]>
Commit | Line | Data |
---|---|---|
bf904ecd | 1 | diff -ru BitchX-old/source/banlist.c BitchX/source/banlist.c |
2 | --- BitchX-old/source/banlist.c 2002-02-28 06:22:46.000000000 +0200 | |
3 | +++ BitchX/source/banlist.c 2003-03-13 20:09:01.000000000 +0200 | |
4 | @@ -277,30 +277,30 @@ | |
5 | case 7: | |
6 | if (ip) | |
7 | { | |
8 | - sprintf(banstr, "*!*@%s", cluster(ip)); | |
9 | + snprintf(banstr, sizeof(banstr), "*!*@%s", cluster(ip)); | |
10 | break; | |
11 | } | |
12 | case 2: /* Better */ | |
13 | - sprintf(banstr, "*!*%s@%s", t1, cluster(host)); | |
14 | + snprintf(banstr, sizeof(banstr), "*!*%s@%s", t1, cluster(host)); | |
15 | break; | |
16 | case 3: /* Host */ | |
17 | - sprintf(banstr, "*!*@%s", host); | |
18 | + snprintf(banstr, sizeof(banstr), "*!*@%s", host); | |
19 | break; | |
20 | case 4: /* Domain */ | |
21 | - sprintf(banstr, "*!*@*%s", strrchr(host, '.')); | |
22 | + snprintf(banstr, sizeof(banstr), "*!*@*%s", strrchr(host, '.')); | |
23 | break; | |
24 | case 5: /* User */ | |
25 | - sprintf(banstr, "*!%s@%s", t, cluster(host)); | |
26 | + snprintf(banstr, sizeof(banstr), "*!%s@%s", t, cluster(host)); | |
27 | break; | |
28 | case 6: /* Screw */ | |
29 | malloc_sprintf(&tmpstr, "*!*%s@%s", t1, host); | |
30 | - strcpy(banstr, screw(tmpstr)); | |
31 | + strmcpy(banstr, screw(tmpstr), sizeof(banstr)-1); | |
32 | new_free(&tmpstr); | |
33 | break; | |
34 | case 1: /* Normal */ | |
35 | default: | |
36 | { | |
37 | - sprintf(banstr, "%s!*%s@%s", nick, t1, host); | |
38 | + snprintf(banstr, sizeof(banstr), "%s!*%s@%s", nick, t1, host); | |
39 | break; | |
40 | } | |
41 | } | |
42 | diff -ru BitchX-old/source/ctcp.c BitchX/source/ctcp.c | |
43 | --- BitchX-old/source/ctcp.c 2002-02-28 06:22:47.000000000 +0200 | |
44 | +++ BitchX/source/ctcp.c 2003-03-13 19:59:35.000000000 +0200 | |
45 | @@ -1482,6 +1482,7 @@ | |
46 | *putbuf2; | |
47 | int len; | |
48 | len = IRCD_BUFFER_SIZE - (12 + strlen(to)); | |
49 | + if (len <= 2) return; | |
50 | putbuf2 = alloca(len); | |
51 | ||
52 | if (format) | |
53 | diff -ru BitchX-old/source/misc.c BitchX/source/misc.c | |
54 | --- BitchX-old/source/misc.c 2002-03-24 11:31:07.000000000 +0200 | |
55 | +++ BitchX/source/misc.c 2003-03-13 20:02:13.000000000 +0200 | |
56 | @@ -3121,19 +3121,19 @@ | |
57 | { | |
58 | if (*hostname == '~') | |
59 | hostname++; | |
60 | - strcpy(result, hostname); | |
61 | + strmcpy(result, hostname, sizeof(result)-1); | |
62 | *strchr(result, '@') = '\0'; | |
63 | if (strlen(result) > 9) | |
64 | { | |
65 | result[8] = '*'; | |
66 | result[9] = '\0'; | |
67 | } | |
68 | - strcat(result, "@"); | |
69 | + strmcat(result, "@", sizeof(result)-1); | |
70 | if (!(hostname = strchr(hostname, '@'))) | |
71 | return NULL; | |
72 | hostname++; | |
73 | } | |
74 | - strcpy(host, hostname); | |
75 | + strmcpy(host, hostname, sizeof(host)-1); | |
76 | ||
77 | if (*host && isdigit(*(host + strlen(host) - 1))) | |
78 | { | |
79 | @@ -3154,8 +3154,8 @@ | |
80 | for (i = 0; i < count; i++) | |
81 | tmp = strchr(tmp, '.') + 1; | |
82 | *tmp = '\0'; | |
83 | - strcat(result, host); | |
84 | - strcat(result, "*"); | |
85 | + strmcat(result, host, sizeof(result)-1); | |
86 | + strmcat(result, "*", sizeof(result)-1); | |
87 | } | |
88 | else | |
89 | { | |
90 | @@ -3177,10 +3177,10 @@ | |
91 | else | |
92 | return (char *) NULL; | |
93 | } | |
94 | - strcat(result, "*"); | |
95 | + strmcat(result, "*", sizeof(result)-1); | |
96 | if (my_stricmp(host, temphost)) | |
97 | - strcat(result, "."); | |
98 | - strcat(result, host); | |
99 | + strmcat(result, ".", sizeof(result)-1); | |
100 | + strmcat(result, host, sizeof(result)-1); | |
101 | } | |
102 | return result; | |
103 | } | |
104 | diff -ru BitchX-old/source/names.c BitchX/source/names.c | |
105 | --- BitchX-old/source/names.c 2002-03-25 22:47:30.000000000 +0200 | |
106 | +++ BitchX/source/names.c 2003-03-13 20:10:26.000000000 +0200 | |
107 | @@ -572,7 +572,7 @@ | |
108 | ||
109 | *nmodes = 0; | |
110 | *nargs = 0; | |
111 | - for (; *modes; modes++) | |
112 | + for (; *modes && strlen(nmodes) < sizeof(nmodes)-2; modes++) | |
113 | { | |
114 | isbanned = isopped = isvoiced = 0; | |
115 | switch (*modes) | |
116 | @@ -742,7 +742,7 @@ | |
117 | ||
118 | /* modes which can be done multiple times are added here */ | |
119 | ||
120 | - for (tucm = ucm; tucm; tucm = tucm->next) | |
121 | + for (tucm = ucm; tucm && strlen(nmodes) < sizeof(nmodes)-2; tucm = tucm->next) | |
122 | { | |
123 | if (tucm->o_ed) | |
124 | { | |
125 | diff -ru BitchX-old/source/notice.c BitchX/source/notice.c | |
126 | --- BitchX-old/source/notice.c 2002-02-28 06:22:50.000000000 +0200 | |
127 | +++ BitchX/source/notice.c 2003-03-13 20:07:39.000000000 +0200 | |
128 | @@ -422,10 +422,10 @@ | |
129 | { | |
130 | char *q = strchr(line, ':'); | |
131 | char *port = empty_string; | |
132 | - int conn = !strncmp(line+7, "connect", 7) ? 1 : 0; | |
133 | + int conn = strlen(line) > 7 && !strncmp(line+7, "connect", 7) ? 1 : 0; | |
134 | int dalnet = 0, ircnet = 0; | |
135 | ||
136 | - if (*(line+18) == ':') | |
137 | + if (strlen(line) > 18 && *(line+18) == ':') | |
138 | q = NULL; | |
139 | else | |
140 | dalnet = (q == NULL); | |
141 | @@ -462,7 +462,7 @@ | |
142 | else sscanf(p, "%s was %s from %s", for_, fr, temp); | |
143 | ||
144 | q = p; | |
145 | - sprintf(q, "%s@%s", fr, temp); | |
146 | + snprintf(q, strlen(q)+1, "%s@%s", fr, temp); | |
147 | if (!conn) | |
148 | { | |
149 | port = strstr(temp2, "reason:"); | |
150 | diff -ru BitchX-old/source/server.c BitchX/source/server.c | |
151 | --- BitchX-old/source/server.c 2002-03-25 07:21:24.000000000 +0200 | |
152 | +++ BitchX/source/server.c 2003-03-13 20:10:00.000000000 +0200 | |
153 | @@ -474,11 +474,11 @@ | |
154 | } | |
155 | else | |
156 | #endif | |
157 | - junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE, server_list[i].ssl_fd); | |
158 | + junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE/2, server_list[i].ssl_fd); | |
159 | } | |
160 | else | |
161 | #endif | |
162 | - junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE, NULL); | |
163 | + junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE/2, NULL); | |
164 | } | |
165 | switch (junk) | |
166 | { | |
167 | @@ -1741,7 +1741,7 @@ | |
168 | default: | |
169 | if (FD_ISSET(des, &rd)) | |
170 | { | |
171 | - if (!dgets(buffer, des, 0, BIG_BUFFER_SIZE, NULL)) | |
172 | + if (!dgets(buffer, des, 0, BIG_BUFFER_SIZE/2, NULL)) | |
173 | flushing = 0; | |
174 | } | |
175 | break; | |
176 | @@ -1751,7 +1751,7 @@ | |
177 | FD_ZERO(&rd); | |
178 | FD_SET(des, &rd); | |
179 | if (new_select(&rd, NULL, &timeout) > 0) | |
180 | - dgets(buffer, des, 1, BIG_BUFFER_SIZE, NULL); | |
181 | + dgets(buffer, des, 1, BIG_BUFFER_SIZE/2, NULL); | |
182 | } |