[packages/apache-mod_gzip.git] / mod_gzip-security.patch

fixes CAN-2003-0842, CAN-2003-0843, CAN-2003-0844
taken from SuSE apache-contrib package updates

diff -purEbB mod_gzip-1.3.26.1a/mod_gzip.c mod_gzip-1.3.26.1a.fix/mod_gzip.c
--- mod_gzip-1.3.26.1a/mod_gzip.c	2002-10-01 09:29:49.000000000 +0200
+++ mod_gzip-1.3.26.1a.fix/mod_gzip.c	2004-01-13 17:16:05.000000000 +0100
@@ -93,6 +93,10 @@
 
 #define CORE_PRIVATE
 
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
 #include "httpd.h"
 #include "http_config.h"
 #include "http_core.h"
@@ -1382,8 +1386,8 @@ int   targetmaxlen
        slash[1]=0;
       }
 
-    sprintf(
-    target,
+    snprintf(
+    target, targetmaxlen,
     "%s%s_%ld_%ld_%ld.wrk",
     prefix,              
     slash,               
@@ -1394,8 +1398,8 @@ int   targetmaxlen
    }
  else 
    {
-    sprintf(
-    target,
+    snprintf(
+    target, targetmaxlen,
     "_%ld_%ld_%ld.wrk",
     (long) process_id,   
     (long) thread_id,    
@@ -3631,7 +3635,7 @@ mod_gzip_set_temp_dir( cmd_parms *parms,
           if ( ( *(mgc->temp_dir+(arglen-1)) != '\\' ) &&
                ( *(mgc->temp_dir+(arglen-1)) != '/'  ) )
             {
-             mod_gzip_strcat( mgc->temp_dir, dirsep );
+             strcat( mgc->temp_dir, dirsep );
             }
 
           rc = stat( mgc->temp_dir, &sbuf );
@@ -3734,7 +3738,8 @@ static const char *mod_gzip_static_suffi
       return "mod_gzip_static_suffix: suffix to long!";
     }
 
-    mod_gzip_strcpy(mgc->suffix,arg1);
+    strncpy(mgc->suffix,arg1,sizeof(mgc->suffix)-1);
+    mgc->suffix[sizeof(mgc->suffix)-1] = '\0';
     mgc->suffix_set = 1;
     return NULL;
   }
@@ -5221,8 +5226,9 @@ mod_gzip_conf *dconf,
 char          *input_filename
 )
 {
- FILE *ifh=0;
- FILE *ofh=0;
+ FILE *ifh=NULL;
+ FILE *ofh=NULL;
+ int   ofd=-1;
  int   ofh_used=0;
 
  int   i=0;
@@ -5763,7 +5769,7 @@ char          *input_filename
     send_as_is++;
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
-    mod_gzip_strcat( lbuf, ":NO_200");
+    strcat( lbuf, ":NO_200");
     #endif
    }
 
@@ -5778,7 +5784,7 @@ char          *input_filename
     send_as_is++;
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
-    mod_gzip_strcat( lbuf, ":RESPONSE_FIELD_EXCLUDED");
+    strcat( lbuf, ":RESPONSE_FIELD_EXCLUDED");
     #endif
    }
 
@@ -5793,7 +5799,7 @@ char          *input_filename
     send_as_is++;
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
-    mod_gzip_strcat( lbuf, ":NO_BODY");
+    strcat( lbuf, ":NO_BODY");
     #endif
    }
 
@@ -5807,7 +5813,7 @@ char          *input_filename
     send_as_is++;
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
-    mod_gzip_strcat( lbuf, ":UNKNOWN_TE_VALUE");
+    strcat( lbuf, ":UNKNOWN_TE_VALUE");
     #endif
    }
 
@@ -5821,7 +5827,7 @@ char          *input_filename
     send_as_is++;
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
-    mod_gzip_strcat( lbuf, ":HAS_CE");
+    strcat( lbuf, ":HAS_CE");
     #endif
    }
 
@@ -5835,7 +5841,7 @@ char          *input_filename
     send_as_is++;
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
-    mod_gzip_strcat( lbuf, ":NO_CONTENT_TYPE_IN_RESPONSE_HEADER");
+    strcat( lbuf, ":NO_CONTENT_TYPE_IN_RESPONSE_HEADER");
     #endif
    }
  else if ( !send_as_is ) 
@@ -5891,7 +5897,7 @@ char          *input_filename
           send_as_is++;
 
           #ifdef MOD_GZIP_USES_APACHE_LOGS
-          mod_gzip_strcat( lbuf, ":RESPONSE_CONTENT_TYPE_EXCLUDED");
+          strcat( lbuf, ":RESPONSE_CONTENT_TYPE_EXCLUDED");
           #endif
          }
       }
@@ -6041,7 +6047,11 @@ char          *input_filename
  mod_gzip_printf( "%s: Call OUTPUT fopen(%s)...",cn,npp(output_filename1));
  #endif
 
- ofh = fopen( output_filename1, "wb" );
+ if( (ofd  = open(output_filename1, O_WRONLY | O_CREAT | O_EXCL)) < 0 || (ofh = fdopen(ofd ,"w")) == NULL)
+ {
+   ofd = -1;
+   ofh = NULL;
+ }
 
  if ( !ofh ) 
    {
@@ -6875,7 +6885,7 @@ long         content_length
                mod_gzip_printf( "%s: HEADER: ADDING: lbuf=[%s]",cn,npp(lbuf));
                #endif
 
-               mod_gzip_strcat( lbuf, "\r\n" );
+               strcat( lbuf, "\r\n" );
 
                if ( send_header )
                  {
@@ -6888,7 +6898,7 @@ long         content_length
                mod_gzip_printf( "%s: HEADER: ADDING: lbuf=[%s]",cn,npp(lbuf));
                #endif
 
-               mod_gzip_strcat( lbuf, "\r\n" );
+               strcat( lbuf, "\r\n" );
 
                if ( send_header )
                  {
@@ -7283,12 +7293,12 @@ char          *result_prefix_string
     prefix_string = dummy_result_prefix_string;
    }
 
- sprintf( log_info,"%sOK", prefix_string );
+ snprintf( log_info, sizeof(log_info),"%sOK", prefix_string );
 
  ap_table_setn(
  r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
 
- sprintf( log_info,"%d", (int) input_size );
+ snprintf( log_info, sizeof(log_info),"%d", (int) input_size );
  ap_table_setn( r->notes,"mod_gzip_input_size",ap_pstrdup(r->pool,log_info));
 
  #endif
@@ -7302,7 +7312,7 @@ char          *result_prefix_string
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
 
-    sprintf( log_info,"%sDECLINED:NO_ILEN", prefix_string );
+    snprintf( log_info, sizeof(log_info),"%sDECLINED:NO_ILEN", prefix_string );
 
     ap_table_setn(
     r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
@@ -7329,7 +7339,7 @@ char          *result_prefix_string
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
 
-    sprintf( log_info,"%sDECLINED:TOO_SMALL", prefix_string );
+    snprintf( log_info, sizeof(log_info),"%sDECLINED:TOO_SMALL", prefix_string );
 
     ap_table_setn(
     r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
@@ -7364,7 +7374,7 @@ char          *result_prefix_string
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
 
-    sprintf( log_info,"%sDECLINED:TOO_BIG", prefix_string );
+    snprintf( log_info, sizeof(log_info),"%sDECLINED:TOO_BIG", prefix_string );
 
     ap_table_setn(
     r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
@@ -7396,7 +7406,8 @@ char          *result_prefix_string
     mod_gzip_printf( "%s: Input source is file[%s]",cn,npp(source));
     #endif
 
-    mod_gzip_strcpy( gzp->input_filename, source );
+    strncpy( gzp->input_filename, source, sizeof(gzp->input_filename)-1 );
+    gzp->input_filename[sizeof(gzp->input_filename)-1] = '\0';
 
     gzp->input_ismem         = 0;
     gzp->input_ismem_ibuf    = 0;
@@ -7537,10 +7548,10 @@ char          *result_prefix_string
 
  #ifdef MOD_GZIP_USES_APACHE_LOGS
 
- sprintf( log_info,"%d", (int) output_size );
+ snprintf( log_info, sizeof(log_info), "%d", (int) output_size );
  ap_table_setn( r->notes,"mod_gzip_output_size",ap_pstrdup(r->pool,log_info));
 
- sprintf( log_info,"%d", (int) compression_ratio );
+ snprintf( log_info, sizeof(log_info),"%d", (int) compression_ratio );
  ap_table_setn( r->notes,"mod_gzip_compression_ratio",ap_pstrdup(r->pool,log_info));
 
  #endif
@@ -7556,7 +7567,7 @@ char          *result_prefix_string
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
 
-    sprintf( log_info,"%sDECLINED:NO_OLEN", prefix_string );
+    snprintf( log_info, sizeof(log_info),"%sDECLINED:NO_OLEN", prefix_string );
 
     ap_table_setn(
     r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
@@ -7637,7 +7648,7 @@ char          *result_prefix_string
 
     #ifdef MOD_GZIP_USES_APACHE_LOGS
 
-    sprintf( log_info,"%sDECLINED:ORIGINAL_SMALLER", prefix_string );
+    snprintf( log_info, sizeof(log_info),"%sDECLINED:ORIGINAL_SMALLER", prefix_string );
 
     ap_table_setn(
     r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
@@ -7701,7 +7712,7 @@ char          *result_prefix_string
 
        #ifdef MOD_GZIP_USES_APACHE_LOGS
 
-       sprintf( log_info,"%sDECLINED:REOPEN_FAILED", prefix_string );
+       snprintf( log_info, sizeof(log_info),"%sDECLINED:REOPEN_FAILED", prefix_string );
 
        ap_table_setn(
        r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
@@ -7817,9 +7828,9 @@ char          *result_prefix_string
 
        #ifdef MOD_GZIP_DEBUG1
        mod_gzip_translate_comerror( err, scratch2 );
-       sprintf( log_info,"%sTRANSMIT_ERROR:ISMEM:%d:%s", prefix_string, (int) err, scratch2 );
+       snprintf( log_info, sizeof(log_info),"%sTRANSMIT_ERROR:ISMEM:%d:%s", prefix_string, (int) err, scratch2 );
        #else
-       sprintf( log_info,"%sTRANSMIT_ERROR:ISMEM:%d", prefix_string, (int) err );
+       snprintf( log_info, sizeof(log_info),"%sTRANSMIT_ERROR:ISMEM:%d", prefix_string, (int) err );
        #endif
 
        ap_table_setn( r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
@@ -7911,9 +7922,9 @@ char          *result_prefix_string
 
            #ifdef MOD_GZIP_DEBUG1
            mod_gzip_translate_comerror( err, scratch2 );
-           sprintf( log_info,"%sTRANSMIT_ERROR:%d:%s", prefix_string, (int) err, scratch2 );
+           snprintf( log_info, sizeof(log_info),"%sTRANSMIT_ERROR:%d:%s", prefix_string, (int) err, scratch2 );
            #else
-           sprintf( log_info,"%sTRANSMIT_ERROR:%d", prefix_string, (int) err );
+           snprintf( log_info, sizeof(log_info),"%sTRANSMIT_ERROR:%d", prefix_string, (int) err );
            #endif
 
            ap_table_setn( r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
@@ -8036,10 +8047,10 @@ char          *result_prefix_string
 
  if ( finalize_stats )
    {
-    sprintf( log_info,"%d", (int) output_size );
+    snprintf( log_info, sizeof(log_info),"%d", (int) output_size );
     ap_table_setn( r->notes,"mod_gzip_output_size",ap_pstrdup(r->pool,log_info));
 
-    sprintf( log_info,"%d", (int) compression_ratio );
+    snprintf( log_info, sizeof(log_info),"%d", (int) compression_ratio );
     ap_table_setn( r->notes,"mod_gzip_compression_ratio",ap_pstrdup(r->pool,log_info));
    }
 
@@ -8072,7 +8083,7 @@ char *mod_gzip_generate_vary_header(mod_
 
   for(i=0;i<cfg->imap_total_entries;i++) {
     if(cfg->imap[i].type == MOD_GZIP_IMAP_ISREQHEADER) {
-      mod_gzip_strncpy(name,cfg->imap[i].name,strstr(cfg->imap[i].name,":") - cfg->imap[i].name - 1);
+      strncpy(name,cfg->imap[i].name,strstr(cfg->imap[i].name,":") - cfg->imap[i].name - 1);
       *((const char **)ap_push_array(ary)) = ap_pstrdup(p,name);
     }
   }
@@ -8097,8 +8108,10 @@ int mod_gzip_compress_file(request_rec *
   gzc.result_code          = 0;
   gzc.bytes_out            = 0;
 
-  mod_gzip_strcpy(gzc.input_filename, r->filename);
-  mod_gzip_strcpy(gzc.output_filename,dest);
+  strncpy(gzc.input_filename, r->filename, sizeof(gzc.input_filename)-1);
+  gzc.input_filename[sizeof(gzc.input_filename)-1] = '\0';
+  strncpy(gzc.output_filename,dest, sizeof(gzc.output_filename)-1);
+  gzc.output_filename[sizeof(gzc.output_filename)-1] = '\0';
 
   rc = gzp_main(r,&gzc);
 
diff -purEbB mod_gzip-1.3.26.1a/mod_gzip_debug.c mod_gzip-1.3.26.1a.fix/mod_gzip_debug.c
--- mod_gzip-1.3.26.1a/mod_gzip_debug.c	2002-10-01 09:29:49.000000000 +0200
+++ mod_gzip-1.3.26.1a.fix/mod_gzip_debug.c	2004-01-15 15:26:20.000000000 +0100
@@ -98,6 +98,17 @@
 #include "mod_gzip.h"
 #include "mod_gzip_debug.h"
 
+#ifndef WIN32
+	#include <sys/types.h>
+	#include <sys/stat.h>
+	#define __USE_GNU
+	#include <fcntl.h>
+	#ifndef O_NOFOLLOW
+		# warning System does not know O_NOFOLLOW
+		#define O_NOFOLLOW 0400000
+	#endif
+#endif
+
 #ifdef MOD_GZIP_DEBUG1
 
 server_rec *mod_gzip_server_now = 0;
@@ -125,7 +137,7 @@ void mod_gzip_printf( const char *fmt, .
 
  va_start( ap, fmt );
 
- l = vsprintf( log_line, fmt, ap );
+ l = vsnprintf( log_line, sizeof(log_line), fmt, ap );
 
  va_end(ap);
 
@@ -136,11 +148,39 @@ void mod_gzip_printf( const char *fmt, .
 
 #else 
 
+int safe_reopen (char *file, int mode)
+{
+	struct stat st;
+	struct stat st2;
+	int fd;
+
+	if (lstat(file, &st) < 0)
+	{ // does not exit -> safe creation
+		if ((fd = open(file, mode | O_EXCL | O_CREAT, 0600)) < 0)
+			return(-1);
+	}
+	else
+	{ // it exists - allow only regular file which are not hardlinked
+		if ((! S_ISREG(st.st_mode)) || st.st_nlink != 1)
+			return(-1); // OK, lets open
+		if ((fd = open(file, mode | O_NOFOLLOW)) < 0)
+			return(-1);
+		fstat(fd, &st2); // recheck that it's the same file ...
+		if (st2.st_dev != st.st_dev || st2.st_ino != st.st_ino || st2.st_uid != st.st_uid || st2.st_nlink != 1)
+		{
+			close(fd);
+			return(-1);
+		}
+	}
+
+	return(fd);
+}
+	
 void mod_gzip_printf( const char *fmt, ... )
 {
- int   l;
+ int   l, fd;
  char *p1;
- FILE *log;
+ FILE *mod_gzip_log_handle;
 
  va_list ap;
 
@@ -153,31 +193,28 @@ void mod_gzip_printf( const char *fmt, .
  long pid = (long) getpid();
  #endif
 
+ memset(log_line, 0, sizeof(log_line));
+ 
  #ifdef WIN32
  sprintf( logname, "c:\\temp\\t%ld.log",(long)pid);
  #else
- sprintf( logname, "/tmp/t%ld.log",(long)pid);
+ sprintf( logname, "/tmp/t%ld.log", (long)pid);
  #endif
 
- log = fopen( logname,"a" );
-
- if ( !log ) 
-   {
-    return; 
-   }
+ fd = safe_reopen(logname, O_APPEND);
+ mod_gzip_log_handle = fdopen(fd, "a");
 
  va_start( ap, fmt );
 
- l = vsprintf(log_line, fmt, ap);
+ l = vsnprintf(log_line, sizeof(log_line), fmt, ap);
 
  p1=log_line;
  while((*p1!=0)&&(*p1!=13)&&(*p1!=10)) p1++;
  *p1=0;
 
- fprintf( log, "%s\n", log_line );
-
- fclose( log );
+ fprintf( mod_gzip_log_handle, "%s\n", log_line );
 
+ fclose( mod_gzip_log_handle );
  va_end(ap); 
 
  return; 
@@ -305,103 +342,103 @@ int mod_gzip_log_comerror( request_rec *
 
  if ( error == WSANOTINITIALISED )
    {
-    sprintf(b[0],"%s * WSANOTINITIALISED",p);
-    sprintf(b[1],"%s * A successful WSAStartup() must occur",p);
-    sprintf(b[2],"%s * before using this WINSOCK API call.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSANOTINITIALISED",p);
+    snprintf(b[1],sizeof(b[1]),"%s * A successful WSAStartup() must occur",p);
+    snprintf(b[2],sizeof(b[2]),"%s * before using this WINSOCK API call.",p);
    }
  else if ( error == WSAENETDOWN )
    {
-    sprintf(b[0],"%s * WSAENETDOWN",p);
-    sprintf(b[1],"%s * The Windows Sockets implementation has detected",p);
-    sprintf(b[2],"%s * that the network subsystem has failed.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAENETDOWN",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The Windows Sockets implementation has detected",p);
+    snprintf(b[2],sizeof(b[2]),"%s * that the network subsystem has failed.",p);
    }
  else if ( error == WSAENOTCONN )
    {
-    sprintf(b[0],"%s * WSAENOTCONN",p);
-    sprintf(b[1],"%s * The socket is not connected.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAENOTCONN",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The socket is not connected.",p);
    }
  else if ( error == WSAEINTR )
    {
-    sprintf(b[0],"%s * WSAEINTR",p);
-    sprintf(b[1],"%s * The (blocking) call was cancelled",p);
-    sprintf(b[2],"%s * via WSACancelBlockingCall()",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAEINTR",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The (blocking) call was cancelled",p);
+    snprintf(b[2],sizeof(b[2]),"%s * via WSACancelBlockingCall()",p);
    }
  else if ( error == WSAEINPROGRESS )
    {
-    sprintf(b[0],"%s * WSAEINPROGRESS",p);
-    sprintf(b[1],"%s * A blocking Windows Sockets operation",p);
-    sprintf(b[2],"%s * is in progress.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAEINPROGRESS",p);
+    snprintf(b[1],sizeof(b[1]),"%s * A blocking Windows Sockets operation",p);
+    snprintf(b[2],sizeof(b[2]),"%s * is in progress.",p);
    }
  else if ( error == WSAENOTSOCK )
    {
-    sprintf(b[0],"%s * WSAENOTSOCK",p);
-    sprintf(b[1],"%s * The descriptor is not a socket.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAENOTSOCK",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The descriptor is not a socket.",p);
    }
  else if ( error == WSAEOPNOTSUPP )
    {
-    sprintf(b[0],"%s * WSAEOPNOTSUPP",p);
-    sprintf(b[1],"%s * MSG_OOB was specified, but the socket is",p);
-    sprintf(b[2],"%s * not of type SOCK_STREAM.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAEOPNOTSUPP",p);
+    snprintf(b[1],sizeof(b[1]),"%s * MSG_OOB was specified, but the socket is",p);
+    snprintf(b[2],sizeof(b[2]),"%s * not of type SOCK_STREAM.",p);
    }
  else if ( error == WSAESHUTDOWN )
    {
-    sprintf(b[0],"%s * WSAESHUTDOWN",p);
-    sprintf(b[1],"%s * The socket has been shutdown.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAESHUTDOWN",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The socket has been shutdown.",p);
    }
  else if ( error == WSAEWOULDBLOCK )
    {
-    sprintf(b[0],"%s * WSAEWOULDBLOCK",p);
-    sprintf(b[1],"%s * The socket is marked as non-blocking",p);
-    sprintf(b[2],"%s * and receive operation would block.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAEWOULDBLOCK",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The socket is marked as non-blocking",p);
+    snprintf(b[2],sizeof(b[2]),"%s * and receive operation would block.",p);
    }
  else if ( error == WSAEMSGSIZE )
    {
-    sprintf(b[0],"%s * WSAEMSGSIZE",p);
-    sprintf(b[1],"%s * The datagram was too large to",p);
-    sprintf(b[2],"%s * fit into the specified buffer.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAEMSGSIZE",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The datagram was too large to",p);
+    snprintf(b[2],sizeof(b[2]),"%s * fit into the specified buffer.",p);
    }
  else if ( error == WSAEINVAL )
    {
-    sprintf(b[0],"%s * WSAEINVAL",p);
-    sprintf(b[1],"%s * The socket has not been bound with bind().",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAEINVAL",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The socket has not been bound with bind().",p);
    }
  else if ( error == WSAECONNABORTED )
    {
-    sprintf(b[0],"%s * WSAECONNABORTED",p);
-    sprintf(b[1],"%s * The virtual circuit was aborted",p);
-    sprintf(b[2],"%s * due to timeout or other failure.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAECONNABORTED",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The virtual circuit was aborted",p);
+    snprintf(b[2],sizeof(b[2]),"%s * due to timeout or other failure.",p);
    }
  else if ( error == WSAECONNRESET )
    {
-    sprintf(b[0],"%s * WSAECONNRESET",p);
-    sprintf(b[1],"%s * The virtual circuit was reset by the remote side.",p);
+    snprintf(b[0],sizeof(b[0]),"%s * WSAECONNRESET",p);
+    snprintf(b[1],sizeof(b[1]),"%s * The virtual circuit was reset by the remote side.",p);
    }
  else
    {
-    sprintf(b[0],"%s * WSA????",p);
-    sprintf(b[1],"%s * Unexpected WINSOCK error code %d",p,error);
+    snprintf(b[0],sizeof(b[0]),"%s * WSA????",p);
+    snprintf(b[1],sizeof(b[1]),"%s * Unexpected WINSOCK error code %d",p,error);
    }
 
  #else 
 
-      if ( error == EBADF       ) sprintf(b[0],"%s * EBADF", p );
- else if ( error == EAGAIN      ) sprintf(b[0],"%s * EAGAIN",p );
- else if ( error == EDQUOT      ) sprintf(b[0],"%s * EDQUOT",p );
- else if ( error == EFAULT      ) sprintf(b[0],"%s * EFAULT",p );
- else if ( error == EFBIG       ) sprintf(b[0],"%s * EFBIG", p );
- else if ( error == EINTR       ) sprintf(b[0],"%s * EINTR", p );
- else if ( error == EINVAL      ) sprintf(b[0],"%s * EINVAL",p );
- else if ( error == EIO         ) sprintf(b[0],"%s * EIO",   p );
- else if ( error == ENOSPC      ) sprintf(b[0],"%s * ENOSPC",p );
- else if ( error == ENXIO       ) sprintf(b[0],"%s * ENXIO", p );
- else if ( error == EPIPE       ) sprintf(b[0],"%s * EPIPE", p );
- else if ( error == ERANGE      ) sprintf(b[0],"%s * ERANGE",p );
- else if ( error == EINVAL      ) sprintf(b[0],"%s * EINVAL",p );
- else if ( error == EWOULDBLOCK ) sprintf(b[0],"%s * EWOULDBLOCK",p );
+      if ( error == EBADF       ) snprintf(b[0],sizeof(b[0]),"%s * EBADF", p );
+ else if ( error == EAGAIN      ) snprintf(b[0],sizeof(b[0]),"%s * EAGAIN",p );
+ else if ( error == EDQUOT      ) snprintf(b[0],sizeof(b[0]),"%s * EDQUOT",p );
+ else if ( error == EFAULT      ) snprintf(b[0],sizeof(b[0]),"%s * EFAULT",p );
+ else if ( error == EFBIG       ) snprintf(b[0],sizeof(b[0]),"%s * EFBIG", p );
+ else if ( error == EINTR       ) snprintf(b[0],sizeof(b[0]),"%s * EINTR", p );
+ else if ( error == EINVAL      ) snprintf(b[0],sizeof(b[0]),"%s * EINVAL",p );
+ else if ( error == EIO         ) snprintf(b[0],sizeof(b[0]),"%s * EIO",   p );
+ else if ( error == ENOSPC      ) snprintf(b[0],sizeof(b[0]),"%s * ENOSPC",p );
+ else if ( error == ENXIO       ) snprintf(b[0],sizeof(b[0]),"%s * ENXIO", p );
+ else if ( error == EPIPE       ) snprintf(b[0],sizeof(b[0]),"%s * EPIPE", p );
+ else if ( error == ERANGE      ) snprintf(b[0],sizeof(b[0]),"%s * ERANGE",p );
+ else if ( error == EINVAL      ) snprintf(b[0],sizeof(b[0]),"%s * EINVAL",p );
+ else if ( error == EWOULDBLOCK ) snprintf(b[0],sizeof(b[0]),"%s * EWOULDBLOCK",p );
 
  else 
    {
-    sprintf(b[0],"%s * E???? Unexpected error code %d",p,error);
+    snprintf(b[0],sizeof(b[0]),"%s * E???? Unexpected error code %d",p,error);
    }
 
  #endif
Commit	Line	Data
7da826b3 JB	1	fixes CAN-2003-0842, CAN-2003-0843, CAN-2003-0844
	2	taken from SuSE apache-contrib package updates
	3
	4	diff -purEbB mod_gzip-1.3.26.1a/mod_gzip.c mod_gzip-1.3.26.1a.fix/mod_gzip.c
	5	--- mod_gzip-1.3.26.1a/mod_gzip.c 2002-10-01 09:29:49.000000000 +0200
	6	+++ mod_gzip-1.3.26.1a.fix/mod_gzip.c 2004-01-13 17:16:05.000000000 +0100
	7	@@ -93,6 +93,10 @@
	8
	9	#define CORE_PRIVATE
	10
	11	+#include <sys/types.h>
	12	+#include <sys/stat.h>
	13	+#include <fcntl.h>
	14	+
	15	#include "httpd.h"
	16	#include "http_config.h"
	17	#include "http_core.h"
	18	@@ -1382,8 +1386,8 @@ int targetmaxlen
	19	slash[1]=0;
	20	}
	21
	22	- sprintf(
	23	- target,
	24	+ snprintf(
	25	+ target, targetmaxlen,
	26	"%s%s_%ld_%ld_%ld.wrk",
	27	prefix,
	28	slash,
	29	@@ -1394,8 +1398,8 @@ int targetmaxlen
	30	}
	31	else
	32	{
	33	- sprintf(
	34	- target,
	35	+ snprintf(
	36	+ target, targetmaxlen,
	37	"_%ld_%ld_%ld.wrk",
	38	(long) process_id,
	39	(long) thread_id,
	40	@@ -3631,7 +3635,7 @@ mod_gzip_set_temp_dir( cmd_parms *parms,
	41	if ( ( *(mgc->temp_dir+(arglen-1)) != '\\' ) &&
	42	( *(mgc->temp_dir+(arglen-1)) != '/' ) )
	43	{
	44	- mod_gzip_strcat( mgc->temp_dir, dirsep );
	45	+ strcat( mgc->temp_dir, dirsep );
	46	}
	47
	48	rc = stat( mgc->temp_dir, &sbuf );
	49	@@ -3734,7 +3738,8 @@ static const char *mod_gzip_static_suffi
	50	return "mod_gzip_static_suffix: suffix to long!";
	51	}
	52
	53	- mod_gzip_strcpy(mgc->suffix,arg1);
	54	+ strncpy(mgc->suffix,arg1,sizeof(mgc->suffix)-1);
	55	+ mgc->suffix[sizeof(mgc->suffix)-1] = '\0';
	56	mgc->suffix_set = 1;
	57	return NULL;
	58	}
	59	@@ -5221,8 +5226,9 @@ mod_gzip_conf *dconf,
	60	char *input_filename
	61	)
	62	{
	63	- FILE *ifh=0;
	64	- FILE *ofh=0;
65	+ FILE *ifh=NULL;
66	+ FILE *ofh=NULL;
67	+ int ofd=-1;
68	int ofh_used=0;
69
70	int i=0;
71	@@ -5763,7 +5769,7 @@ char *input_filename
72	send_as_is++;
73
74	#ifdef MOD_GZIP_USES_APACHE_LOGS
75	- mod_gzip_strcat( lbuf, ":NO_200");
76	+ strcat( lbuf, ":NO_200");
77	#endif
78	}
79
80	@@ -5778,7 +5784,7 @@ char *input_filename
81	send_as_is++;
82
83	#ifdef MOD_GZIP_USES_APACHE_LOGS
84	- mod_gzip_strcat( lbuf, ":RESPONSE_FIELD_EXCLUDED");
85	+ strcat( lbuf, ":RESPONSE_FIELD_EXCLUDED");
86	#endif
87	}
88
89	@@ -5793,7 +5799,7 @@ char *input_filename
90	send_as_is++;
91
92	#ifdef MOD_GZIP_USES_APACHE_LOGS
93	- mod_gzip_strcat( lbuf, ":NO_BODY");
94	+ strcat( lbuf, ":NO_BODY");
95	#endif
96	}
97
98	@@ -5807,7 +5813,7 @@ char *input_filename
99	send_as_is++;
100
101	#ifdef MOD_GZIP_USES_APACHE_LOGS
102	- mod_gzip_strcat( lbuf, ":UNKNOWN_TE_VALUE");
103	+ strcat( lbuf, ":UNKNOWN_TE_VALUE");
104	#endif
105	}
106
107	@@ -5821,7 +5827,7 @@ char *input_filename
108	send_as_is++;
109
110	#ifdef MOD_GZIP_USES_APACHE_LOGS
111	- mod_gzip_strcat( lbuf, ":HAS_CE");
112	+ strcat( lbuf, ":HAS_CE");
113	#endif
114	}
115
116	@@ -5835,7 +5841,7 @@ char *input_filename
117	send_as_is++;
118
119	#ifdef MOD_GZIP_USES_APACHE_LOGS
120	- mod_gzip_strcat( lbuf, ":NO_CONTENT_TYPE_IN_RESPONSE_HEADER");
121	+ strcat( lbuf, ":NO_CONTENT_TYPE_IN_RESPONSE_HEADER");
122	#endif
123	}
124	else if ( !send_as_is )
125	@@ -5891,7 +5897,7 @@ char *input_filename
126	send_as_is++;
127
128	#ifdef MOD_GZIP_USES_APACHE_LOGS
129	- mod_gzip_strcat( lbuf, ":RESPONSE_CONTENT_TYPE_EXCLUDED");
130	+ strcat( lbuf, ":RESPONSE_CONTENT_TYPE_EXCLUDED");
131	#endif
132	}
133	}
134	@@ -6041,7 +6047,11 @@ char *input_filename
135	mod_gzip_printf( "%s: Call OUTPUT fopen(%s)...",cn,npp(output_filename1));
136	#endif
137
138	- ofh = fopen( output_filename1, "wb" );
139	+ if( (ofd = open(output_filename1, O_WRONLY \| O_CREAT \| O_EXCL)) < 0 \|\| (ofh = fdopen(ofd ,"w")) == NULL)
140	+ {
141	+ ofd = -1;
142	+ ofh = NULL;
143	+ }
144
145	if ( !ofh )
146	{
147	@@ -6875,7 +6885,7 @@ long content_length
148	mod_gzip_printf( "%s: HEADER: ADDING: lbuf=[%s]",cn,npp(lbuf));
149	#endif
150
151	- mod_gzip_strcat( lbuf, "\r\n" );
152	+ strcat( lbuf, "\r\n" );
153
154	if ( send_header )
155	{
156	@@ -6888,7 +6898,7 @@ long content_length
157	mod_gzip_printf( "%s: HEADER: ADDING: lbuf=[%s]",cn,npp(lbuf));
158	#endif
159
160	- mod_gzip_strcat( lbuf, "\r\n" );
161	+ strcat( lbuf, "\r\n" );
162
163	if ( send_header )
164	{
165	@@ -7283,12 +7293,12 @@ char *result_prefix_string
166	prefix_string = dummy_result_prefix_string;
167	}
168
169	- sprintf( log_info,"%sOK", prefix_string );
170	+ snprintf( log_info, sizeof(log_info),"%sOK", prefix_string );
171
172	ap_table_setn(
173	r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
174
175	- sprintf( log_info,"%d", (int) input_size );
176	+ snprintf( log_info, sizeof(log_info),"%d", (int) input_size );
177	ap_table_setn( r->notes,"mod_gzip_input_size",ap_pstrdup(r->pool,log_info));
178
179	#endif
180	@@ -7302,7 +7312,7 @@ char *result_prefix_string
181
182	#ifdef MOD_GZIP_USES_APACHE_LOGS
183
184	- sprintf( log_info,"%sDECLINED:NO_ILEN", prefix_string );
185	+ snprintf( log_info, sizeof(log_info),"%sDECLINED:NO_ILEN", prefix_string );
186
187	ap_table_setn(
188	r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
189	@@ -7329,7 +7339,7 @@ char *result_prefix_string
190
191	#ifdef MOD_GZIP_USES_APACHE_LOGS
192
193	- sprintf( log_info,"%sDECLINED:TOO_SMALL", prefix_string );
194	+ snprintf( log_info, sizeof(log_info),"%sDECLINED:TOO_SMALL", prefix_string );
195
196	ap_table_setn(
197	r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
198	@@ -7364,7 +7374,7 @@ char *result_prefix_string
199
200	#ifdef MOD_GZIP_USES_APACHE_LOGS
201
202	- sprintf( log_info,"%sDECLINED:TOO_BIG", prefix_string );
203	+ snprintf( log_info, sizeof(log_info),"%sDECLINED:TOO_BIG", prefix_string );
204
205	ap_table_setn(
206	r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
207	@@ -7396,7 +7406,8 @@ char *result_prefix_string
208	mod_gzip_printf( "%s: Input source is file[%s]",cn,npp(source));
209	#endif
210
211	- mod_gzip_strcpy( gzp->input_filename, source );
212	+ strncpy( gzp->input_filename, source, sizeof(gzp->input_filename)-1 );
213	+ gzp->input_filename[sizeof(gzp->input_filename)-1] = '\0';
214
215	gzp->input_ismem = 0;
216	gzp->input_ismem_ibuf = 0;
217	@@ -7537,10 +7548,10 @@ char *result_prefix_string
218
219	#ifdef MOD_GZIP_USES_APACHE_LOGS
220
221	- sprintf( log_info,"%d", (int) output_size );
222	+ snprintf( log_info, sizeof(log_info), "%d", (int) output_size );
223	ap_table_setn( r->notes,"mod_gzip_output_size",ap_pstrdup(r->pool,log_info));
224
225	- sprintf( log_info,"%d", (int) compression_ratio );
226	+ snprintf( log_info, sizeof(log_info),"%d", (int) compression_ratio );
227	ap_table_setn( r->notes,"mod_gzip_compression_ratio",ap_pstrdup(r->pool,log_info));
228
229	#endif
230	@@ -7556,7 +7567,7 @@ char *result_prefix_string
231
232	#ifdef MOD_GZIP_USES_APACHE_LOGS
233
234	- sprintf( log_info,"%sDECLINED:NO_OLEN", prefix_string );
235	+ snprintf( log_info, sizeof(log_info),"%sDECLINED:NO_OLEN", prefix_string );
236
237	ap_table_setn(
238	r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
239	@@ -7637,7 +7648,7 @@ char *result_prefix_string
240
241	#ifdef MOD_GZIP_USES_APACHE_LOGS
242
243	- sprintf( log_info,"%sDECLINED:ORIGINAL_SMALLER", prefix_string );
244	+ snprintf( log_info, sizeof(log_info),"%sDECLINED:ORIGINAL_SMALLER", prefix_string );
245
246	ap_table_setn(
247	r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
248	@@ -7701,7 +7712,7 @@ char *result_prefix_string
249
250	#ifdef MOD_GZIP_USES_APACHE_LOGS
251
252	- sprintf( log_info,"%sDECLINED:REOPEN_FAILED", prefix_string );
253	+ snprintf( log_info, sizeof(log_info),"%sDECLINED:REOPEN_FAILED", prefix_string );
254
255	ap_table_setn(
256	r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
257	@@ -7817,9 +7828,9 @@ char *result_prefix_string
258
259	#ifdef MOD_GZIP_DEBUG1
260	mod_gzip_translate_comerror( err, scratch2 );
261	- sprintf( log_info,"%sTRANSMIT_ERROR:ISMEM:%d:%s", prefix_string, (int) err, scratch2 );
262	+ snprintf( log_info, sizeof(log_info),"%sTRANSMIT_ERROR:ISMEM:%d:%s", prefix_string, (int) err, scratch2 );
263	#else
264	- sprintf( log_info,"%sTRANSMIT_ERROR:ISMEM:%d", prefix_string, (int) err );
265	+ snprintf( log_info, sizeof(log_info),"%sTRANSMIT_ERROR:ISMEM:%d", prefix_string, (int) err );
266	#endif
267
268	ap_table_setn( r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
269	@@ -7911,9 +7922,9 @@ char *result_prefix_string
270
271	#ifdef MOD_GZIP_DEBUG1
272	mod_gzip_translate_comerror( err, scratch2 );
273	- sprintf( log_info,"%sTRANSMIT_ERROR:%d:%s", prefix_string, (int) err, scratch2 );
274	+ snprintf( log_info, sizeof(log_info),"%sTRANSMIT_ERROR:%d:%s", prefix_string, (int) err, scratch2 );
275	#else
276	- sprintf( log_info,"%sTRANSMIT_ERROR:%d", prefix_string, (int) err );
277	+ snprintf( log_info, sizeof(log_info),"%sTRANSMIT_ERROR:%d", prefix_string, (int) err );
278	#endif
279
280	ap_table_setn( r->notes,"mod_gzip_result",ap_pstrdup(r->pool,log_info));
281	@@ -8036,10 +8047,10 @@ char *result_prefix_string
282
283	if ( finalize_stats )
284	{
285	- sprintf( log_info,"%d", (int) output_size );
286	+ snprintf( log_info, sizeof(log_info),"%d", (int) output_size );
287	ap_table_setn( r->notes,"mod_gzip_output_size",ap_pstrdup(r->pool,log_info));
288
289	- sprintf( log_info,"%d", (int) compression_ratio );
290	+ snprintf( log_info, sizeof(log_info),"%d", (int) compression_ratio );
291	ap_table_setn( r->notes,"mod_gzip_compression_ratio",ap_pstrdup(r->pool,log_info));
292	}
293
294	@@ -8072,7 +8083,7 @@ char *mod_gzip_generate_vary_header(mod_
295
296	for(i=0;i<cfg->imap_total_entries;i++) {
297	if(cfg->imap[i].type == MOD_GZIP_IMAP_ISREQHEADER) {
298	- mod_gzip_strncpy(name,cfg->imap[i].name,strstr(cfg->imap[i].name,":") - cfg->imap[i].name - 1);
299	+ strncpy(name,cfg->imap[i].name,strstr(cfg->imap[i].name,":") - cfg->imap[i].name - 1);
300	((const char *)ap_push_array(ary)) = ap_pstrdup(p,name);
301	}
302	}
303	@@ -8097,8 +8108,10 @@ int mod_gzip_compress_file(request_rec *
304	gzc.result_code = 0;
305	gzc.bytes_out = 0;
306
307	- mod_gzip_strcpy(gzc.input_filename, r->filename);
308	- mod_gzip_strcpy(gzc.output_filename,dest);
309	+ strncpy(gzc.input_filename, r->filename, sizeof(gzc.input_filename)-1);
310	+ gzc.input_filename[sizeof(gzc.input_filename)-1] = '\0';
311	+ strncpy(gzc.output_filename,dest, sizeof(gzc.output_filename)-1);
312	+ gzc.output_filename[sizeof(gzc.output_filename)-1] = '\0';
313
314	rc = gzp_main(r,&gzc);
315
316	diff -purEbB mod_gzip-1.3.26.1a/mod_gzip_debug.c mod_gzip-1.3.26.1a.fix/mod_gzip_debug.c
317	--- mod_gzip-1.3.26.1a/mod_gzip_debug.c 2002-10-01 09:29:49.000000000 +0200
318	+++ mod_gzip-1.3.26.1a.fix/mod_gzip_debug.c 2004-01-15 15:26:20.000000000 +0100
319	@@ -98,6 +98,17 @@
320	#include "mod_gzip.h"
321	#include "mod_gzip_debug.h"
322
323	+#ifndef WIN32
324	+ #include <sys/types.h>
325	+ #include <sys/stat.h>
326	+ #define __USE_GNU
327	+ #include <fcntl.h>
328	+ #ifndef O_NOFOLLOW
329	+ # warning System does not know O_NOFOLLOW
330	+ #define O_NOFOLLOW 0400000
331	+ #endif
332	+#endif
333	+
334	#ifdef MOD_GZIP_DEBUG1
335
336	server_rec *mod_gzip_server_now = 0;
337	@@ -125,7 +137,7 @@ void mod_gzip_printf( const char *fmt, .
338
339	va_start( ap, fmt );
340
341	- l = vsprintf( log_line, fmt, ap );
342	+ l = vsnprintf( log_line, sizeof(log_line), fmt, ap );
343
344	va_end(ap);
345
346	@@ -136,11 +148,39 @@ void mod_gzip_printf( const char *fmt, .
347
348	#else
349
350	+int safe_reopen (char *file, int mode)
351	+{
352	+ struct stat st;
353	+ struct stat st2;
354	+ int fd;
355	+
356	+ if (lstat(file, &st) < 0)
357	+ { // does not exit -> safe creation
358	+ if ((fd = open(file, mode \| O_EXCL \| O_CREAT, 0600)) < 0)
359	+ return(-1);
360	+ }
361	+ else
362	+ { // it exists - allow only regular file which are not hardlinked
363	+ if ((! S_ISREG(st.st_mode)) \|\| st.st_nlink != 1)
364	+ return(-1); // OK, lets open
365	+ if ((fd = open(file, mode \| O_NOFOLLOW)) < 0)
366	+ return(-1);
367	+ fstat(fd, &st2); // recheck that it's the same file ...
368	+ if (st2.st_dev != st.st_dev \|\| st2.st_ino != st.st_ino \|\| st2.st_uid != st.st_uid \|\| st2.st_nlink != 1)
369	+ {
370	+ close(fd);
371	+ return(-1);
372	+ }
373	+ }
374	+
375	+ return(fd);
376	+}
377	+
378	void mod_gzip_printf( const char *fmt, ... )
379	{
380	- int l;
381	+ int l, fd;
382	char *p1;
383	- FILE *log;
384	+ FILE *mod_gzip_log_handle;
385
386	va_list ap;
387
388	@@ -153,31 +193,28 @@ void mod_gzip_printf( const char *fmt, .
389	long pid = (long) getpid();
390	#endif
391
392	+ memset(log_line, 0, sizeof(log_line));
393	+
394	#ifdef WIN32
395	sprintf( logname, "c:\\temp\\t%ld.log",(long)pid);
396	#else
397	- sprintf( logname, "/tmp/t%ld.log",(long)pid);
398	+ sprintf( logname, "/tmp/t%ld.log", (long)pid);
399	#endif
400
401	- log = fopen( logname,"a" );
402	-
403	- if ( !log )
404	- {
405	- return;
406	- }
407	+ fd = safe_reopen(logname, O_APPEND);
408	+ mod_gzip_log_handle = fdopen(fd, "a");
409
410	va_start( ap, fmt );
411
412	- l = vsprintf(log_line, fmt, ap);
413	+ l = vsnprintf(log_line, sizeof(log_line), fmt, ap);
414
415	p1=log_line;
416	while((p1!=0)&&(p1!=13)&&(*p1!=10)) p1++;
417	*p1=0;
418
419	- fprintf( log, "%s\n", log_line );
420	-
421	- fclose( log );
422	+ fprintf( mod_gzip_log_handle, "%s\n", log_line );
423
424	+ fclose( mod_gzip_log_handle );
425	va_end(ap);
426
427	return;
428	@@ -305,103 +342,103 @@ int mod_gzip_log_comerror( request_rec *
429
430	if ( error == WSANOTINITIALISED )
431	{
432	- sprintf(b[0],"%s * WSANOTINITIALISED",p);
433	- sprintf(b[1],"%s * A successful WSAStartup() must occur",p);
434	- sprintf(b[2],"%s * before using this WINSOCK API call.",p);
435	+ snprintf(b[0],sizeof(b[0]),"%s * WSANOTINITIALISED",p);
436	+ snprintf(b[1],sizeof(b[1]),"%s * A successful WSAStartup() must occur",p);
437	+ snprintf(b[2],sizeof(b[2]),"%s * before using this WINSOCK API call.",p);
438	}
439	else if ( error == WSAENETDOWN )
440	{
441	- sprintf(b[0],"%s * WSAENETDOWN",p);
442	- sprintf(b[1],"%s * The Windows Sockets implementation has detected",p);
443	- sprintf(b[2],"%s * that the network subsystem has failed.",p);
444	+ snprintf(b[0],sizeof(b[0]),"%s * WSAENETDOWN",p);
445	+ snprintf(b[1],sizeof(b[1]),"%s * The Windows Sockets implementation has detected",p);
446	+ snprintf(b[2],sizeof(b[2]),"%s * that the network subsystem has failed.",p);
447	}
448	else if ( error == WSAENOTCONN )
449	{
450	- sprintf(b[0],"%s * WSAENOTCONN",p);
451	- sprintf(b[1],"%s * The socket is not connected.",p);
452	+ snprintf(b[0],sizeof(b[0]),"%s * WSAENOTCONN",p);
453	+ snprintf(b[1],sizeof(b[1]),"%s * The socket is not connected.",p);
454	}
455	else if ( error == WSAEINTR )
456	{
457	- sprintf(b[0],"%s * WSAEINTR",p);
458	- sprintf(b[1],"%s * The (blocking) call was cancelled",p);
459	- sprintf(b[2],"%s * via WSACancelBlockingCall()",p);
460	+ snprintf(b[0],sizeof(b[0]),"%s * WSAEINTR",p);
461	+ snprintf(b[1],sizeof(b[1]),"%s * The (blocking) call was cancelled",p);
462	+ snprintf(b[2],sizeof(b[2]),"%s * via WSACancelBlockingCall()",p);
463	}
464	else if ( error == WSAEINPROGRESS )
465	{
466	- sprintf(b[0],"%s * WSAEINPROGRESS",p);
467	- sprintf(b[1],"%s * A blocking Windows Sockets operation",p);
468	- sprintf(b[2],"%s * is in progress.",p);
469	+ snprintf(b[0],sizeof(b[0]),"%s * WSAEINPROGRESS",p);
470	+ snprintf(b[1],sizeof(b[1]),"%s * A blocking Windows Sockets operation",p);
471	+ snprintf(b[2],sizeof(b[2]),"%s * is in progress.",p);
472	}
473	else if ( error == WSAENOTSOCK )
474	{
475	- sprintf(b[0],"%s * WSAENOTSOCK",p);
476	- sprintf(b[1],"%s * The descriptor is not a socket.",p);
477	+ snprintf(b[0],sizeof(b[0]),"%s * WSAENOTSOCK",p);
478	+ snprintf(b[1],sizeof(b[1]),"%s * The descriptor is not a socket.",p);
479	}
480	else if ( error == WSAEOPNOTSUPP )
481	{
482	- sprintf(b[0],"%s * WSAEOPNOTSUPP",p);
483	- sprintf(b[1],"%s * MSG_OOB was specified, but the socket is",p);
484	- sprintf(b[2],"%s * not of type SOCK_STREAM.",p);
485	+ snprintf(b[0],sizeof(b[0]),"%s * WSAEOPNOTSUPP",p);
486	+ snprintf(b[1],sizeof(b[1]),"%s * MSG_OOB was specified, but the socket is",p);
487	+ snprintf(b[2],sizeof(b[2]),"%s * not of type SOCK_STREAM.",p);
488	}
489	else if ( error == WSAESHUTDOWN )
490	{
491	- sprintf(b[0],"%s * WSAESHUTDOWN",p);
492	- sprintf(b[1],"%s * The socket has been shutdown.",p);
493	+ snprintf(b[0],sizeof(b[0]),"%s * WSAESHUTDOWN",p);
494	+ snprintf(b[1],sizeof(b[1]),"%s * The socket has been shutdown.",p);
495	}
496	else if ( error == WSAEWOULDBLOCK )
497	{
498	- sprintf(b[0],"%s * WSAEWOULDBLOCK",p);
499	- sprintf(b[1],"%s * The socket is marked as non-blocking",p);
500	- sprintf(b[2],"%s * and receive operation would block.",p);
501	+ snprintf(b[0],sizeof(b[0]),"%s * WSAEWOULDBLOCK",p);
502	+ snprintf(b[1],sizeof(b[1]),"%s * The socket is marked as non-blocking",p);
503	+ snprintf(b[2],sizeof(b[2]),"%s * and receive operation would block.",p);
504	}
505	else if ( error == WSAEMSGSIZE )
506	{
507	- sprintf(b[0],"%s * WSAEMSGSIZE",p);
508	- sprintf(b[1],"%s * The datagram was too large to",p);
509	- sprintf(b[2],"%s * fit into the specified buffer.",p);
510	+ snprintf(b[0],sizeof(b[0]),"%s * WSAEMSGSIZE",p);
511	+ snprintf(b[1],sizeof(b[1]),"%s * The datagram was too large to",p);
512	+ snprintf(b[2],sizeof(b[2]),"%s * fit into the specified buffer.",p);
513	}
514	else if ( error == WSAEINVAL )
515	{
516	- sprintf(b[0],"%s * WSAEINVAL",p);
517	- sprintf(b[1],"%s * The socket has not been bound with bind().",p);
518	+ snprintf(b[0],sizeof(b[0]),"%s * WSAEINVAL",p);
519	+ snprintf(b[1],sizeof(b[1]),"%s * The socket has not been bound with bind().",p);
520	}
521	else if ( error == WSAECONNABORTED )
522	{
523	- sprintf(b[0],"%s * WSAECONNABORTED",p);
524	- sprintf(b[1],"%s * The virtual circuit was aborted",p);
525	- sprintf(b[2],"%s * due to timeout or other failure.",p);
526	+ snprintf(b[0],sizeof(b[0]),"%s * WSAECONNABORTED",p);
527	+ snprintf(b[1],sizeof(b[1]),"%s * The virtual circuit was aborted",p);
528	+ snprintf(b[2],sizeof(b[2]),"%s * due to timeout or other failure.",p);
529	}
530	else if ( error == WSAECONNRESET )
531	{
532	- sprintf(b[0],"%s * WSAECONNRESET",p);
533	- sprintf(b[1],"%s * The virtual circuit was reset by the remote side.",p);
534	+ snprintf(b[0],sizeof(b[0]),"%s * WSAECONNRESET",p);
535	+ snprintf(b[1],sizeof(b[1]),"%s * The virtual circuit was reset by the remote side.",p);
536	}
537	else
538	{
539	- sprintf(b[0],"%s * WSA????",p);
540	- sprintf(b[1],"%s * Unexpected WINSOCK error code %d",p,error);
541	+ snprintf(b[0],sizeof(b[0]),"%s * WSA????",p);
542	+ snprintf(b[1],sizeof(b[1]),"%s * Unexpected WINSOCK error code %d",p,error);
543	}
544
545	#else
546
547	- if ( error == EBADF ) sprintf(b[0],"%s * EBADF", p );
548	- else if ( error == EAGAIN ) sprintf(b[0],"%s * EAGAIN",p );
549	- else if ( error == EDQUOT ) sprintf(b[0],"%s * EDQUOT",p );
550	- else if ( error == EFAULT ) sprintf(b[0],"%s * EFAULT",p );
551	- else if ( error == EFBIG ) sprintf(b[0],"%s * EFBIG", p );
552	- else if ( error == EINTR ) sprintf(b[0],"%s * EINTR", p );
553	- else if ( error == EINVAL ) sprintf(b[0],"%s * EINVAL",p );
554	- else if ( error == EIO ) sprintf(b[0],"%s * EIO", p );
555	- else if ( error == ENOSPC ) sprintf(b[0],"%s * ENOSPC",p );
556	- else if ( error == ENXIO ) sprintf(b[0],"%s * ENXIO", p );
557	- else if ( error == EPIPE ) sprintf(b[0],"%s * EPIPE", p );
558	- else if ( error == ERANGE ) sprintf(b[0],"%s * ERANGE",p );
559	- else if ( error == EINVAL ) sprintf(b[0],"%s * EINVAL",p );
560	- else if ( error == EWOULDBLOCK ) sprintf(b[0],"%s * EWOULDBLOCK",p );
561	+ if ( error == EBADF ) snprintf(b[0],sizeof(b[0]),"%s * EBADF", p );
562	+ else if ( error == EAGAIN ) snprintf(b[0],sizeof(b[0]),"%s * EAGAIN",p );
563	+ else if ( error == EDQUOT ) snprintf(b[0],sizeof(b[0]),"%s * EDQUOT",p );
564	+ else if ( error == EFAULT ) snprintf(b[0],sizeof(b[0]),"%s * EFAULT",p );
565	+ else if ( error == EFBIG ) snprintf(b[0],sizeof(b[0]),"%s * EFBIG", p );
566	+ else if ( error == EINTR ) snprintf(b[0],sizeof(b[0]),"%s * EINTR", p );
567	+ else if ( error == EINVAL ) snprintf(b[0],sizeof(b[0]),"%s * EINVAL",p );
568	+ else if ( error == EIO ) snprintf(b[0],sizeof(b[0]),"%s * EIO", p );
569	+ else if ( error == ENOSPC ) snprintf(b[0],sizeof(b[0]),"%s * ENOSPC",p );
570	+ else if ( error == ENXIO ) snprintf(b[0],sizeof(b[0]),"%s * ENXIO", p );
571	+ else if ( error == EPIPE ) snprintf(b[0],sizeof(b[0]),"%s * EPIPE", p );
572	+ else if ( error == ERANGE ) snprintf(b[0],sizeof(b[0]),"%s * ERANGE",p );
573	+ else if ( error == EINVAL ) snprintf(b[0],sizeof(b[0]),"%s * EINVAL",p );
574	+ else if ( error == EWOULDBLOCK ) snprintf(b[0],sizeof(b[0]),"%s * EWOULDBLOCK",p );
575
576	else
577	{
578	- sprintf(b[0],"%s * E???? Unexpected error code %d",p,error);
579	+ snprintf(b[0],sizeof(b[0]),"%s * E???? Unexpected error code %d",p,error);
580	}
581
582	#endif