+2000-05-01 Nalin Dahyabhai <nalin@redhat.com>
+
+ * hash/dbm.c (kdb2_dbm_open): Don't overflow buffer "path".
+
1999-08-15 Tom Yu <tlyu@mit.edu>
* README.NOT.SLEEPYCAT.DB: New file; pointer to README to
info.cachesize = 0;
info.hash = NULL;
info.lorder = 0;
- (void)strcpy(path, file);
- (void)strcat(path, DBM_SUFFIX);
+ (void)strncpy(path, file, sizeof(path) - 1);
+ path[sizeof(path) - 1] = '\0';
+ (void)strncat(path, DBM_SUFFIX, sizeof(path) - 1 - strlen(path));
return ((DBM *)__hash_open(path, flags, mode, &info, 0));
}
+2000-05-07 Miro Jurisic <meeroh@mit.edu>
+
+ * com_err.c (default_com_err_proc): use strncpy
+ where strncpy was meant (typo in Nalin's patch)
+
+2000-05-01 Nalin Dahyabhai <nalin@redhat.com>
+
+ * com_err.c (default_com_err_proc) [_MSDOS || _WIN32 ||
+ macintosh]: Don't overflow buffer "errbuf".
+
2000-02-23 Ken Raeburn <raeburn@mit.edu>
* Makefile.in (com_err.o): Depends on com_err.c.
char errbuf[1024] = "";
if (whoami) {
- strcat (errbuf, whoami);
- strcat (errbuf, ": ");
+ errbuf[sizeof(errbuf) - 1] = '\0';
+ strncat (errbuf, whoami, sizeof(errbuf) - 1 - strlen(errbuf));
+ strncat (errbuf, ": ", sizeof(errbuf) - 1 - strlen(errbuf));
}
if (code) {
- strcat (errbuf, error_message(code));
- strcat (errbuf, " ");
+ errbuf[sizeof(errbuf) - 1] = '\0';
+ strncat (errbuf, error_message(code), sizeof(errbuf) - 1 - strlen(errbuf));
+ strncat (errbuf, " ", sizeof(errbuf) - 1 - strlen(errbuf));
}
if (fmt)
vsprintf (errbuf + strlen (errbuf), fmt, ap);
+ errbuf[sizeof(errbuf) - 1] = '\0';
#ifdef macintosh
MacMessageBox(errbuf);
+1999-10-26 Tom Yu <tlyu@mit.edu>
+
+ * configure.in: Check for alpha*-dec-osf* instead of
+ alpha-dec-osf*.
+
1999-10-26 Wilfredo Sanchez <tritan@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
# Moreover, strops.h trashes sys/ioctl.h
krb5_cv_has_streams=no
;;
-alpha-dec-osf*)
+alpha*-dec-osf*)
AC_CHECK_LIB(security,main,
AC_DEFINE(HAVE_SETLUID)
LOGINLIBS="$LOGINLIBS -lsecurity"
+2000-05-01 Nalin Dahyabhai <nalin@redhat.com>
+
+ * help.c (ss_help): Don't overflow buffers "buffer" or "buf".
+ * list_rqs.c (ss_list_requests): Don't overflow buffer "buffer".
+ * mk_cmds.c (main): Don't overflow buffer "c_file".
+ * utils.c (generate_rqte): Update lengths of constant strings in
+ computing buffer size.
+
2000-02-01 Ken Raeburn <raeburn@mit.edu>
* listen.c (ss_listen): Local var END should be volatile.
return;
}
for (idx = 0; info->info_dirs[idx] != (char *)NULL; idx++) {
- (void) strcpy(buffer, info->info_dirs[idx]);
- (void) strcat(buffer, "/");
- (void) strcat(buffer, argv[1]);
- (void) strcat(buffer, ".info");
+ (void) strncpy(buffer, info->info_dirs[idx], sizeof(buffer) - 1);
+ buffer[sizeof(buffer) - 1] = '\0';
+ (void) strncat(buffer, "/", sizeof(buffer) - 1 - strlen(buffer));
+ (void) strncat(buffer, argv[1], sizeof(buffer) - 1 - strlen(buffer));
+ (void) strncat(buffer, ".info", sizeof(buffer) - 1 - strlen(buffer));
if ((fd = open(&buffer[0], O_RDONLY)) >= 0) goto got_it;
}
if ((fd = open(&buffer[0], O_RDONLY)) < 0) {
char buf[MAXPATHLEN];
- strcpy(buf, "No info found for ");
- strcat(buf, argv[1]);
+ strncpy(buf, "No info found for ", sizeof(buf) - 1);
+ buf[sizeof(buf) - 1] = '\0';
+ strncat(buf, argv[1], sizeof(buf) - 1 - strlen(buf));
ss_perror(sci_idx, 0, buf);
return;
}
buffer[0] = '\0';
if (entry->flags & SS_OPT_DONT_LIST)
continue;
+ buffer[sizeof(buffer) - 1] = '\0';
for (name = entry->command_names; *name; name++) {
register int len = strlen(*name);
- strncat(buffer, *name, len);
+ strncat(buffer, *name, sizeof(buffer) - 1 - strlen(buffer));
spacing += len + 2;
if (name[1]) {
- strcat(buffer, ", ");
+ strncat(buffer, ", ", sizeof(buffer) - 1 - strlen(buffer));
}
}
if (spacing > 23) {
- strcat(buffer, NL);
+ strncat(buffer, NL, sizeof(buffer) - 1 - strlen(buffer));
fputs(buffer, output);
spacing = 0;
buffer[0] = '\0';
}
- strncat(buffer, twentyfive_spaces, 25-spacing);
- strcat(buffer, entry->info_string);
- strcat(buffer, NL);
+ strncat(buffer, twentyfive_spaces, sizeof(buffer) - 1 - (25-spacing));
+ strncpy(buffer + 25, entry->info_string, sizeof(buffer) - 1 - 25);
+ strncat(buffer, NL, sizeof(buffer) - 1 - strlen(buffer));
fputs(buffer, output);
}
}
p = strrchr(path, '.');
*p = '\0';
q = rindex(path, '/');
- strcpy(c_file, (q) ? q + 1 : path);
- strcat(c_file, ".c");
+ strncpy(c_file, (q) ? q + 1 : path, sizeof(c_file) - 1);
+ c_file[sizeof(c_file) - 1] = '\0';
+ strncat(c_file, ".c", sizeof(c_file) - 1 - strlen(c_file));
*p = '.';
output_file = fopen(c_file, "w+");
var_name = generate_cmds_string(cmds);
generate_function_definition(func_name);
size = 6; /* " { " */
- size += strlen(var_name)+7; /* "quux, " */
- size += strlen(func_name)+7; /* "foo, " */
- size += strlen(info_string)+9; /* "\"Info!\", " */
+ size += strlen(var_name)+8; /* "quux, " */
+ size += strlen(func_name)+8; /* "foo, " */
+ size += strlen(info_string)+8; /* "\"Info!\", " */
sprintf(numbuf, "%d", options);
- size += strlen(numbuf);
- size += 4; /* " }," + NL */
- string = malloc(size * sizeof(char *));
+ size += strlen(numbuf)+5; /* " }," + NL + NUL */
+ string = malloc(size);
strcpy(string, " { ");
strcat(string, var_name);
strcat(string, ",\n ");
projects / krb5.git / commitdiff