + char mbuf[20]; snprintf(mbuf, sizeof mbuf, "%u", dci.getMaxSendPages()); const char* argv[30]; int ac = 0; switch (req.op) { @@ -2726,9 +2726,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof fmt, "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof fmt, "Warning, %s.", fmt0); vlogError(fmt, ap); } @@ -2737,9 +2737,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof fmt, "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof fmt, "Warning, %s.", fmt0); vlogWarning(fmt, ap); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/trigtest.c++ ./faxd/trigtest.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/faxd/trigtest.c++ Sat Feb 14 11:49:47 1998 +++ ./faxd/trigtest.c++ Mon Feb 21 14:57:20 2000 @@ -296,7 +296,7 @@ int fd, n; char msg[256]; - sprintf(fifoName, "client/%u", getpid()); + snprintf(fifoName, sizeof fifoName, "client/%u", getpid()); if (Sys::mkfifo(fifoName, 0666) < 0 && errno != EEXIST) { perror("mkfifo"); exit(-1); @@ -309,7 +309,7 @@ unlink(fifoName); exit(-1); } - sprintf(msg, "T%s:N%s", fifoName, trigger); + snprintf(msg, sizeof msg, "T%s:N%s", fifoName, trigger); send(msg, strlen(msg)+1); for (;;) { FD_ZERO(&rd); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/hfaxd/HylaFAXServer.c++ ./hfaxd/HylaFAXServer.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/hfaxd/HylaFAXServer.c++ Sat Feb 14 11:50:02 1998 +++ ./hfaxd/HylaFAXServer.c++ Sun Feb 20 22:19:27 2000 @@ -161,9 +161,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof fmt, "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof fmt, "Warning, %s.", fmt0); vlogError(fmt, ap); } @@ -172,9 +172,9 @@ { char fmt[128]; if (module != NULL) - sprintf(fmt, "%s: Warning, %s.", module, fmt0); + snprintf(fmt, sizeof fmt, "%s: Warning, %s.", module, fmt0); else - sprintf(fmt, "Warning, %s.", fmt0); + snprintf(fmt, sizeof fmt, "Warning, %s.", fmt0); vlogWarning(fmt, ap); } @@ -530,7 +530,7 @@ filename, line); seqnum = 1; } - sprintf(line, "%u", NEXTSEQNUM(seqnum+count)); + snprintf(line, sizeof line, "%u", NEXTSEQNUM(seqnum+count)); lseek(fd, 0, SEEK_SET); if (Sys::write(fd, line, strlen(line)) != strlen(line) || ftruncate(fd,strlen(line))) { diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/hfaxd/Jobs.c++ ./hfaxd/Jobs.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/hfaxd/Jobs.c++ Sat Feb 14 11:50:05 1998 +++ ./hfaxd/Jobs.c++ Sun Feb 20 22:19:27 2000 @@ -1646,7 +1646,7 @@ fprintf(fd, fspec, (const char*) job.company); break; case 'D': - sprintf(tmpbuf, "%2u:%-2u", job.totdials, job.maxdials); + snprintf(tmpbuf, sizeof tmpbuf, "%2u:%-2u", job.totdials, job.maxdials); fprintf(fd, fspec, tmpbuf); break; case 'E': @@ -1683,7 +1683,7 @@ fprintf(fd, fspec, "N "[job.useccover]); break; case 'P': - sprintf(tmpbuf, "%2u:%-2u", job.npages, job.totpages); + snprintf(tmpbuf, sizeof tmpbuf, "%2u:%-2u", job.npages, job.totpages); fprintf(fd, fspec, tmpbuf); break; case 'Q': @@ -1696,11 +1696,11 @@ fprintf(fd, fspec, (const char*) job.sender); break; case 'T': - sprintf(tmpbuf, "%2u:%-2u", job.tottries, job.maxtries); + snprintf(tmpbuf, sizeof tmpbuf, "%2u:%-2u", job.tottries, job.maxtries); fprintf(fd, fspec, tmpbuf); break; case 'U': - sprintf(tmpbuf, "%.1f", job.chopthreshold); + snprintf(tmpbuf, sizeof tmpbuf, "%.1f", job.chopthreshold); fprintf(fd, fspec, tmpbuf); break; case 'V': diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/hfaxd/OldProtocol.c++ ./hfaxd/OldProtocol.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/hfaxd/OldProtocol.c++ Mon Feb 21 15:19:44 2000 +++ ./hfaxd/OldProtocol.c++ Sun Feb 20 22:19:28 2000 @@ -352,8 +352,8 @@ OldProtocolServer::vsendClient(const char* tag, const char* fmt, va_list ap) { char buf[2048]; - sprintf(buf, "%s:", tag); - vsprintf(strchr(buf,'\0'), fmt, ap); + snprintf(buf, sizeof buf, "%s:", tag); + vsnprintf(strchr(buf,'\0'), sizeof buf - (strchr(buf, '\0') - buf), fmt, ap); fprintf(stdout, "%s\n", buf); if (TRACE(PROTOCOL)) logDebug("%s", buf); @@ -472,19 +472,19 @@ buf[0] = '\0'; if (pwd->pw_gecos) { if (pwd->pw_gecos[0] == '&') { - strcpy(buf, pwd->pw_name); - strcat(buf, pwd->pw_gecos+1); + strlcpy(buf, pwd->pw_name, sizeof buf); + strlcat(buf, pwd->pw_gecos+1, sizeof buf); if (islower(buf[0])) buf[0] = toupper(buf[0]); } else - strcpy(buf, pwd->pw_gecos); + strlcpy(buf, pwd->pw_gecos, sizeof buf); if ((cp = strchr(buf,',')) != 0) *cp = '\0'; /* see FaxClient::setupUserIdentity; strip SysV junk */ if ((cp = strchr(buf,'(')) != 0) *cp = '\0'; } else - strcpy(buf, pwd->pw_name); + strlcpy(buf, pwd->pw_name, sizeof buf); if (TRACE(PROTOCOL)) { if (*buf) logDebug("%s user: \"%s\"", pwd->pw_name, buf); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/hfaxd/Status.c++ ./hfaxd/Status.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/hfaxd/Status.c++ Sat Feb 14 11:50:09 1998 +++ ./hfaxd/Status.c++ Sun Feb 20 22:19:28 2000 @@ -262,14 +262,14 @@ if (config.maxRecvPages == (u_int) -1) strcpy(tmpbuf, "INF"); else - sprintf(tmpbuf, "%u", config.maxRecvPages); + snprintf(tmpbuf, sizeof tmpbuf, "%u", config.maxRecvPages); fprintf(fd, fspec, config.maxRecvPages); break; case 's': fprintf(fd, fspec, (const char*) config.status); break; case 't': - sprintf(tmpbuf, "%05x:%05x", + snprintf(tmpbuf, sizeof tmpbuf, "%05x:%05x", config.tracingLevel&0xfffff, config.logTracingLevel&0xfffff); fprintf(fd, fspec, tmpbuf); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/man/config.4f ./man/config.4f --- /tmp/old/hylafax/work/hylafax-v4.0pl2/man/config.4f Sat Feb 14 11:50:46 1998 +++ ./man/config.4f Sun Feb 20 22:19:28 2000 @@ -1446,7 +1446,7 @@ The command to place a phone call. The string is assumed to be suitable for use as a parameter to the -.IR sprintf (3S) +.IR snprintf (3S) function; so the ``%'' character should be escaped as ``%%''. The dial command must include a single ``%s'' where the number that is to be dialed is to be substituted. diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/port/syslog.c ./port/syslog.c --- /tmp/old/hylafax/work/hylafax-v4.0pl2/port/syslog.c Sat Feb 14 11:50:42 1998 +++ ./port/syslog.c Mon Feb 21 15:09:07 2000 @@ -88,7 +88,7 @@ register int cnt; register char *p; time_t now, time(); - int fd, saved_errno; + int fd, saved_errno, n; char tbuf[2048], fmt_cpy[1024], *stdp, *ctime(); /* check for invalid bits or no priority set */ @@ -104,21 +104,21 @@ /* build the message */ (void)time(&now); - (void)sprintf(tbuf, "<%d>%.15s ", pri, ctime(&now) + 4); - for (p = tbuf; *p; ++p); + (void)snprintf(tbuf, sizeof tbuf, "<%d>%.15s ", pri, ctime(&now) + 4); + for (p = tbuf, n=0; *p; ++p, n++); if (LogStat & LOG_PERROR) stdp = p; if (LogTag) { (void)strcpy(p, LogTag); - for (; *p; ++p); + for (; *p; ++p, n++); } if (LogStat & LOG_PID) { - (void)sprintf(p, "[%d]", getpid()); - for (; *p; ++p); + (void)snprintf(p, sizeof tbuf - n, "[%d]", getpid()); + for (; *p; ++p, n++); } if (LogTag) { - *p++ = ':'; - *p++ = ' '; + *p++ = ':'; n++; + *p++ = ' '; n++; } /* substitute error message for %m */ @@ -137,7 +137,7 @@ *t1 = '\0'; } - (void)vsprintf(p, fmt_cpy, ap); + (void)vsnprintf(p, sizeof tbuf - n, fmt_cpy, ap); cnt = strlen(tbuf); @@ -170,7 +170,7 @@ * is the one from the syslogd failure. */ if ((fd = open(_PATH_CONSOLE, O_WRONLY, 0)) >= 0) { - (void)strcat(tbuf, "\r\n"); + (void)strlcat(tbuf, "\r\n", sizeof tbuf); cnt += 2; p = index(tbuf, '>') + 1; (void)write(fd, p, cnt - (p - tbuf)); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/port/vsyslog.c ./port/vsyslog.c --- /tmp/old/hylafax/work/hylafax-v4.0pl2/port/vsyslog.c Sat Feb 14 11:50:42 1998 +++ ./port/vsyslog.c Sun Feb 20 22:19:28 2000 @@ -49,6 +49,6 @@ *cp++ = c; *cp = '\0'; } - (void) vsprintf(tbuf, fmt_cpy, ap); + (void) vsnprintf(tbuf, sizeof tbuf, fmt_cpy, ap); (void) syslog(pri, "%s", tbuf); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/regex/engine.c ./regex/engine.c --- /tmp/old/hylafax/work/hylafax-v4.0pl2/regex/engine.c Sat Feb 14 11:48:19 1998 +++ ./regex/engine.c Sun Feb 20 22:19:28 2000 @@ -1065,9 +1065,9 @@ static char pbuf[10]; if (isprint(ch) || ch == ' ') - sprintf(pbuf, "%c", ch); + snprintf(pbuf, sizeof pbuf, "%c", ch); else - sprintf(pbuf, "\\%o", ch); + snprintf(pbuf, sizeof pbuf, "\\%o", ch); return(pbuf); } #endif diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/regex/regerror.c ./regex/regerror.c --- /tmp/old/hylafax/work/hylafax-v4.0pl2/regex/regerror.c Sat Feb 14 11:48:21 1998 +++ ./regex/regerror.c Mon Feb 21 15:03:31 2000 @@ -57,7 +57,7 @@ #endif /* === regerror.c === */ -static char *regatoi(const regex_t *preg, char *localbuf); +static char *regatoi(const regex_t *preg, char *localbuf, int maxn); #ifdef __cplusplus } @@ -126,7 +126,7 @@ char convbuf[50]; if (errcode == REG_ATOI) - s = regatoi(preg, convbuf); + s = regatoi(preg, convbuf, 50); else { for (r = rerrs; r->code != 0; r++) if (r->code == target) @@ -134,9 +134,9 @@ if (errcode®_ITOA) { if (r->code != 0) - (void) strcpy(convbuf, r->name); + (void) strlcpy(convbuf, r->name, sizeof convbuf); else - sprintf(convbuf, "REG_0x%x", target); + snprintf(convbuf, sizeof convbuf, "REG_0x%x", target); assert(strlen(convbuf) < sizeof(convbuf)); s = convbuf; } else @@ -161,9 +161,10 @@ == static char *regatoi(const regex_t *preg, char *localbuf); */ static char * -regatoi(preg, localbuf) +regatoi(preg, localbuf, maxn) const regex_t *preg; char *localbuf; +int maxn; { register struct rerr *r; @@ -173,6 +174,6 @@ if (r->code == 0) return("0"); - sprintf(localbuf, "%d", r->code); + snprintf(localbuf, maxn, "%d", r->code); return(localbuf); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/sgi2fax/imgtofax.c ./sgi2fax/imgtofax.c --- /tmp/old/hylafax/work/hylafax-v4.0pl2/sgi2fax/imgtofax.c Sat Feb 14 11:50:22 1998 +++ ./sgi2fax/imgtofax.c Sun Feb 20 22:19:28 2000 @@ -214,7 +214,7 @@ TIFFSetField(tif, TIFFTAG_PAGENUMBER, pn, npages); TIFFSetField(tif, TIFFTAG_CLEANFAXDATA, CLEANFAXDATA_CLEAN); { char buf[1024]; - sprintf(buf, "Ditherered B&W version of %s", input); + snprintf(buf, sizeof buf, "Ditherered B&W version of %s", input); TIFFSetField(tif, TIFFTAG_IMAGEDESCRIPTION, buf); } TIFFSetField(tif, TIFFTAG_SOFTWARE, "sgi2fax"); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/Class2Params.c++ ./util/Class2Params.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/Class2Params.c++ Sat Feb 14 11:47:12 1998 +++ ./util/Class2Params.c++ Mon Feb 21 15:07:12 2000 @@ -59,14 +59,15 @@ } static char* -addParam(char* cp, u_int v) +addParam(char* cp, u_int v, int *maxn) { if (v != (u_int)-1) { - sprintf(cp, ",%u", v); - while (*cp != '\0') cp++; + snprintf(cp, *maxn, ",%u", v); + while (*cp != '\0') { cp++; (*maxn)++; } } else { *cp++ = ','; *cp = '\0'; + (*maxn)++; } return (cp); } @@ -76,18 +77,19 @@ { char buf[1024]; char* cp = buf; + int n = sizeof buf; if (vr != (u_int) -1) { - sprintf(cp, "%u", vr); - while (*cp != '\0') cp++; + snprintf(cp, n, "%u", vr); + while (*cp != '\0') { cp++; n--; }; } - cp = addParam(cp, br); - cp = addParam(cp, wd); - cp = addParam(cp, ln); - cp = addParam(cp, df); - cp = addParam(cp, ec); - cp = addParam(cp, bf); - cp = addParam(cp, st); + cp = addParam(cp, br, &n); + cp = addParam(cp, wd, &n); + cp = addParam(cp, ln, &n); + cp = addParam(cp, df, &n); + cp = addParam(cp, ec, &n); + cp = addParam(cp, bf, &n); + cp = addParam(cp, st, &n); return fxStr(buf); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/FaxClient.c++ ./util/FaxClient.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/FaxClient.c++ Sat Feb 14 11:47:16 1998 +++ ./util/FaxClient.c++ Sun Feb 20 22:19:28 2000 @@ -622,7 +622,7 @@ traceServer("-> ADMIN XXXX"); else { char buf[128]; - sprintf(buf, "-> %s", fmt); + snprintf(buf, sizeof buf, "-> %s", fmt); vtraceServer(buf, ap); } } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/PageSize.c++ ./util/PageSize.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/PageSize.c++ Sat Feb 14 11:47:21 1998 +++ ./util/PageSize.c++ Sun Feb 20 22:19:28 2000 @@ -72,7 +72,7 @@ PageSizeInfo::readPageInfoFile() { char file[1024]; - sprintf(file, "%s/%s", FAX_LIBDATA, FAX_PAGESIZES); + snprintf(file, sizeof file, "%s/%s", FAX_LIBDATA, FAX_PAGESIZES); PageInfoArray* info = new PageInfoArray; FILE* fp = fopen(file, "r"); u_int lineno = 0; diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/SNPPClient.c++ ./util/SNPPClient.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/SNPPClient.c++ Sat Feb 14 11:47:25 1998 +++ ./util/SNPPClient.c++ Sun Feb 20 22:19:28 2000 @@ -638,7 +638,7 @@ traceServer("-> LOGI XXXX"); else { char buf[128]; - sprintf(buf, "-> %s", fmt); + snprintf(buf, sizeof buf, "-> %s", fmt); vtraceServer(buf, ap); } } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/StackBuffer.c++ ./util/StackBuffer.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/StackBuffer.c++ Sat Feb 14 11:47:26 1998 +++ ./util/StackBuffer.c++ Sun Feb 20 22:19:28 2000 @@ -105,7 +105,7 @@ fxStackBuffer::vput(const char* fmt, va_list ap) { char buf[8*1024]; - vsprintf(buf, fmt, ap); + vsnprintf(buf, sizeof buf, fmt, ap); put(buf); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/Str.c++ ./util/Str.c++ --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/Str.c++ Sat Feb 14 11:47:27 1998 +++ ./util/Str.c++ Sun Feb 20 22:19:28 2000 @@ -91,7 +91,7 @@ { char buffer[NUMBUFSIZE]; if (!format) format = "%d"; - sprintf(buffer,format,a); + snprintf(buffer, NUMBUFSIZE, format,a); slength = strlen(buffer) + 1; data = (char*) malloc(slength); memcpy(data,buffer,slength); @@ -101,7 +101,7 @@ { char buffer[NUMBUFSIZE]; if (!format) format = "%ld"; - sprintf(buffer,format,a); + snprintf(buffer, NUMBUFSIZE, format,a); slength = strlen(buffer) + 1; data = (char*) malloc(slength); memcpy(data,buffer,slength); @@ -111,7 +111,7 @@ { char buffer[NUMBUFSIZE]; if (!format) format = "%g"; - sprintf(buffer,format,a); + snprintf(buffer, NUMBUFSIZE, format,a); slength = strlen(buffer) + 1; fxAssert(slength>1, "Str::Str(float): bogus conversion"); data = (char*) malloc(slength); @@ -122,7 +122,7 @@ { char buffer[NUMBUFSIZE]; if (!format) format = "%lg"; - sprintf(buffer,format,a); + snprintf(buffer, NUMBUFSIZE, format,a); slength = strlen(buffer) + 1; fxAssert(slength>1, "Str::Str(double): bogus conversion"); data = (char*) malloc(slength); // XXX assume slength>1 @@ -141,7 +141,7 @@ char buf[4096]; va_list ap; va_start(ap, fmt); - vsprintf(buf, fmt, ap); + vsnprintf(buf, sizeof buf, fmt, ap); va_end(ap); return fxStr(buf); } @@ -150,7 +150,7 @@ fxStr::vformat(const char* fmt, va_list ap) { char buf[4096]; - vsprintf(buf, fmt, ap); + vsnprintf(buf, sizeof buf, fmt, ap); return fxStr(buf); } diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/Str.h ./util/Str.h --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/Str.h Sat Feb 14 11:47:50 1998 +++ ./util/Str.h Sun Feb 20 22:19:28 2000 @@ -93,8 +93,8 @@ fxStr(const fxTempStr&); ~fxStr(); - static fxStr format(const char* fmt ...); // sprintf sort of - static fxStr vformat(const char* fmt, va_list ap); // vsprintf sort of + static fxStr format(const char* fmt ...); // snprintf sort of + static fxStr vformat(const char* fmt, va_list ap); // vsnprintf sort of static fxStr null; // null string for general use ///////////////////////////////////////////////////// u_long hash() const; diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/faxconfig.c ./util/faxconfig.c --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/faxconfig.c Mon Feb 21 15:19:44 2000 +++ ./util/faxconfig.c Sun Feb 20 22:19:28 2000 @@ -83,7 +83,7 @@ if (devid[0] == FAX_FIFO[0]) strcpy(fifoname, devid); else - sprintf(fifoname, "%s.%.*s", FAX_FIFO, + snprintf(fifoname, sizeof fifoname, "%s.%.*s", FAX_FIFO, sizeof (fifoname) - sizeof (FAX_FIFO), devid); } else strcpy(fifoname, FAX_FIFO); @@ -111,10 +111,10 @@ quote = 1; cmd = malloc(strlen(argv[optind])+strlen(argv[optind+1])+10); if (quote) - sprintf(cmd, "C%s%s:\"%s\"", + snprintf(cmd, strlen(argv[optind])+strlen(argv[optind+1])+10, "C%s%s:\"%s\"", isQueuer ? ":" : "", argv[optind], argv[optind+1]); else - sprintf(cmd, "C%s%s:%s", + snprintf(cmd, strlen(argv[optind])+strlen(argv[optind+1])+10,"C%s%s:%s", isQueuer ? ":" : "", argv[optind], argv[optind+1]); if (write(fifo, cmd, strlen(cmd)) != strlen(cmd)) fatal("%s: FIFO write failed for command (%s)", diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/faxmodem.c ./util/faxmodem.c --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/faxmodem.c Mon Feb 21 15:19:44 2000 +++ ./util/faxmodem.c Sun Feb 20 22:19:28 2000 @@ -243,9 +243,9 @@ if (optind != argc-1) fatal("Missing modem device.\nusage: %s %s modem", argv[0], usage); if (strncmp(argv[optind], _PATH_DEV, strlen(_PATH_DEV)) == 0) - strcpy(devname, argv[optind]+strlen(_PATH_DEV)); + strlcpy(devname, argv[optind]+strlen(_PATH_DEV), sizeof devname); else - strcpy(devname, argv[optind]); + strlcpy(devname, argv[optind], sizeof devname); for (cp = devname; cp = strchr(cp, '/'); *cp++ = '_') ; if (chdir(spooldir) < 0) @@ -254,9 +254,9 @@ if (fifo < 0) fatal("%s: open: %s", FAX_FIFO, strerror(errno)); if (priority != -1) - sprintf(cmd, "+%s:R%c%08x:%x", devname, canpoll, caps, priority); + snprintf(cmd, sizeof cmd, "+%s:R%c%08x:%x", devname, canpoll, caps, priority); else - sprintf(cmd, "+%s:R%c%08x", devname, canpoll, caps); + snprintf(cmd, sizeof cmd, "+%s:R%c%08x", devname, canpoll, caps); if (write(fifo, cmd, strlen(cmd)) != strlen(cmd)) fatal("%s: FIFO write failed for command (%s)", argv[0], strerror(errno)); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/faxmsg.c ./util/faxmsg.c --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/faxmsg.c Mon Feb 21 15:19:44 2000 +++ ./util/faxmsg.c Sun Feb 20 22:19:28 2000 @@ -108,12 +108,12 @@ } if (optind == argc-1) { if (argv[optind][0] == FAX_FIFO[0]) - strcpy(fifoname, argv[optind]); + strlcpy(fifoname, argv[optind], sizeof fifoname); else - sprintf(fifoname, "%s.%.*s", FAX_FIFO, + snprintf(fifoname, sizeof fifoname, "%s.%.*s", FAX_FIFO, sizeof (fifoname) - sizeof (FAX_FIFO), argv[optind]); } else if (!modemRequired) { - strcpy(fifoname, FAX_FIFO); + strlcpy(fifoname, FAX_FIFO, sizeof fifoname); } else fatal("usage: %s %s", argv[0], usage); for (cp = fifoname; cp = strchr(cp, '/'); *cp++ = '_') @@ -123,7 +123,7 @@ fifo = open(fifoname, O_WRONLY|O_NDELAY); if (fifo < 0) fatal("%s: open: %s", fifoname, strerror(errno)); - sprintf(cmd, cmdfmt, arg); + snprintf(cmd, sizeof cmd, cmdfmt, arg); if (write(fifo, cmd, strlen(cmd)) != strlen(cmd)) fatal("FIFO write failed for command (%s)", strerror(errno)); (void) close(fifo); diff -ru /tmp/old/hylafax/work/hylafax-v4.0pl2/util/faxstate.c ./util/faxstate.c --- /tmp/old/hylafax/work/hylafax-v4.0pl2/util/faxstate.c Mon Feb 21 15:19:44 2000 +++ ./util/faxstate.c Sun Feb 20 22:19:28 2000 @@ -113,7 +113,7 @@ } if (optind != argc-1) fatal("Bad option `%c'; usage: %s %s modem", c, argv[0], usage); - strcpy(devid, argv[optind]); + strlcpy(devid, argv[optind], 256); for (cp = devid; cp = strchr(cp, '/'); *cp++ = '_') ; if (chdir(spooldir) < 0) @@ -126,16 +126,16 @@ fifo = open(FAX_FIFO, O_WRONLY|O_NDELAY); if (fifo < 0) fatal("%s: open: %s", FAX_FIFO, strerror(errno)); - sprintf(cmd, "+%s:%s", devid, arg); + snprintf(cmd, sizeof cmd, "+%s:%s", devid, arg); if (write(fifo, cmd, strlen(cmd)) != strlen(cmd)) fatal("FIFO write failed for command (%s)", strerror(errno)); } else { - sprintf(fifoname, "%s.%.*s", FAX_FIFO, + snprintf(fifoname, sizeof fifoname, "%s.%.*s", FAX_FIFO, sizeof (fifoname) - sizeof (FAX_FIFO), devid); fifo = open(fifoname, O_WRONLY|O_NDELAY); if (fifo < 0) fatal("%s: open: %s", fifoname, strerror(errno)); - sprintf(cmd, "S%s", arg); + snprintf(cmd, sizeof cmd, "S%s", arg); if (write(fifo, cmd, strlen(cmd)) != strlen(cmd)) fatal("FIFO write failed for command (%s)", strerror(errno)); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.20000226110039.mheffner>