n = '5';
} else {
if (debug) printf("%c:", safe ? 'S' : 'P');
- memcpy(ibuf, msg_data.app_data,
- msg_data.app_length);
- strcpy(&ibuf[msg_data.app_length], "\r\n");
+ if(msg_data.app_length < sizeof(ibuf) - 2) {
+ memcpy(ibuf, msg_data.app_data,
+ msg_data.app_length);
+ strcpy(&ibuf[msg_data.app_length], "\r\n");
+ } else {
+ printf("Message too long!");
+ }
continue;
}
#endif
"failed unsealing reply");
n = '5';
} else {
- memcpy(ibuf, msg_buf.value,
- msg_buf.length);
- strcpy(&ibuf[msg_buf.length], "\r\n");
+ if(msg_buf.length < sizeof(ibuf) - 2 - 1) {
+ memcpy(ibuf, msg_buf.value,
+ msg_buf.length);
+ strcpy(&ibuf[msg_buf.length], "\r\n");
+ } else {
+ user_gss_error(maj_stat, min_stat,
+ "reply was too long");
+ }
gss_release_buffer(&min_stat,&msg_buf);
continue;
}
struct stat st;
struct timeval start, stop;
register int c, d;
- FILE *fin, *dout = 0, *popen();
- int (*closefunc)(), pclose(), fclose();
- sig_t oldintr, oldintp;
- long bytes = 0, hashbytes = HASHBYTES;
- char *lmode, buf[FTP_BUFSIZ], *bufp;
+ FILE *volatile fin, *volatile dout = 0, *popen();
+ int (*volatile closefunc)(), pclose(), fclose();
+ volatile sig_t oldintr, oldintp;
+ volatile long bytes = 0, hashbytes = HASHBYTES;
+ char *volatile lmode, buf[FTP_BUFSIZ], *bufp;
sigtype abortsend();
if (verbose && printnames) {
}
recvrequest(cmd, local, remote, lmode, printnames)
- char *cmd, *local, *remote, *lmode;
+ char *cmd, *volatile local, *remote, *lmode;
{
- FILE *fout, *din = 0, *popen();
- int (*closefunc)(), pclose(), fclose();
- sig_t oldintr, oldintp;
- int is_retr, tcrflag, bare_lfs = 0;
+ FILE *volatile fout, *volatile din = 0, *popen();
+ int (*volatile closefunc)(), pclose(), fclose();
+ volatile sig_t oldintr, oldintp;
+ volatile int is_retr, tcrflag, bare_lfs = 0;
char *gunique();
static int bufsize;
static char *buf;
int blksize;
- long bytes = 0, hashbytes = HASHBYTES;
+ volatile long bytes = 0, hashbytes = HASHBYTES;
register int c, d;
struct timeval start, stop;
struct stat st;
mcase = op->mcse;
ip->ntflg = ntflag;
ntflag = op->ntflg;
- (void) strncpy(ip->nti, ntin, 16);
+ (void) strncpy(ip->nti, ntin, sizeof(ip->nti) - 1);
(ip->nti)[strlen(ip->nti)] = '\0';
- (void) strcpy(ntin, op->nti);
- (void) strncpy(ip->nto, ntout, 16);
+ (void) strncpy(ntin, op->nti, sizeof(ntin) - 1);
+ ntin[sizeof(ntin) - 1] = '\0';
+ (void) strncpy(ip->nto, ntout, sizeof(ip->nto) - 1);
(ip->nto)[strlen(ip->nto)] = '\0';
- (void) strcpy(ntout, op->nto);
+ (void) strncpy(ntout, op->nto, sizeof(ntout) - 1);
+ ntout[sizeof(ntout) - 1] = '\0';
ip->mapflg = mapflag;
mapflag = op->mapflg;
(void) strncpy(ip->mi, mapin, MAXPATHLEN - 1);
(ip->mi)[strlen(ip->mi)] = '\0';
- (void) strcpy(mapin, op->mi);
+ (void) strncpy(mapin, op->mi, sizeof(mapin) - 1);
+ mapin[sizeof(mapin) - 1] = '\0';
(void) strncpy(ip->mo, mapout, MAXPATHLEN - 1);
(ip->mo)[strlen(ip->mo)] = '\0';
- (void) strcpy(mapout, op->mo);
+ (void) strncpy(mapout, op->mo, sizeof(mapout) - 1);
+ mapout[sizeof(mapout) - 1] = '\0';
ip->authtype = auth_type;
auth_type = op->authtype;
ip->clvl = clevel;
proxtrans(cmd, local, remote)
char *cmd, *local, *remote;
{
- sig_t oldintr;
- int secndflag = 0, prox_type, nfnd;
+ volatile sig_t oldintr;
+ volatile int secndflag = 0;
+ int prox_type, nfnd;
extern jmp_buf ptabort;
- char *cmd2;
+ char *volatile cmd2;
fd_set mask;
sigtype abortpt();
fprintf(stderr, "local: %s: %s\n", local, strerror(errno));
return((char *) 0);
}
- (void) strcpy(new, local);
+ (void) strncpy(new, local, sizeof(new) - 3);
+ new[sizeof(new) - 1] = '\0';
cp = new + strlen(new);
*cp++ = '.';
while (!d) {
if (verbose)
printf("%s accepted as authentication type\n", "KERBEROS_V4");
- strcpy(inst, (char *) krb_get_phost(hostname));
+ strncpy(inst, (char *) krb_get_phost(hostname), sizeof(inst) - 1);
+ inst[sizeof(inst) - 1] = '\0';
if (realm[0] == '\0')
- strcpy(realm, (char *) krb_realmofhost(hostname));
+ strncpy(realm, (char *) krb_realmofhost(hostname), sizeof(realm) - 1);
+ realm[sizeof(realm) - 1] = '\0';
if ((kerror = krb_mk_req(&ticket, service = "ftp",
inst, realm, checksum))
&& (kerror != KDC_PR_UNKNOWN ||