- replaced a lot of strcpy() calls with strlcpy() which is more secure.

This commit is contained in:
Alexander Barton 2002-12-26 17:04:54 +00:00
parent 6626395c88
commit 695631b298
10 changed files with 28 additions and 27 deletions

View File

@ -17,7 +17,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: client.c,v 1.69 2002/12/26 16:48:14 alex Exp $";
static char UNUSED id[] = "$Id: client.c,v 1.70 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -86,7 +86,7 @@ Client_Init( VOID )
gethostname( This_Server->host, CLIENT_HOST_LEN );
h = gethostbyname( This_Server->host );
if( h ) strcpy( This_Server->host, h->h_name );
if( h ) strlcpy( This_Server->host, h->h_name, sizeof( This_Server->host ));
Client_SetID( This_Server, Conf_ServerName );
Client_SetInfo( This_Server, Conf_ServerInfo );
@ -175,7 +175,7 @@ Client_New( CONN_ID Idx, CLIENT *Introducer, CLIENT *TopServer, INT Type, CHAR *
if( Type == CLIENT_SERVER ) Generate_MyToken( client );
/* ist der User away? */
if( strchr( client->modes, 'a' )) strcpy( client->away, DEFAULT_AWAY_MSG );
if( strchr( client->modes, 'a' )) strlcpy( client->away, DEFAULT_AWAY_MSG, sizeof( client->away ));
/* Verketten */
client->next = (POINTER *)My_Clients;

View File

@ -14,7 +14,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: conf.c,v 1.50 2002/12/26 16:48:14 alex Exp $";
static char UNUSED id[] = "$Id: conf.c,v 1.51 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -235,7 +235,7 @@ Read_Config( VOID )
/* Is this the beginning of a new section? */
if(( str[0] == '[' ) && ( str[strlen( str ) - 1] == ']' ))
{
strcpy( section, str );
strlcpy( section, str, sizeof( section ));
if( strcasecmp( section, "[GLOBAL]" ) == 0 ) continue;
if( strcasecmp( section, "[OPERATOR]" ) == 0 )
{

View File

@ -14,7 +14,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: conn.c,v 1.108 2002/12/26 16:48:14 alex Exp $";
static char UNUSED id[] = "$Id: conn.c,v 1.109 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -1251,7 +1251,7 @@ New_Connection( INT Sock )
Log( LOG_INFO, "Accepted connection %d from %s:%d on socket %d.", idx, inet_ntoa( new_addr.sin_addr ), ntohs( new_addr.sin_port), Sock );
/* Hostnamen ermitteln */
strcpy( My_Connections[idx].host, inet_ntoa( new_addr.sin_addr ));
strlcpy( My_Connections[idx].host, inet_ntoa( new_addr.sin_addr ), sizeof( My_Connections[idx].host ));
Client_SetHostname( c, My_Connections[idx].host );
s = Resolve_Addr( &new_addr );
if( s )
@ -1588,8 +1588,8 @@ Check_Servers( VOID )
/* Hostnamen in IP aufloesen (Default bzw. im Fehlerfall: versuchen, den
* konfigurierten Text direkt als IP-Adresse zu verwenden ... */
strcpy( Conf_Server[My_Connections[idx].our_server].ip, Conf_Server[i].host );
strcpy( My_Connections[idx].host, Conf_Server[i].host );
strlcpy( Conf_Server[My_Connections[idx].our_server].ip, Conf_Server[i].host, sizeof( Conf_Server[My_Connections[idx].our_server].ip ));
strlcpy( My_Connections[idx].host, Conf_Server[i].host, sizeof( My_Connections[idx].host ));
s = Resolve_Name( Conf_Server[i].host );
if( s )
{
@ -1677,7 +1677,7 @@ New_Server( INT Server, CONN_ID Idx )
/* Verbindung registrieren */
My_Connections[Idx].sock = new_sock;
My_Connections[Idx].addr = new_addr;
strcpy( My_Connections[Idx].host, Conf_Server[Server].host );
strlcpy( My_Connections[Idx].host, Conf_Server[Server].host, sizeof( My_Connections[Idx].host ));
/* Neuen Socket registrieren */
FD_SET( new_sock, &My_Sockets );
@ -1799,14 +1799,14 @@ Read_Resolver_Result( INT r_fd )
/* Eingehende Verbindung: Hostnamen setzen */
c = Client_GetFromConn( i );
assert( c != NULL );
strcpy( My_Connections[i].host, result );
strlcpy( My_Connections[i].host, result, sizeof( My_Connections[i].host ));
Client_SetHostname( c, result );
}
else
{
/* Ausgehende Verbindung (=Server): IP setzen */
assert( My_Connections[i].our_server > NONE );
strcpy( Conf_Server[My_Connections[i].our_server].ip, result );
strlcpy( Conf_Server[My_Connections[i].our_server].ip, result, sizeof( Conf_Server[My_Connections[i].our_server].ip ));
}
/* Penalty-Zeit zurueck setzen */

View File

@ -14,7 +14,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: irc-channel.c,v 1.21 2002/12/16 23:06:46 alex Exp $";
static char UNUSED id[] = "$Id: irc-channel.c,v 1.22 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -179,7 +179,7 @@ IRC_JOIN( CLIENT *Client, REQUEST *Req )
if(( strchr( Channel_Modes( chan ), 'P' )) && ( strchr( Client_Modes( target ), 'o' ))) Channel_UserModeAdd( chan, target, 'o' );
/* Muessen Modes an andere Server gemeldet werden? */
strcpy( &modes[1], Channel_UserModes( chan, target ));
strlcpy( &modes[1], Channel_UserModes( chan, target ), sizeof( modes ) - 1 );
if( modes[1] ) modes[0] = 0x7;
else modes[0] = '\0';

View File

@ -14,7 +14,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: irc-mode.c,v 1.25 2002/12/26 16:48:14 alex Exp $";
static char UNUSED id[] = "$Id: irc-mode.c,v 1.26 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -392,7 +392,7 @@ Channel_Mode( CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel )
{
Channel_ModeDel( Channel, 'k' );
Channel_SetKey( Channel, Req->argv[arg_arg] );
strcpy( argadd, Channel_Key( Channel ));
strlcpy( argadd, Channel_Key( Channel ), sizeof( argadd ));
x[0] = *mode_ptr;
}
else ok = IRC_WriteStrClient( Origin, ERR_CHANOPRIVSNEEDED_MSG, Client_ID( Origin ), Channel_Name( Channel ));

View File

@ -14,7 +14,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: irc-server.c,v 1.26 2002/12/26 16:48:14 alex Exp $";
static char UNUSED id[] = "$Id: irc-server.c,v 1.27 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -314,7 +314,7 @@ IRC_NJOIN( CLIENT *Client, REQUEST *Req )
IRC_WriteStrChannelPrefix( Client, chan, c, FALSE, "JOIN :%s", channame );
/* Channel-User-Modes setzen */
strcpy( modes, Channel_UserModes( chan, c ));
strlcpy( modes, Channel_UserModes( chan, c ), sizeof( modes ));
if( modes[0] )
{
/* Modes im Channel bekannt machen */

View File

@ -14,7 +14,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: irc.c,v 1.107 2002/12/12 12:24:18 alex Exp $";
static char UNUSED id[] = "$Id: irc.c,v 1.108 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -74,7 +74,7 @@ IRC_KILL( CLIENT *Client, REQUEST *Req )
/* build reason string */
if( Client_Type( Client ) == CLIENT_USER ) sprintf( reason, "KILLed by %s: %s", Client_ID( Client ), Req->argv[1] );
else strcpy( reason, Req->argv[1] );
else strlcpy( reason, Req->argv[1], sizeof( reason ));
/* andere Server benachrichtigen */
IRC_WriteStrServersPrefix( Client, prefix, "KILL %s :%s", Req->argv[0], reason );

View File

@ -14,7 +14,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: ngircd.c,v 1.68 2002/12/26 16:48:14 alex Exp $";
static char UNUSED id[] = "$Id: ngircd.c,v 1.69 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -399,6 +399,7 @@ NGIRCd_Rehash( VOID )
Conn_ExitListeners( );
/* Alten Server-Namen merken */
assert( sizeof( old_name ) == sizeof( Conf_ServerName ));
strcpy( old_name, Conf_ServerName );
/* Konfiguration neu lesen ... */

View File

@ -14,7 +14,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: parse.c,v 1.53 2002/12/26 16:48:14 alex Exp $";
static char UNUSED id[] = "$Id: parse.c,v 1.54 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -360,7 +360,7 @@ Handle_Request( CONN_ID Idx, REQUEST *Req )
}
/* Statuscode weiterleiten */
strcpy( str, Req->command );
strlcpy( str, Req->command, sizeof( str ));
for( i = 0; i < Req->argc; i++ )
{
if( i < Req->argc - 1 ) strlcat( str, " ", sizeof( str ));

View File

@ -14,7 +14,7 @@
#include "portab.h"
static char UNUSED id[] = "$Id: resolve.c,v 1.4 2002/12/12 12:24:18 alex Exp $";
static char UNUSED id[] = "$Id: resolve.c,v 1.5 2002/12/26 17:04:54 alex Exp $";
#include "imp.h"
#include <assert.h>
@ -174,7 +174,7 @@ Do_ResolveAddr( struct sockaddr_in *Addr, INT w_fd )
/* Namen aufloesen */
h = gethostbyaddr( (CHAR *)&Addr->sin_addr, sizeof( Addr->sin_addr ), AF_INET );
if( h ) strcpy( hostname, h->h_name );
if( h ) strlcpy( hostname, h->h_name, sizeof( hostname ));
else
{
#ifdef h_errno
@ -182,7 +182,7 @@ Do_ResolveAddr( struct sockaddr_in *Addr, INT w_fd )
#else
Log_Resolver( LOG_WARNING, "Can't resolve address \"%s\"!", inet_ntoa( Addr->sin_addr ));
#endif
strcpy( hostname, inet_ntoa( Addr->sin_addr ));
strlcpy( hostname, inet_ntoa( Addr->sin_addr ), sizeof( hostname ));
}
/* Antwort an Parent schreiben */
@ -213,7 +213,7 @@ Do_ResolveName( CHAR *Host, INT w_fd )
if( h )
{
addr = (struct in_addr *)h->h_addr;
strcpy( ip, inet_ntoa( *addr ));
strlcpy( ip, inet_ntoa( *addr ), sizeof( ip ));
}
else
{