From 51cfbad8720d74250fd6d37c8986e1b47d588f8d Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Fri, 4 Apr 2003 06:55:14 +0000 Subject: more strcpy & sprintf murder; ho ok --- src/lib/libcrypto/cversion.c | 6 +++--- src/lib/libssl/src/apps/ca.c | 10 +++++----- src/lib/libssl/src/apps/dgst.c | 5 +++-- src/lib/libssl/src/apps/enc.c | 2 +- src/lib/libssl/src/apps/openssl.c | 6 +++--- src/lib/libssl/src/apps/pkcs12.c | 4 ++-- src/lib/libssl/src/apps/req.c | 38 ++++++++++++++++++------------------ src/lib/libssl/src/apps/s_socket.c | 2 +- src/lib/libssl/src/apps/s_time.c | 6 +++--- src/lib/libssl/src/apps/x509.c | 4 ++-- src/lib/libssl/src/crypto/cversion.c | 6 +++--- 11 files changed, 45 insertions(+), 44 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libcrypto/cversion.c b/src/lib/libcrypto/cversion.c index f7a1b7a4f0..56471fa74c 100644 --- a/src/lib/libcrypto/cversion.c +++ b/src/lib/libcrypto/cversion.c @@ -74,7 +74,7 @@ const char *SSLeay_version(int t) #ifdef DATE static char buf[sizeof(DATE)+11]; - sprintf(buf,"built on: %s",DATE); + snprintf(buf,sizeof buf,"built on: %s",DATE); return(buf); #else return("built on: date not available"); @@ -85,7 +85,7 @@ const char *SSLeay_version(int t) #ifdef CFLAGS static char buf[sizeof(CFLAGS)+11]; - sprintf(buf,"compiler: %s",CFLAGS); + snprintf(buf,sizeof buf,"compiler: %s",CFLAGS); return(buf); #else return("compiler: information not available"); @@ -96,7 +96,7 @@ const char *SSLeay_version(int t) #ifdef PLATFORM static char buf[sizeof(PLATFORM)+11]; - sprintf(buf,"platform: %s", PLATFORM); + snprintf(buf,sizeof buf,"platform: %s", PLATFORM); return(buf); #else return("platform: information not available"); diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c index 2d57fb490c..204974eeea 100644 --- a/src/lib/libssl/src/apps/ca.c +++ b/src/lib/libssl/src/apps/ca.c @@ -2933,16 +2933,16 @@ char *make_revocation_str(int rev_type, char *rev_arg) if (!str) return NULL; - strcpy(str, (char *)revtm->data); + strlcpy(str, (char *)revtm->data, i); if (reason) { - strcat(str, ","); - strcat(str, reason); + strlcat(str, ",", i); + strlcat(str, reason, i); } if (other) { - strcat(str, ","); - strcat(str, other); + strlcat(str, ",", i); + strlcat(str, other, i); } ASN1_UTCTIME_free(revtm); return str; diff --git a/src/lib/libssl/src/apps/dgst.c b/src/lib/libssl/src/apps/dgst.c index 7f612caf23..18bdd56c62 100644 --- a/src/lib/libssl/src/apps/dgst.c +++ b/src/lib/libssl/src/apps/dgst.c @@ -338,8 +338,9 @@ int MAIN(int argc, char **argv) } if(!out_bin) { - tmp=tofree=OPENSSL_malloc(strlen(name)+strlen(argv[i])+5); - sprintf(tmp,"%s(%s)= ",name,argv[i]); + size_t len = strlen(name)+strlen(argv[i])+5; + tmp=tofree=OPENSSL_malloc(len); + snprintf(tmp,len,"%s(%s)= ",name,argv[i]); } else tmp=""; diff --git a/src/lib/libssl/src/apps/enc.c b/src/lib/libssl/src/apps/enc.c index 1ba2ea2f68..cb2fa59db9 100644 --- a/src/lib/libssl/src/apps/enc.c +++ b/src/lib/libssl/src/apps/enc.c @@ -363,7 +363,7 @@ bad: { char buf[200]; - sprintf(buf,"enter %s %s password:", + snprintf(buf,sizeof buf,"enter %s %s password:", OBJ_nid2ln(EVP_CIPHER_nid(cipher)), (enc)?"encryption":"decryption"); strbuf[0]='\0'; diff --git a/src/lib/libssl/src/apps/openssl.c b/src/lib/libssl/src/apps/openssl.c index 1c4a4291aa..811b305622 100644 --- a/src/lib/libssl/src/apps/openssl.c +++ b/src/lib/libssl/src/apps/openssl.c @@ -262,11 +262,11 @@ int main(int Argc, char *Argv[]) p=getenv("SSLEAY_CONF"); if (p == NULL) { - strcpy(config_name,X509_get_default_cert_area()); + strlcpy(config_name,X509_get_default_cert_area(),sizeof config_name); #ifndef OPENSSL_SYS_VMS - strcat(config_name,"/"); + strlcat(config_name,"/",sizeof config_name); #endif - strcat(config_name,OPENSSL_CONF); + strlcat(config_name,OPENSSL_CONF,sizeof config_name); p=config_name; } diff --git a/src/lib/libssl/src/apps/pkcs12.c b/src/lib/libssl/src/apps/pkcs12.c index 1697f6157f..a438bc6c84 100644 --- a/src/lib/libssl/src/apps/pkcs12.c +++ b/src/lib/libssl/src/apps/pkcs12.c @@ -549,7 +549,7 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "Can't read Password\n"); goto export_end; } - if (!twopass) strcpy(macpass, pass); + if (!twopass) strlcpy(macpass, pass, sizeof macpass); /* Turn certbags into encrypted authsafe */ authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0, iter, bags); @@ -650,7 +650,7 @@ int MAIN(int argc, char **argv) CRYPTO_pop_info(); #endif - if (!twopass) strcpy(macpass, pass); + if (!twopass) strlcpy(macpass, pass, sizeof macpass); if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1); if(macver) { diff --git a/src/lib/libssl/src/apps/req.c b/src/lib/libssl/src/apps/req.c index a3c1e0b4c4..c53752335b 100644 --- a/src/lib/libssl/src/apps/req.c +++ b/src/lib/libssl/src/apps/req.c @@ -471,11 +471,11 @@ bad: p=getenv("SSLEAY_CONF"); if (p == NULL) { - strcpy(config_name,X509_get_default_cert_area()); + strlcpy(config_name,X509_get_default_cert_area(),sizeof config_name); #ifndef OPENSSL_SYS_VMS - strcat(config_name,"/"); + strlcat(config_name,"/",sizeof config_name); #endif - strcat(config_name,OPENSSL_CONF); + strlcat(config_name,OPENSSL_CONF,sizeof config_name); p=config_name; } default_config_file=p; @@ -1218,25 +1218,25 @@ start: for (;;) } /* If OBJ not recognised ignore it */ if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start; - sprintf(buf,"%s_default",v->name); + snprintf(buf,sizeof buf,"%s_default",v->name); if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL) { ERR_clear_error(); def=""; } - sprintf(buf,"%s_value",v->name); + snprintf(buf,sizeof buf,"%s_value",v->name); if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL) { ERR_clear_error(); value=NULL; } - sprintf(buf,"%s_min",v->name); + snprintf(buf,sizeof buf,"%s_min",v->name); if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min)) n_min = -1; - sprintf(buf,"%s_max",v->name); + snprintf(buf,sizeof buf,"%s_max",v->name); if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max)) n_max = -1; @@ -1271,7 +1271,7 @@ start2: for (;;) if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start2; - sprintf(buf,"%s_default",type); + snprintf(buf,sizeof buf,"%s_default",type); if ((def=NCONF_get_string(req_conf,attr_sect,buf)) == NULL) { @@ -1280,7 +1280,7 @@ start2: for (;;) } - sprintf(buf,"%s_value",type); + snprintf(buf,sizeof buf,"%s_value",type); if ((value=NCONF_get_string(req_conf,attr_sect,buf)) == NULL) { @@ -1288,11 +1288,11 @@ start2: for (;;) value=NULL; } - sprintf(buf,"%s_min",type); + snprintf(buf,sizeof buf,"%s_min",type); if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min)) n_min = -1; - sprintf(buf,"%s_max",type); + snprintf(buf,sizeof buf,"%s_max",type); if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max)) n_max = -1; @@ -1374,8 +1374,8 @@ start: (void)BIO_flush(bio_err); if(value != NULL) { - strcpy(buf,value); - strcat(buf,"\n"); + strlcpy(buf,value,sizeof buf); + strlcat(buf,"\n",sizeof buf); BIO_printf(bio_err,"%s\n",value); } else @@ -1397,8 +1397,8 @@ start: { if ((def == NULL) || (def[0] == '\0')) return(1); - strcpy(buf,def); - strcat(buf,"\n"); + strlcpy(buf,def,sizeof buf); + strlcat(buf,"\n",sizeof buf); } else if ((buf[0] == '.') && (buf[1] == '\n')) return(1); @@ -1432,8 +1432,8 @@ start: (void)BIO_flush(bio_err); if (value != NULL) { - strcpy(buf,value); - strcat(buf,"\n"); + strlcpy(buf,value,sizeof buf); + strlcat(buf,"\n",sizeof buf); BIO_printf(bio_err,"%s\n",value); } else @@ -1455,8 +1455,8 @@ start: { if ((def == NULL) || (def[0] == '\0')) return(1); - strcpy(buf,def); - strcat(buf,"\n"); + strlcpy(buf,def,sizeof buf); + strlcat(buf,"\n",sizeof buf); } else if ((buf[0] == '.') && (buf[1] == '\n')) return(1); diff --git a/src/lib/libssl/src/apps/s_socket.c b/src/lib/libssl/src/apps/s_socket.c index bd499d020c..17e087d4da 100644 --- a/src/lib/libssl/src/apps/s_socket.c +++ b/src/lib/libssl/src/apps/s_socket.c @@ -381,7 +381,7 @@ redoit: perror("OPENSSL_malloc"); return(0); } - strcpy(*host,h1->h_name); + strlcpy(*host,h1->h_name,strlen(h1->h_name)+1); h2=GetHostByName(*host); if (h2 == NULL) diff --git a/src/lib/libssl/src/apps/s_time.c b/src/lib/libssl/src/apps/s_time.c index 752158460a..7ba5b4293c 100644 --- a/src/lib/libssl/src/apps/s_time.c +++ b/src/lib/libssl/src/apps/s_time.c @@ -495,7 +495,7 @@ int MAIN(int argc, char **argv) if (s_www_path != NULL) { - sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path); + snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path); SSL_write(scon,buf,strlen(buf)); while ((i=SSL_read(scon,buf,sizeof(buf))) > 0) bytes_read+=i; @@ -550,7 +550,7 @@ next: if (s_www_path != NULL) { - sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path); + snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path); SSL_write(scon,buf,strlen(buf)); while (SSL_read(scon,buf,sizeof(buf)) > 0) ; @@ -588,7 +588,7 @@ next: if (s_www_path) { - sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path); + snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path); SSL_write(scon,buf,strlen(buf)); while ((i=SSL_read(scon,buf,sizeof(buf))) > 0) bytes_read+=i; diff --git a/src/lib/libssl/src/apps/x509.c b/src/lib/libssl/src/apps/x509.c index 5a41c389ee..3ff4b62481 100644 --- a/src/lib/libssl/src/apps/x509.c +++ b/src/lib/libssl/src/apps/x509.c @@ -1033,7 +1033,7 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create) if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; } if (serialfile == NULL) { - strcpy(buf,CAfile); + strlcpy(buf,CAfile,sizeof buf); for (p=buf; *p; p++) if (*p == '.') { @@ -1043,7 +1043,7 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create) strcat(buf,POSTFIX); } else - strcpy(buf,serialfile); + strlcpy(buf,serialfile,sizeof buf); serial=BN_new(); bs=ASN1_INTEGER_new(); if ((serial == NULL) || (bs == NULL)) diff --git a/src/lib/libssl/src/crypto/cversion.c b/src/lib/libssl/src/crypto/cversion.c index f7a1b7a4f0..56471fa74c 100644 --- a/src/lib/libssl/src/crypto/cversion.c +++ b/src/lib/libssl/src/crypto/cversion.c @@ -74,7 +74,7 @@ const char *SSLeay_version(int t) #ifdef DATE static char buf[sizeof(DATE)+11]; - sprintf(buf,"built on: %s",DATE); + snprintf(buf,sizeof buf,"built on: %s",DATE); return(buf); #else return("built on: date not available"); @@ -85,7 +85,7 @@ const char *SSLeay_version(int t) #ifdef CFLAGS static char buf[sizeof(CFLAGS)+11]; - sprintf(buf,"compiler: %s",CFLAGS); + snprintf(buf,sizeof buf,"compiler: %s",CFLAGS); return(buf); #else return("compiler: information not available"); @@ -96,7 +96,7 @@ const char *SSLeay_version(int t) #ifdef PLATFORM static char buf[sizeof(PLATFORM)+11]; - sprintf(buf,"platform: %s", PLATFORM); + snprintf(buf,sizeof buf,"platform: %s", PLATFORM); return(buf); #else return("platform: information not available"); -- cgit v1.2.3-55-g6feb