diff options
| author | archie <archie@FreeBSD.org> | 1998-12-04 22:54:57 +0000 |
|---|---|---|
| committer | archie <archie@FreeBSD.org> | 1998-12-04 22:54:57 +0000 |
| commit | 982e80577dd08945aa2345ebe35e3f50eef9eb48 (patch) | |
| tree | e21ff4cbfbcb4097c6cc444d68ddd9a3fd37837f /sys/netatm | |
| parent | 707b8f68aa118c7396f2a2633751e32477d9ed08 (diff) | |
| download | FreeBSD-src-982e80577dd08945aa2345ebe35e3f50eef9eb48.zip FreeBSD-src-982e80577dd08945aa2345ebe35e3f50eef9eb48.tar.gz | |
Examine all occurrences of sprintf(), strcat(), and str[n]cpy()
for possible buffer overflow problems. Replaced most sprintf()'s
with snprintf(); for others cases, added terminating NUL bytes where
appropriate, replaced constants like "16" with sizeof(), etc.
These changes include several bug fixes, but most changes are for
maintainability's sake. Any instance where it wasn't "immediately
obvious" that a buffer overflow could not occur was made safer.
Reviewed by: Bruce Evans <bde@zeta.org.au>
Reviewed by: Matthew Dillon <dillon@apollo.backplane.com>
Reviewed by: Mike Spengler <mks@networkcs.com>
Diffstat (limited to 'sys/netatm')
| -rw-r--r-- | sys/netatm/atm_device.c | 6 | ||||
| -rw-r--r-- | sys/netatm/atm_if.c | 23 | ||||
| -rw-r--r-- | sys/netatm/atm_socket.c | 8 | ||||
| -rw-r--r-- | sys/netatm/ipatm/ipatm_usrreq.c | 7 | ||||
| -rw-r--r-- | sys/netatm/sigpvc/sigpvc_if.c | 7 | ||||
| -rw-r--r-- | sys/netatm/spans/spans_arp.c | 7 | ||||
| -rw-r--r-- | sys/netatm/spans/spans_cls.c | 6 | ||||
| -rw-r--r-- | sys/netatm/spans/spans_if.c | 7 | ||||
| -rw-r--r-- | sys/netatm/spans/spans_print.c | 86 | ||||
| -rw-r--r-- | sys/netatm/uni/sscf_uni.c | 6 | ||||
| -rw-r--r-- | sys/netatm/uni/sscop_pdu.c | 7 | ||||
| -rw-r--r-- | sys/netatm/uni/uniarp.c | 13 | ||||
| -rw-r--r-- | sys/netatm/uni/uniarp_cache.c | 8 | ||||
| -rw-r--r-- | sys/netatm/uni/uniarp_input.c | 7 | ||||
| -rw-r--r-- | sys/netatm/uni/unisig_if.c | 7 | ||||
| -rw-r--r-- | sys/netatm/uni/unisig_util.c | 12 |
16 files changed, 124 insertions, 93 deletions
diff --git a/sys/netatm/atm_device.c b/sys/netatm/atm_device.c index dca6a00..d68134f 100644 --- a/sys/netatm/atm_device.c +++ b/sys/netatm/atm_device.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: atm_device.c,v 1.2 1998/09/17 09:34:59 phk Exp $ + * @(#) $Id: atm_device.c,v 1.3 1998/10/31 20:06:54 phk Exp $ * */ @@ -38,7 +38,7 @@ #include <netatm/kern_include.h> #ifndef lint -__RCSID("@(#) $Id: atm_device.c,v 1.2 1998/09/17 09:34:59 phk Exp $"); +__RCSID("@(#) $Id: atm_device.c,v 1.3 1998/10/31 20:06:54 phk Exp $"); #endif @@ -874,7 +874,7 @@ atm_dev_pdu_print(cup, cvp, m, msg) { char buf[128]; - sprintf(buf, "%s vcc=(%d,%d)", msg, + snprintf(buf, sizeof(buf), "%s vcc=(%d,%d)", msg, cvp->cv_connvc->cvc_vcc->vc_vpi, cvp->cv_connvc->cvc_vcc->vc_vci); diff --git a/sys/netatm/atm_if.c b/sys/netatm/atm_if.c index 6ae7734..a360955 100644 --- a/sys/netatm/atm_if.c +++ b/sys/netatm/atm_if.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: atm_if.c,v 1.1 1998/09/15 08:22:57 phk Exp $ + * @(#) $Id: atm_if.c,v 1.2 1998/10/31 20:06:54 phk Exp $ * */ @@ -38,7 +38,7 @@ #include <netatm/kern_include.h> #ifndef lint -__RCSID("@(#) $Id: atm_if.c,v 1.1 1998/09/15 08:22:57 phk Exp $"); +__RCSID("@(#) $Id: atm_if.c,v 1.2 1998/10/31 20:06:54 phk Exp $"); #endif @@ -326,8 +326,8 @@ atm_physif_ioctl(code, data, arg) KM_ZERO((caddr_t)&apr, sizeof(apr)); smp = pip->pif_sigmgr; sip = pip->pif_siginst; - (void) sprintf(apr.anp_intf, "%s%d", pip->pif_name, - pip->pif_unit ); + (void) snprintf(apr.anp_intf, sizeof(apr.anp_intf), + "%s%d", pip->pif_name, pip->pif_unit ); if ( pip->pif_nif ) { strcpy(apr.anp_nif_pref, pip->pif_nif->nif_if.if_name); @@ -380,14 +380,14 @@ atm_physif_ioctl(code, data, arg) * Fill in info to be returned */ KM_ZERO((caddr_t)&anr, sizeof(anr)); - (void) sprintf(anr.anp_intf, "%s%d", ifp->if_name, - ifp->if_unit); + (void) snprintf(anr.anp_intf, sizeof(anr.anp_intf), + "%s%d", ifp->if_name, ifp->if_unit); IFP_TO_IA(ifp, ia); if (ia) { anr.anp_proto_addr = *ia->ia_ifa.ifa_addr; } - (void) sprintf(anr.anp_phy_intf, "%s%d", pip->pif_name, - pip->pif_unit); + (void) snprintf(anr.anp_phy_intf, sizeof(anr.anp_phy_intf), + "%s%d", pip->pif_name, pip->pif_unit); /* * Copy data to user buffer @@ -410,7 +410,8 @@ atm_physif_ioctl(code, data, arg) pip = (struct atm_pif *)arg; if ( pip == NULL ) return ( ENXIO ); - sprintf ( ifname, "%s%d", pip->pif_name, pip->pif_unit ); + snprintf ( ifname, sizeof(ifname), + "%s%d", pip->pif_name, pip->pif_unit ); /* * Cast response into users buffer @@ -572,8 +573,8 @@ atm_physif_ioctl(code, data, arg) * Fill in info to be returned */ KM_ZERO((caddr_t)&acr, sizeof(acr)); - (void) sprintf(acr.acp_intf, "%s%d", pip->pif_name, - pip->pif_unit); + (void) snprintf(acr.acp_intf, sizeof(acr.acp_intf), + "%s%d", pip->pif_name, pip->pif_unit); KM_COPY((caddr_t)acp, (caddr_t)&acr.acp_cfg, sizeof(Atm_config)); diff --git a/sys/netatm/atm_socket.c b/sys/netatm/atm_socket.c index 537e8ae..004fba4 100644 --- a/sys/netatm/atm_socket.c +++ b/sys/netatm/atm_socket.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: atm_socket.c,v 1.1 1998/09/15 08:22:58 phk Exp $ + * @(#) $Id: atm_socket.c,v 1.2 1998/10/31 20:06:54 phk Exp $ * */ @@ -38,7 +38,7 @@ #include <netatm/kern_include.h> #ifndef lint -__RCSID("@(#) $Id: atm_socket.c,v 1.1 1998/09/15 08:22:58 phk Exp $"); +__RCSID("@(#) $Id: atm_socket.c,v 1.2 1998/10/31 20:06:54 phk Exp $"); #endif @@ -1207,8 +1207,8 @@ atm_sock_getopt(so, sopt, atp) struct ifnet *ifp; ifp = &ap->nif->nif_if; - (void) sprintf(netif.net_intf, "%s%d", - ifp->if_name, ifp->if_unit); + (void) snprintf(netif.net_intf, sizeof(netif.net_intf), + "%s%d", ifp->if_name, ifp->if_unit); return (sooptcopyout(sopt, &netif, sizeof netif)); } else { diff --git a/sys/netatm/ipatm/ipatm_usrreq.c b/sys/netatm/ipatm/ipatm_usrreq.c index 41bf42a..6fc94d6 100644 --- a/sys/netatm/ipatm/ipatm_usrreq.c +++ b/sys/netatm/ipatm/ipatm_usrreq.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: ipatm_usrreq.c,v 1.1 1998/09/15 08:23:01 phk Exp $ + * @(#) $Id: ipatm_usrreq.c,v 1.2 1998/10/31 20:06:55 phk Exp $ * */ @@ -42,7 +42,7 @@ #include <netatm/ipatm/ipatm_serv.h> #ifndef lint -__RCSID("@(#) $Id: ipatm_usrreq.c,v 1.1 1998/09/15 08:23:01 phk Exp $"); +__RCSID("@(#) $Id: ipatm_usrreq.c,v 1.2 1998/10/31 20:06:55 phk Exp $"); #endif @@ -333,7 +333,8 @@ ipatm_ioctl(code, data, arg1) AF_INET; SATOSIN(&aivr.aip_dst_addr)->sin_addr.s_addr = ivp->iv_dst.s_addr; - (void) sprintf(aivr.aip_intf, "%s%d", + (void) snprintf(aivr.aip_intf, + sizeof(aivr.aip_intf), "%s%d", inp->inf_nif->nif_if.if_name, inp->inf_nif->nif_if.if_unit); if ((ivp->iv_conn) && diff --git a/sys/netatm/sigpvc/sigpvc_if.c b/sys/netatm/sigpvc/sigpvc_if.c index b7117be..d17a761 100644 --- a/sys/netatm/sigpvc/sigpvc_if.c +++ b/sys/netatm/sigpvc/sigpvc_if.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: sigpvc_if.c,v 1.1 1998/09/15 08:23:02 phk Exp $ + * @(#) $Id: sigpvc_if.c,v 1.2 1998/10/31 20:06:56 phk Exp $ * */ @@ -46,7 +46,7 @@ #include <netatm/sigpvc/sigpvc_var.h> #ifndef lint -__RCSID("@(#) $Id: sigpvc_if.c,v 1.1 1998/09/15 08:23:02 phk Exp $"); +__RCSID("@(#) $Id: sigpvc_if.c,v 1.2 1998/10/31 20:06:56 phk Exp $"); #endif @@ -604,7 +604,8 @@ sigpvc_ioctl(code, data, arg1) /* * Fill in info to be returned */ - (void) sprintf(avr.avp_intf, "%s%d", + (void) snprintf(avr.avp_intf, sizeof(avr.avp_intf), + "%s%d", pvp->pv_pif->pif_name, pvp->pv_pif->pif_unit); avr.avp_vpi = vcp->vc_vpi; avr.avp_vci = vcp->vc_vci; diff --git a/sys/netatm/spans/spans_arp.c b/sys/netatm/spans/spans_arp.c index bdcacc6..a324fc4 100644 --- a/sys/netatm/spans/spans_arp.c +++ b/sys/netatm/spans/spans_arp.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: spans_arp.c,v 1.1 1998/09/15 08:23:02 phk Exp $ + * @(#) $Id: spans_arp.c,v 1.2 1998/10/31 20:06:56 phk Exp $ * */ @@ -44,7 +44,7 @@ #include <netatm/spans/spans_cls.h> #ifndef lint -__RCSID("@(#) $Id: spans_arp.c,v 1.1 1998/09/15 08:23:02 phk Exp $"); +__RCSID("@(#) $Id: spans_arp.c,v 1.2 1998/10/31 20:06:56 phk Exp $"); #endif @@ -1089,7 +1089,8 @@ spansarp_ioctl(code, data, arg1) AF_INET; SATOSIN(&aar.aap_arp_addr)->sin_addr.s_addr = sap->sa_dstip.s_addr; - (void) sprintf(aar.aap_intf, "%s%d", + (void) snprintf(aar.aap_intf, + sizeof(aar.aap_intf), "%s%d", clp->cls_ipnif->inf_nif->nif_if.if_name, clp->cls_ipnif->inf_nif->nif_if.if_unit ); diff --git a/sys/netatm/spans/spans_cls.c b/sys/netatm/spans/spans_cls.c index f4a6ba8..17dc135 100644 --- a/sys/netatm/spans/spans_cls.c +++ b/sys/netatm/spans/spans_cls.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: spans_cls.c,v 1.1 1998/09/15 08:23:03 phk Exp $ + * @(#) $Id: spans_cls.c,v 1.2 1998/10/31 20:06:56 phk Exp $ * */ @@ -44,7 +44,7 @@ #include <netatm/spans/spans_cls.h> #ifndef lint -__RCSID("@(#) $Id: spans_cls.c,v 1.1 1998/09/15 08:23:03 phk Exp $"); +__RCSID("@(#) $Id: spans_cls.c,v 1.2 1998/10/31 20:06:56 phk Exp $"); #endif @@ -842,7 +842,7 @@ spanscls_pdu_print(clp, m, msg) { char buf[128]; - sprintf(buf, "spanscls %s:\n", msg); + snprintf(buf, sizeof(buf), "spanscls %s:\n", msg); atm_pdu_print(m, buf); } diff --git a/sys/netatm/spans/spans_if.c b/sys/netatm/spans/spans_if.c index e03f36b..4557f26 100644 --- a/sys/netatm/spans/spans_if.c +++ b/sys/netatm/spans/spans_if.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: spans_if.c,v 1.2 1998/09/17 09:35:00 phk Exp $ + * @(#) $Id: spans_if.c,v 1.3 1998/10/31 20:06:56 phk Exp $ * */ @@ -46,7 +46,7 @@ #include <netatm/spans/spans_var.h> #ifndef lint -__RCSID("@(#) $Id: spans_if.c,v 1.2 1998/09/17 09:35:00 phk Exp $"); +__RCSID("@(#) $Id: spans_if.c,v 1.3 1998/10/31 20:06:56 phk Exp $"); #endif /* @@ -972,7 +972,8 @@ spans_ioctl(code, data, arg1) /* * Fill out the response struct for the VCC */ - (void) sprintf(rsp.avp_intf, "%s%d", + (void) snprintf(rsp.avp_intf, + sizeof(rsp.avp_intf), "%s%d", spp->sp_pif->pif_name, spp->sp_pif->pif_unit); rsp.avp_vpi = svp->sv_vpi; diff --git a/sys/netatm/spans/spans_print.c b/sys/netatm/spans/spans_print.c index 96e963b..99e8c94 100644 --- a/sys/netatm/spans/spans_print.c +++ b/sys/netatm/spans/spans_print.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: spans_print.c,v 1.2 1998/09/17 09:35:00 phk Exp $ + * @(#) $Id: spans_print.c,v 1.3 1998/10/31 20:06:56 phk Exp $ * */ @@ -41,7 +41,7 @@ #include <netatm/spans/spans_var.h> #ifndef lint -__RCSID("@(#) $Id: spans_print.c,v 1.2 1998/09/17 09:35:00 phk Exp $"); +__RCSID("@(#) $Id: spans_print.c,v 1.3 1998/10/31 20:06:56 phk Exp $"); #endif /* @@ -54,17 +54,17 @@ __RCSID("@(#) $Id: spans_print.c,v 1.2 1998/09/17 09:35:00 phk Exp $"); /* * Local functions */ -static void spans_msgtype_str __P((spans_msgtype *, char *)); +static void spans_msgtype_str __P((spans_msgtype *, char *, int)); static void spans_print_msgbody __P((spans_msgbody *)); -static void spans_result_str __P((spans_result *, char *)); +static void spans_result_str __P((spans_result *, char *, int)); #ifdef LONGPRINT static void inc_indent __P((void)); static void dec_indent __P((void)); -static void spans_aal_str __P((spans_aal *, char *)); -static void spans_query_type_str __P((spans_query_type *, char *)); -static void spans_state_str __P((spans_query_type *, char *)); +static void spans_aal_str __P((spans_aal *, char *, int)); +static void spans_query_type_str __P((spans_query_type *, char *, int)); +static void spans_state_str __P((spans_query_type *, char *, int)); static void spans_print_version __P((spans_version *)); static void spans_print_vpvc __P((spans_vpvc *)); static void spans_print_vpvc_pref __P((spans_vpvc_pref *)); @@ -132,9 +132,10 @@ dec_indent() } static void -spans_aal_str(objp, dest) +spans_aal_str(objp, dest, len) spans_aal *objp; char *dest; + int len; { static char *aal_names[] = { "SPANS_AAL0", @@ -146,9 +147,9 @@ spans_aal_str(objp, dest) }; if (*objp < SPANS_AAL0 || *objp > SPANS_AAL5) { - sprintf(dest, "Invalid (%d)", (int)*objp); + snprintf(dest, len, "Invalid (%d)", (int)*objp); } else { - sprintf(dest, "%s (%d)", aal_names[(int)*objp], + snprintf(dest, len, "%s (%d)", aal_names[(int)*objp], (int)*objp); } } @@ -156,9 +157,10 @@ spans_aal_str(objp, dest) #endif static void -spans_result_str(objp, dest) +spans_result_str(objp, dest, len) spans_result *objp; char *dest; + int len; { static char *result_names[] = { "SPANS_OK", @@ -169,17 +171,18 @@ spans_result_str(objp, dest) }; if (*objp < SPANS_OK || *objp > SPANS_BADDEST) { - sprintf(dest, "Invalid (%d)", (int)*objp); + snprintf(dest, len, "Invalid (%d)", (int)*objp); } else { - sprintf(dest, "%s (%d)", + snprintf(dest, len, "%s (%d)", result_names[(int)*objp], (int)*objp); } } static void -spans_msgtype_str(objp, dest) +spans_msgtype_str(objp, dest, len) spans_msgtype *objp; char *dest; + int len; { int i; @@ -225,7 +228,7 @@ spans_msgtype_str(objp, dest) */ for (i=0; msgtype_names[i].name; i++) { if (*objp == msgtype_names[i].type) { - sprintf(dest, "%s (%d)", + snprintf(dest, len, "%s (%d)", msgtype_names[i].name, (int)*objp); return; @@ -235,15 +238,16 @@ spans_msgtype_str(objp, dest) /* * Type was not found--return an error indicator */ - sprintf(dest, "Invalid (%d)", (int)*objp); + snprintf(dest, len, "Invalid (%d)", (int)*objp); } #ifdef LONGPRINT static void -spans_query_type_str(objp, dest) +spans_query_type_str(objp, dest, len) spans_query_type *objp; char *dest; + int len; { static char *query_names[] = { "SPANS_QUERY_NORMAL", @@ -253,17 +257,18 @@ spans_query_type_str(objp, dest) if (*objp < SPANS_QUERY_NORMAL || *objp > SPANS_QUERY_END_TO_END) { - sprintf(dest, "Invalid (%d)", (int)*objp); + snprintf(dest, len, "Invalid (%d)", (int)*objp); } else { - sprintf(dest, "%s (%d)", query_names[(int)*objp], + snprintf(dest, len, "%s (%d)", query_names[(int)*objp], (int)*objp); } } static void -spans_state_str(objp, dest) +spans_state_str(objp, dest, len) spans_query_type *objp; char *dest; + int len; { static char *state_names[] = { "SPANS_CONN_OPEN", @@ -273,9 +278,9 @@ spans_state_str(objp, dest) }; if (*objp < SPANS_CONN_OPEN || *objp > SPANS_CONN_CLOSED) { - sprintf(dest, "Invalid (%d)", (int)*objp); + snprintf(dest, len, "Invalid (%d)", (int)*objp); } else { - sprintf(dest, "%s (%d)", state_names[(int)*objp], + snprintf(dest, len, "%s (%d)", state_names[(int)*objp], (int)*objp); } } @@ -357,7 +362,7 @@ spans_print_aal(objp) { char aal_str[80]; - spans_aal_str(objp, aal_str); + spans_aal_str(objp, aal_str, sizeof(aal_str)); printf("%sspans_aal %s\n", spans_indent, aal_str); } @@ -367,7 +372,7 @@ spans_print_result(objp) { char result_str[80]; - spans_result_str(objp, result_str); + spans_result_str(objp, result_str, sizeof(result_str)); printf("%sspans_result %s\n", spans_indent, result_str); } @@ -377,7 +382,7 @@ spans_print_msgtype(objp) { char msgtype_str[80]; - spans_msgtype_str(objp, msgtype_str); + spans_msgtype_str(objp, msgtype_str, sizeof(msgtype_str)); printf("%sspans_msgtype %s\n", spans_indent, msgtype_str); } @@ -717,7 +722,8 @@ spans_print_parm_query_req(objp) printf("%sspans_parm_query_req\n", spans_indent); inc_indent(); spans_print_atm_conn(&objp->qyreq_conn); - spans_query_type_str(&objp->qyreq_type, query_type_str); + spans_query_type_str(&objp->qyreq_type, + query_type_str, sizeof(query_type_str)); printf("%sqyreq_type %s\n", spans_indent, query_type_str); dec_indent(); } @@ -731,9 +737,11 @@ spans_print_parm_query_rsp(objp) printf("%sspans_parm_query_rsp\n", spans_indent); inc_indent(); spans_print_atm_conn(&objp->qyrsp_conn); - spans_query_type_str(&objp->qyrsp_type, query_type_str); + spans_query_type_str(&objp->qyrsp_type, + query_type_str, sizeof(query_type_str)); printf("%sqyrsp_type %s\n", spans_indent, query_type_str); - spans_state_str(&objp->qyrsp_state, state_type_str); + spans_state_str(&objp->qyrsp_state, + state_type_str, sizeof(state_type_str)); printf("%sqyrsp_state %s\n", spans_indent, state_type_str); printf("%sqyrsp_data 0x%x\n", spans_indent, objp->qyrsp_data); @@ -877,7 +885,7 @@ spans_print_msgbody(objp) spans_parm_rclose_rsp *rcrsp_p; spans_parm_rclose_cnf *rccnf_p; - spans_msgtype_str(&objp->mb_type, msgtype_str); + spans_msgtype_str(&objp->mb_type, msgtype_str, sizeof(msgtype_str)); printf("%s: ", msgtype_str); switch (objp->mb_type) { case SPANS_STAT_REQ: @@ -889,7 +897,7 @@ spans_print_msgbody(objp) strncpy(daddr, spans_addr_print(&stind_p->stind_es_addr), sizeof(daddr)); strncpy(saddr, spans_addr_print(&stind_p->stind_sw_addr), - sizeof(daddr)); + sizeof(saddr)); printf("sw_epoch=0x%lx, es_addr=%s, sw_addr=0x%s", stind_p->stind_sw_epoch, daddr, saddr); @@ -939,7 +947,8 @@ spans_print_msgbody(objp) sizeof(daddr)); strncpy(saddr, spans_addr_print(&oprsp_p->oprsp_conn.con_src), sizeof(saddr)); - spans_result_str(&oprsp_p->oprsp_result, result_str); + spans_result_str(&oprsp_p->oprsp_result, result_str, + sizeof(result_str)); printf("result=%s, daddr=%s, saddr=%s, dsap=%d, ssap=%d, vp.vc=%d.%d", result_str, daddr, saddr, oprsp_p->oprsp_conn.con_dsap, @@ -953,7 +962,8 @@ spans_print_msgbody(objp) sizeof(daddr)); strncpy(saddr, spans_addr_print(&opcnf_p->opcnf_conn.con_src), sizeof(saddr)); - spans_result_str(&opcnf_p->opcnf_result, result_str); + spans_result_str(&opcnf_p->opcnf_result, result_str, + sizeof(result_str)); printf("result=%s, daddr=%s, saddr=%s, dsap=%d, ssap=%d, vp.vc=%d.%d", result_str, daddr, saddr, opcnf_p->opcnf_conn.con_dsap, @@ -989,7 +999,8 @@ spans_print_msgbody(objp) sizeof(daddr)); strncpy(saddr, spans_addr_print(&clrsp_p->clrsp_conn.con_src), sizeof(saddr)); - spans_result_str(&clrsp_p->clrsp_result, result_str); + spans_result_str(&clrsp_p->clrsp_result, result_str, + sizeof(result_str)); printf("result=%s, daddr=%s, saddr=%s, dsap=%d, ssap=%d", result_str, daddr, saddr, clrsp_p->clrsp_conn.con_dsap, @@ -1001,7 +1012,8 @@ spans_print_msgbody(objp) sizeof(daddr)); strncpy(saddr, spans_addr_print(&clcnf_p->clcnf_conn.con_src), sizeof(saddr)); - spans_result_str(&clcnf_p->clcnf_result, result_str); + spans_result_str(&clcnf_p->clcnf_result, result_str, + sizeof(result_str)); printf("result=%s, daddr=%s, saddr=%s, dsap=%d, ssap=%d", result_str, daddr, saddr, clcnf_p->clcnf_conn.con_dsap, @@ -1035,7 +1047,8 @@ spans_print_msgbody(objp) sizeof(daddr)); strncpy(saddr, spans_addr_print(&rcrsp_p->rcrsp_conn.con_src), sizeof(saddr)); - spans_result_str(&rcrsp_p->rcrsp_result, result_str); + spans_result_str(&rcrsp_p->rcrsp_result, result_str, + sizeof(result_str)); printf("result=%s, daddr=%s, saddr=%s, dsap=%d, ssap=%d", result_str, daddr, saddr, rcrsp_p->rcrsp_conn.con_dsap, @@ -1047,7 +1060,8 @@ spans_print_msgbody(objp) sizeof(daddr)); strncpy(saddr, spans_addr_print(&rccnf_p->rccnf_conn.con_src), sizeof(saddr)); - spans_result_str(&rccnf_p->rccnf_result, result_str); + spans_result_str(&rccnf_p->rccnf_result, result_str, + sizeof(result_str)); printf("result=%s, daddr=%s, saddr=%s, dsap=%d, ssap=%d", result_str, daddr, saddr, rccnf_p->rccnf_conn.con_dsap, diff --git a/sys/netatm/uni/sscf_uni.c b/sys/netatm/uni/sscf_uni.c index 49e7186..b734524 100644 --- a/sys/netatm/uni/sscf_uni.c +++ b/sys/netatm/uni/sscf_uni.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: sscf_uni.c,v 1.2 1998/09/17 09:35:01 phk Exp $ + * @(#) $Id: sscf_uni.c,v 1.3 1998/10/31 20:07:00 phk Exp $ * */ @@ -43,7 +43,7 @@ #include <netatm/uni/sscf_uni_var.h> #ifndef lint -__RCSID("@(#) $Id: sscf_uni.c,v 1.2 1998/09/17 09:35:01 phk Exp $"); +__RCSID("@(#) $Id: sscf_uni.c,v 1.3 1998/10/31 20:07:00 phk Exp $"); #endif @@ -310,7 +310,7 @@ sscf_uni_pdu_print(uvp, m, msg) struct vccb *vcp; vcp = uvp->uv_connvc->cvc_vcc; - sprintf(buf, "sscf_uni %s: vcc=(%d,%d)\n", + snprintf(buf, sizeof(buf), "sscf_uni %s: vcc=(%d,%d)\n", msg, vcp->vc_vpi, vcp->vc_vci); atm_pdu_print(m, buf); } diff --git a/sys/netatm/uni/sscop_pdu.c b/sys/netatm/uni/sscop_pdu.c index 86522b9..0356284 100644 --- a/sys/netatm/uni/sscop_pdu.c +++ b/sys/netatm/uni/sscop_pdu.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: sscop_pdu.c,v 1.1 1998/09/15 08:23:07 phk Exp $ + * @(#) $Id: sscop_pdu.c,v 1.2 1998/10/31 20:07:00 phk Exp $ * */ @@ -44,7 +44,7 @@ #include <netatm/uni/sscop_var.h> #ifndef lint -__RCSID("@(#) $Id: sscop_pdu.c,v 1.1 1998/09/15 08:23:07 phk Exp $"); +__RCSID("@(#) $Id: sscop_pdu.c,v 1.2 1998/10/31 20:07:00 phk Exp $"); #endif /* @@ -1231,7 +1231,8 @@ sscop_pdu_print(sop, m, msg) struct vccb *vcp; vcp = sop->so_connvc->cvc_vcc; - sprintf(buf, "sscop %s: vcc=(%d,%d)\n", msg, vcp->vc_vpi, vcp->vc_vci); + snprintf(buf, sizeof(buf), + "sscop %s: vcc=(%d,%d)\n", msg, vcp->vc_vpi, vcp->vc_vci); atm_pdu_print(m, buf); } diff --git a/sys/netatm/uni/uniarp.c b/sys/netatm/uni/uniarp.c index b972541..9aae374 100644 --- a/sys/netatm/uni/uniarp.c +++ b/sys/netatm/uni/uniarp.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: uniarp.c,v 1.2 1998/09/17 09:35:01 phk Exp $ + * @(#) $Id: uniarp.c,v 1.3 1998/10/31 20:07:00 phk Exp $ * */ @@ -43,7 +43,7 @@ #include <netatm/uni/uniip_var.h> #ifndef lint -__RCSID("@(#) $Id: uniarp.c,v 1.2 1998/09/17 09:35:01 phk Exp $"); +__RCSID("@(#) $Id: uniarp.c,v 1.3 1998/10/31 20:07:00 phk Exp $"); #endif @@ -1022,7 +1022,8 @@ uniarp_ioctl(code, data, arg1) AF_INET; SATOSIN(&aar.aap_arp_addr)->sin_addr.s_addr = uap->ua_dstip.s_addr; - (void) sprintf(aar.aap_intf, "%s%d", + (void) snprintf(aar.aap_intf, + sizeof(aar.aap_intf), "%s%d", nip->nif_if.if_name, nip->nif_if.if_unit); aar.aap_flags = uap->ua_flags; @@ -1076,7 +1077,8 @@ uniarp_ioctl(code, data, arg1) */ SATOSIN(&aar.aap_arp_addr)->sin_family = AF_INET; SATOSIN(&aar.aap_arp_addr)->sin_addr.s_addr = 0; - (void) sprintf(aar.aap_intf, "%s%d", + (void) snprintf(aar.aap_intf, + sizeof(aar.aap_intf), "%s%d", nip->nif_if.if_name, nip->nif_if.if_unit); aar.aap_flags = 0; aar.aap_origin = uap->ua_origin; @@ -1157,7 +1159,8 @@ updbuf: * Fill in info to be returned */ nip = uip->uip_ipnif->inf_nif; - (void) sprintf(asr.asp_intf, "%s%d", + (void) snprintf(asr.asp_intf, + sizeof(asr.asp_intf), "%s%d", nip->nif_if.if_name, nip->nif_if.if_unit); asr.asp_state = uip->uip_arpstate; if (uip->uip_arpstate == UIAS_SERVER_ACTIVE) { diff --git a/sys/netatm/uni/uniarp_cache.c b/sys/netatm/uni/uniarp_cache.c index c5bf5ae..88a26a5 100644 --- a/sys/netatm/uni/uniarp_cache.c +++ b/sys/netatm/uni/uniarp_cache.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: uniarp_cache.c,v 1.1 1998/09/15 08:23:09 phk Exp $ + * @(#) $Id: uniarp_cache.c,v 1.2 1998/10/31 20:07:00 phk Exp $ * */ @@ -43,7 +43,7 @@ #include <netatm/uni/uniip_var.h> #ifndef lint -__RCSID("@(#) $Id: uniarp_cache.c,v 1.1 1998/09/15 08:23:09 phk Exp $"); +__RCSID("@(#) $Id: uniarp_cache.c,v 1.2 1998/10/31 20:07:00 phk Exp $"); #endif @@ -79,6 +79,7 @@ uniarp_cache_svc(uip, ip, atm, atmsub, origin) #ifdef DIAGNOSTIC strncpy(abuf, unisig_addr_print(atmsub), sizeof(abuf)); + abuf[sizeof(abuf) - 1] = 0; ATM_DEBUG4("cache_svc: ip=%s, atm=(%s,%s), origin=%d\n", inet_ntoa(*ip), unisig_addr_print(atm), abuf, origin); #endif @@ -156,6 +157,7 @@ uniarp_cache_svc(uip, ip, atm, atmsub, origin) if (ipuap->ua_ivp != NULL) { strncpy(abuf, unisig_addr_print(atmsub), sizeof(abuf)); + abuf[sizeof(abuf) - 1] = 0; log(LOG_WARNING, "uniarp: duplicate IP address %s from %s,%s\n", inet_ntoa(*ip), unisig_addr_print(atm), @@ -185,6 +187,7 @@ uniarp_cache_svc(uip, ip, atm, atmsub, origin) } strncpy(abuf, unisig_addr_print(atmsub), sizeof(abuf)); + abuf[sizeof(abuf) - 1] = 0; log(LOG_WARNING, "uniarp: ATM address for %s changed to %s,%s\n", inet_ntoa(*ip), unisig_addr_print(atm), abuf); @@ -328,6 +331,7 @@ uniarp_cache_pvc(ivp, ip, atm, atmsub) vci = ivp->iv_conn->co_connvc->cvc_vcc->vc_vci; } strncpy(buf, unisig_addr_print(atmsub), sizeof(buf)); + buf[sizeof(buf) - 1] = 0; ATM_DEBUG5("cache_pvc: vcc=(%d,%d), ip=%s, atm=(%s,%s)\n", vpi, vci, inet_ntoa(*ip), unisig_addr_print(atm), buf); #endif diff --git a/sys/netatm/uni/uniarp_input.c b/sys/netatm/uni/uniarp_input.c index 9ef6225..b621ac3 100644 --- a/sys/netatm/uni/uniarp_input.c +++ b/sys/netatm/uni/uniarp_input.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: uniarp_input.c,v 1.1 1998/09/15 08:23:09 phk Exp $ + * @(#) $Id: uniarp_input.c,v 1.2 1998/10/31 20:07:00 phk Exp $ * */ @@ -43,7 +43,7 @@ #include <netatm/uni/uniip_var.h> #ifndef lint -__RCSID("@(#) $Id: uniarp_input.c,v 1.1 1998/09/15 08:23:09 phk Exp $"); +__RCSID("@(#) $Id: uniarp_input.c,v 1.2 1998/10/31 20:07:00 phk Exp $"); #endif @@ -846,7 +846,8 @@ uniarp_pdu_print(ivp, m, msg) struct vccb *vcp; vcp = ivp->iv_conn->co_connvc->cvc_vcc; - sprintf(buf, "uniarp %s: vcc=(%d,%d)\n", msg, vcp->vc_vpi, vcp->vc_vci); + snprintf(buf, sizeof(buf), + "uniarp %s: vcc=(%d,%d)\n", msg, vcp->vc_vpi, vcp->vc_vci); atm_pdu_print(m, buf); } diff --git a/sys/netatm/uni/unisig_if.c b/sys/netatm/uni/unisig_if.c index e1cfc8f..c85e462 100644 --- a/sys/netatm/uni/unisig_if.c +++ b/sys/netatm/uni/unisig_if.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: unisig_if.c,v 1.2 1998/09/17 09:35:02 phk Exp $ + * @(#) $Id: unisig_if.c,v 1.3 1998/10/31 20:07:01 phk Exp $ * */ @@ -47,7 +47,7 @@ #include <netatm/uni/unisig_msg.h> #ifndef lint -__RCSID("@(#) $Id: unisig_if.c,v 1.2 1998/09/17 09:35:02 phk Exp $"); +__RCSID("@(#) $Id: unisig_if.c,v 1.3 1998/10/31 20:07:01 phk Exp $"); #endif @@ -894,7 +894,8 @@ unisig_ioctl(code, data, arg1) /* * Fill out the response struct for the VCC */ - (void) sprintf(rsp.avp_intf, "%s%d", + (void) snprintf(rsp.avp_intf, + sizeof(rsp.avp_intf), "%s%d", usp->us_pif->pif_name, usp->us_pif->pif_unit); rsp.avp_vpi = uvp->uv_vpi; diff --git a/sys/netatm/uni/unisig_util.c b/sys/netatm/uni/unisig_util.c index 6a3afb8..a3a2ab2 100644 --- a/sys/netatm/uni/unisig_util.c +++ b/sys/netatm/uni/unisig_util.c @@ -23,7 +23,7 @@ * Copies of this Software may be made, however, the above copyright * notice must be reproduced on all copies. * - * @(#) $Id: unisig_util.c,v 1.2 1998/09/17 09:35:02 phk Exp $ + * @(#) $Id: unisig_util.c,v 1.3 1998/10/31 20:07:01 phk Exp $ * */ @@ -42,7 +42,7 @@ #include <netatm/uni/unisig_msg.h> #ifndef lint -__RCSID("@(#) $Id: unisig_util.c,v 1.2 1998/09/17 09:35:02 phk Exp $"); +__RCSID("@(#) $Id: unisig_util.c,v 1.3 1998/10/31 20:07:01 phk Exp $"); #endif @@ -303,7 +303,8 @@ unisig_addr_print(p) * two-digit hex representation of the * NSAP byte in the output buffer */ - sprintf(t_buff, "%x", *cp + 512); + snprintf(t_buff, sizeof(t_buff), + "%x", *cp + 512); strcpy(op, &t_buff[strlen(t_buff)-2]); op++; op++; cp++; @@ -325,7 +326,8 @@ unisig_addr_print(p) * Print the IA5 characters of the E.164 address */ for(i=0; i<p->address_length; i++) { - sprintf(&strbuff[strlen(strbuff)], "%c", + snprintf(strbuff + strlen(strbuff), + sizeof(strbuff) - strlen(strbuff), "%c", ((Atm_addr_e164 *)p->address)->aae_addr[i]); } break; @@ -346,7 +348,7 @@ unisig_addr_print(p) /* * Print the address as two words xxxxx.yyyyyyyy */ - sprintf(strbuff, "%x.%x", u1.w, u2.w); + snprintf(strbuff, sizeof(strbuff), "%x.%x", u1.w, u2.w); break; case T_ATM_ABSENT: |
