1
0
mirror of https://github.com/osmarks/ngircd.git synced 2025-01-07 14:20:29 +00:00

- replaced some calls to sprintf() with snprintf() -- more secure :-)

This commit is contained in:
Alexander Barton 2002-12-26 17:14:48 +00:00
parent 695631b298
commit b316c380ad
5 changed files with 20 additions and 20 deletions

View File

@ -17,7 +17,7 @@
#include "portab.h" #include "portab.h"
static char UNUSED id[] = "$Id: client.c,v 1.70 2002/12/26 17:04:54 alex Exp $"; static char UNUSED id[] = "$Id: client.c,v 1.71 2002/12/26 17:14:48 alex Exp $";
#include "imp.h" #include "imp.h"
#include <assert.h> #include <assert.h>
@ -203,7 +203,7 @@ Client_Destroy( CLIENT *Client, CHAR *LogMsg, CHAR *FwdMsg, BOOLEAN SendQuit )
if( ! txt ) txt = "Reason unknown."; if( ! txt ) txt = "Reason unknown.";
/* Netz-Split-Nachricht vorbereiten (noch nicht optimal) */ /* Netz-Split-Nachricht vorbereiten (noch nicht optimal) */
if( Client->type == CLIENT_SERVER ) sprintf( msg, "%s: lost server %s", This_Server->id, Client->id ); if( Client->type == CLIENT_SERVER ) snprintf( msg, sizeof( msg ), "%s: lost server %s", This_Server->id, Client->id );
last = NULL; last = NULL;
c = My_Clients; c = My_Clients;
@ -799,7 +799,7 @@ Client_CheckID( CLIENT *Client, CHAR *ID )
if( strcasecmp( c->id, ID ) == 0 ) if( strcasecmp( c->id, ID ) == 0 )
{ {
/* die Server-ID gibt es bereits */ /* die Server-ID gibt es bereits */
sprintf( str, "ID \"%s\" already registered", ID ); snprintf( str, sizeof( str ), "ID \"%s\" already registered", ID );
if( Client->conn_id != c->conn_id ) Log( LOG_ERR, "%s (on connection %d)!", str, c->conn_id ); if( Client->conn_id != c->conn_id ) Log( LOG_ERR, "%s (on connection %d)!", str, c->conn_id );
else Log( LOG_ERR, "%s (via network)!", str ); else Log( LOG_ERR, "%s (via network)!", str );
Conn_Close( Client->conn_id, str, str, TRUE ); Conn_Close( Client->conn_id, str, str, TRUE );

View File

@ -14,7 +14,7 @@
#include "portab.h" #include "portab.h"
static char UNUSED id[] = "$Id: irc-info.c,v 1.10 2002/12/26 16:48:14 alex Exp $"; static char UNUSED id[] = "$Id: irc-info.c,v 1.11 2002/12/26 17:14:48 alex Exp $";
#include "imp.h" #include "imp.h"
#include <assert.h> #include <assert.h>
@ -296,7 +296,7 @@ IRC_NAMES( CLIENT *Client, REQUEST *Req )
/* Nun noch alle Clients ausgeben, die in keinem Channel sind */ /* Nun noch alle Clients ausgeben, die in keinem Channel sind */
c = Client_First( ); c = Client_First( );
sprintf( rpl, RPL_NAMREPLY_MSG, Client_ID( from ), "*", "*" ); snprintf( rpl, sizeof( rpl ), RPL_NAMREPLY_MSG, Client_ID( from ), "*", "*" );
while( c ) while( c )
{ {
if(( Client_Type( c ) == CLIENT_USER ) && ( Channel_FirstChannelOf( c ) == NULL ) && ( ! strchr( Client_Modes( c ), 'i' ))) if(( Client_Type( c ) == CLIENT_USER ) && ( Channel_FirstChannelOf( c ) == NULL ) && ( ! strchr( Client_Modes( c ), 'i' )))
@ -309,7 +309,7 @@ IRC_NAMES( CLIENT *Client, REQUEST *Req )
{ {
/* Zeile wird zu lang: senden! */ /* Zeile wird zu lang: senden! */
if( ! IRC_WriteStrClient( from, "%s", rpl )) return DISCONNECTED; if( ! IRC_WriteStrClient( from, "%s", rpl )) return DISCONNECTED;
sprintf( rpl, RPL_NAMREPLY_MSG, Client_ID( from ), "*", "*" ); snprintf( rpl, sizeof( rpl ), RPL_NAMREPLY_MSG, Client_ID( from ), "*", "*" );
} }
} }
@ -636,7 +636,7 @@ IRC_WHOIS( CLIENT *Client, REQUEST *Req )
if( ! IRC_WriteStrClient( from, RPL_WHOISSERVER_MSG, Client_ID( from ), Client_ID( c ), Client_ID( Client_Introducer( c )), Client_Info( Client_Introducer( c )))) return DISCONNECTED; if( ! IRC_WriteStrClient( from, RPL_WHOISSERVER_MSG, Client_ID( from ), Client_ID( c ), Client_ID( Client_Introducer( c )), Client_Info( Client_Introducer( c )))) return DISCONNECTED;
/* Channels */ /* Channels */
sprintf( str, RPL_WHOISCHANNELS_MSG, Client_ID( from ), Client_ID( c )); snprintf( str, sizeof( str ), RPL_WHOISCHANNELS_MSG, Client_ID( from ), Client_ID( c ));
cl2chan = Channel_FirstChannelOf( c ); cl2chan = Channel_FirstChannelOf( c );
while( cl2chan ) while( cl2chan )
{ {
@ -653,7 +653,7 @@ IRC_WHOIS( CLIENT *Client, REQUEST *Req )
{ {
/* Zeile wird zu lang: senden! */ /* Zeile wird zu lang: senden! */
if( ! IRC_WriteStrClient( Client, "%s", str )) return DISCONNECTED; if( ! IRC_WriteStrClient( Client, "%s", str )) return DISCONNECTED;
sprintf( str, RPL_WHOISCHANNELS_MSG, Client_ID( from ), Client_ID( c )); snprintf( str, sizeof( str ), RPL_WHOISCHANNELS_MSG, Client_ID( from ), Client_ID( c ));
} }
/* naechstes Mitglied suchen */ /* naechstes Mitglied suchen */
@ -794,7 +794,7 @@ IRC_Send_NAMES( CLIENT *Client, CHANNEL *Chan )
else is_member = FALSE; else is_member = FALSE;
/* Alle Mitglieder suchen */ /* Alle Mitglieder suchen */
sprintf( str, RPL_NAMREPLY_MSG, Client_ID( Client ), "=", Channel_Name( Chan )); snprintf( str, sizeof( str ), RPL_NAMREPLY_MSG, Client_ID( Client ), "=", Channel_Name( Chan ));
cl2chan = Channel_FirstMember( Chan ); cl2chan = Channel_FirstMember( Chan );
while( cl2chan ) while( cl2chan )
{ {
@ -815,7 +815,7 @@ IRC_Send_NAMES( CLIENT *Client, CHANNEL *Chan )
{ {
/* Zeile wird zu lang: senden! */ /* Zeile wird zu lang: senden! */
if( ! IRC_WriteStrClient( Client, "%s", str )) return DISCONNECTED; if( ! IRC_WriteStrClient( Client, "%s", str )) return DISCONNECTED;
sprintf( str, RPL_NAMREPLY_MSG, Client_ID( Client ), "=", Channel_Name( Chan )); snprintf( str, sizeof( str ), RPL_NAMREPLY_MSG, Client_ID( Client ), "=", Channel_Name( Chan ));
} }
} }

View File

@ -14,7 +14,7 @@
#include "portab.h" #include "portab.h"
static char UNUSED id[] = "$Id: irc-mode.c,v 1.26 2002/12/26 17:04:54 alex Exp $"; static char UNUSED id[] = "$Id: irc-mode.c,v 1.27 2002/12/26 17:14:48 alex Exp $";
#include "imp.h" #include "imp.h"
#include <assert.h> #include <assert.h>
@ -418,7 +418,7 @@ Channel_Mode( CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel )
{ {
Channel_ModeDel( Channel, 'l' ); Channel_ModeDel( Channel, 'l' );
Channel_SetMaxUsers( Channel, l ); Channel_SetMaxUsers( Channel, l );
sprintf( argadd, "%ld", l ); snprintf( argadd, sizeof( argadd ), "%ld", l );
x[0] = *mode_ptr; x[0] = *mode_ptr;
} }
} }

View File

@ -14,7 +14,7 @@
#include "portab.h" #include "portab.h"
static char UNUSED id[] = "$Id: irc-server.c,v 1.27 2002/12/26 17:04:54 alex Exp $"; static char UNUSED id[] = "$Id: irc-server.c,v 1.28 2002/12/26 17:14:48 alex Exp $";
#include "imp.h" #include "imp.h"
#include <assert.h> #include <assert.h>
@ -188,7 +188,7 @@ IRC_SERVER( CLIENT *Client, REQUEST *Req )
/* alle Member suchen */ /* alle Member suchen */
cl2chan = Channel_FirstMember( chan ); cl2chan = Channel_FirstMember( chan );
sprintf( str, "NJOIN %s :", Channel_Name( chan )); snprintf( str, sizeof( str ), "NJOIN %s :", Channel_Name( chan ));
while( cl2chan ) while( cl2chan )
{ {
cl = Channel_GetClient( cl2chan ); cl = Channel_GetClient( cl2chan );
@ -204,7 +204,7 @@ IRC_SERVER( CLIENT *Client, REQUEST *Req )
{ {
/* Zeile senden */ /* Zeile senden */
if( ! IRC_WriteStrClient( Client, "%s", str )) return DISCONNECTED; if( ! IRC_WriteStrClient( Client, "%s", str )) return DISCONNECTED;
sprintf( str, "NJOIN %s :", Channel_Name( chan )); snprintf( str, sizeof( str ), "NJOIN %s :", Channel_Name( chan ));
} }
cl2chan = Channel_NextMember( chan, cl2chan ); cl2chan = Channel_NextMember( chan, cl2chan );
@ -257,7 +257,7 @@ IRC_SERVER( CLIENT *Client, REQUEST *Req )
} }
/* Log-Meldung zusammenbauen und ausgeben */ /* Log-Meldung zusammenbauen und ausgeben */
if(( Client_Hops( c ) > 1 ) && ( Req->prefix[0] )) sprintf( str, "connected to %s, ", Client_ID( from )); if(( Client_Hops( c ) > 1 ) && ( Req->prefix[0] )) snprintf( str, sizeof( str ), "connected to %s, ", Client_ID( from ));
else strcpy( str, "" ); else strcpy( str, "" );
Log( LOG_NOTICE|LOG_snotice, "Server \"%s\" registered (via %s, %s%d hop%s).", Client_ID( c ), Client_ID( Client ), str, Client_Hops( c ), Client_Hops( c ) > 1 ? "s": "" ); Log( LOG_NOTICE|LOG_snotice, "Server \"%s\" registered (via %s, %s%d hop%s).", Client_ID( c ), Client_ID( Client ), str, Client_Hops( c ), Client_Hops( c ) > 1 ? "s": "" );
@ -359,9 +359,9 @@ IRC_SQUIT( CLIENT *Client, REQUEST *Req )
if( Req->argv[1][0] ) if( Req->argv[1][0] )
{ {
if( strlen( Req->argv[1] ) > LINE_LEN ) Req->argv[1][LINE_LEN] = '\0'; if( strlen( Req->argv[1] ) > LINE_LEN ) Req->argv[1][LINE_LEN] = '\0';
sprintf( msg, "%s (SQUIT from %s).", Req->argv[1], Client_ID( Client )); snprintf( msg, sizeof( msg ), "%s (SQUIT from %s).", Req->argv[1], Client_ID( Client ));
} }
else sprintf( msg, "Got SQUIT from %s.", Client_ID( Client )); else snprintf( msg, sizeof( msg ), "Got SQUIT from %s.", Client_ID( Client ));
if( Client_Conn( target ) > NONE ) if( Client_Conn( target ) > NONE )
{ {

View File

@ -14,7 +14,7 @@
#include "portab.h" #include "portab.h"
static char UNUSED id[] = "$Id: irc.c,v 1.108 2002/12/26 17:04:54 alex Exp $"; static char UNUSED id[] = "$Id: irc.c,v 1.109 2002/12/26 17:14:48 alex Exp $";
#include "imp.h" #include "imp.h"
#include <assert.h> #include <assert.h>
@ -73,7 +73,7 @@ IRC_KILL( CLIENT *Client, REQUEST *Req )
Log( LOG_NOTICE|LOG_snotice, "Got KILL command from \"%s\" for \"%s\": %s", Client_Mask( prefix ), Req->argv[0], Req->argv[1] ); Log( LOG_NOTICE|LOG_snotice, "Got KILL command from \"%s\" for \"%s\": %s", Client_Mask( prefix ), Req->argv[0], Req->argv[1] );
/* build reason string */ /* build reason string */
if( Client_Type( Client ) == CLIENT_USER ) sprintf( reason, "KILLed by %s: %s", Client_ID( Client ), Req->argv[1] ); if( Client_Type( Client ) == CLIENT_USER ) snprintf( reason, sizeof( reason ), "KILLed by %s: %s", Client_ID( Client ), Req->argv[1] );
else strlcpy( reason, Req->argv[1], sizeof( reason )); else strlcpy( reason, Req->argv[1], sizeof( reason ));
/* andere Server benachrichtigen */ /* andere Server benachrichtigen */