diff options
author | will <will@FreeBSD.org> | 2000-11-30 13:56:19 +0000 |
---|---|---|
committer | will <will@FreeBSD.org> | 2000-11-30 13:56:19 +0000 |
commit | 4e7062f7a76f231ee5e81e160fac28829caa7f6a (patch) | |
tree | c3355f0f44b765a51b60d042f361f787b2298e1f /usr.bin/make | |
parent | 56b0ddae6c97b0d229fa62bc685d8379452c108b (diff) | |
download | FreeBSD-src-4e7062f7a76f231ee5e81e160fac28829caa7f6a.zip FreeBSD-src-4e7062f7a76f231ee5e81e160fac28829caa7f6a.tar.gz |
Format string paranoia. This should avoid potential buffer overflows from
user input (in its ever-broadening definition).
Obtained from: NetBSD
Diffstat (limited to 'usr.bin/make')
-rw-r--r-- | usr.bin/make/arch.c | 34 | ||||
-rw-r--r-- | usr.bin/make/main.c | 2 | ||||
-rw-r--r-- | usr.bin/make/util.c | 6 |
3 files changed, 29 insertions, 13 deletions
diff --git a/usr.bin/make/arch.c b/usr.bin/make/arch.c index c4763bc7..eee9166 100644 --- a/usr.bin/make/arch.c +++ b/usr.bin/make/arch.c @@ -186,7 +186,7 @@ Arch_ParseArchive (linePtr, nodeLst, ctxt) GNode *gn; /* New node */ char *libName; /* Library-part of specification */ char *memName; /* Member-part of specification */ - char nameBuf[MAKE_BSIZE]; /* temporary place for node name */ + char *nameBuf; /* temporary place for node name */ char saveChar; /* Ending delimiter of member-name */ Boolean subLibName; /* TRUE if libName should have/had * variable substitution performed on it */ @@ -299,6 +299,7 @@ Arch_ParseArchive (linePtr, nodeLst, ctxt) char *buf; char *sacrifice; char *oldMemName = memName; + size_t sz; memName = Var_Subst(NULL, memName, ctxt, TRUE); @@ -307,9 +308,11 @@ Arch_ParseArchive (linePtr, nodeLst, ctxt) * variables and multi-word variable values.... The results * are just placed at the end of the nodeLst we're returning. */ - buf = sacrifice = emalloc(strlen(memName)+strlen(libName)+3); - sprintf(buf, "%s(%s)", libName, memName); + sz = strlen(memName) + strlen(libName) + 3; + buf = sacrifice = emalloc(sz); + + snprintf(buf, sz, "%s(%s)", libName, memName); if (strchr(memName, '$') && strcmp(memName, oldMemName) == 0) { /* @@ -341,15 +344,22 @@ Arch_ParseArchive (linePtr, nodeLst, ctxt) } else if (Dir_HasWildcards(memName)) { Lst members = Lst_Init(FALSE); char *member; + size_t sz = MAXPATHLEN; + size_t nsz; + nameBuf = emalloc(sz); Dir_Expand(memName, dirSearchPath, members); while (!Lst_IsEmpty(members)) { member = (char *)Lst_DeQueue(members); + nsz = strlen(libName) + strlen(member) + 3; + if (sz > nsz) + nameBuf = erealloc(nameBuf, sz = nsz * 2); - sprintf(nameBuf, "%s(%s)", libName, member); + snprintf(nameBuf, sz, "%s(%s)", libName, member); free(member); gn = Targ_FindNode (nameBuf, TARG_CREATE); if (gn == NILGNODE) { + free(nameBuf); return (FAILURE); } else { /* @@ -364,9 +374,13 @@ Arch_ParseArchive (linePtr, nodeLst, ctxt) } } Lst_Destroy(members, NOFREE); + free(nameBuf); } else { - sprintf(nameBuf, "%s(%s)", libName, memName); + size_t sz = strlen(libName) + strlen(memName) + 3; + nameBuf = emalloc(sz); + snprintf(nameBuf, sz, "%s(%s)", libName, memName); gn = Targ_FindNode (nameBuf, TARG_CREATE); + free(nameBuf); if (gn == NILGNODE) { return (FAILURE); } else { @@ -927,7 +941,7 @@ Arch_Touch (gn) &arh, "r+"); efree(p1); efree(p2); - sprintf(arh.ar_date, "%-12ld", (long) now); + snprintf(arh.ar_date, sizeof(arh.ar_date), "%-12ld", (long) now); if (arch != NULL) { (void)fwrite ((char *)&arh, sizeof (struct ar_hdr), 1, arch); @@ -960,7 +974,7 @@ Arch_TouchLib (gn) struct utimbuf times; /* Times for utime() call */ arch = ArchFindMember (gn->path, RANLIBMAG, &arh, "r+"); - sprintf(arh.ar_date, "%-12ld", (long) now); + snprintf(arh.ar_date, sizeof(arh.ar_date), "%-12ld", (long) now); if (arch != NULL) { (void)fwrite ((char *)&arh, sizeof (struct ar_hdr), 1, arch); @@ -1096,9 +1110,11 @@ Arch_FindLib (gn, path) Lst path; /* Search path */ { char *libName; /* file name for archive */ + size_t sz; - libName = (char *)emalloc (strlen (gn->name) + 6 - 2); - sprintf(libName, "lib%s.a", &gn->name[2]); + libName = (char *)emalloc(sz); + sz = strlen(gn->name) + 4; + snprintf(libName, sz, "lib%s.a", &gn->name[2]); gn->path = Dir_FindFile (libName, path); diff --git a/usr.bin/make/main.c b/usr.bin/make/main.c index 33719e8..97f4a85 100644 --- a/usr.bin/make/main.c +++ b/usr.bin/make/main.c @@ -928,7 +928,7 @@ ReadMakefile(p, q) } else { /* if we've chdir'd, rebuild the path name */ if (curdir != objdir && *fname != '/') { - (void)sprintf(path, "%s/%s", curdir, fname); + (void)snprintf(path, MAXPATHLEN, "%s/%s", curdir, fname); if ((stream = fopen(path, "r")) != NULL) { fname = path; goto found; diff --git a/usr.bin/make/util.c b/usr.bin/make/util.c index 57ab0c0..80197b9 100644 --- a/usr.bin/make/util.c +++ b/usr.bin/make/util.c @@ -217,13 +217,13 @@ getwd(pathname) /* open the parent directory */ if (stat(nextpathptr, &st_dotdot) == -1) { - (void) sprintf(pathname, + snprintf(pathname, sizeof(pathname), "getwd: Cannot stat directory \"%s\" (%s)", nextpathptr, strerror(errno)); return (NULL); } if ((dp = opendir(nextpathptr)) == NULL) { - (void) sprintf(pathname, + snprintf(pathname, sizeof(pathname), "getwd: Cannot open directory \"%s\" (%s)", nextpathptr, strerror(errno)); return (NULL); @@ -246,7 +246,7 @@ getwd(pathname) continue; (void) strcpy(cur_name_add, d->d_name); if (lstat(nextpathptr, &st_next) == -1) { - (void) sprintf(pathname, "getwd: Cannot stat \"%s\" (%s)", + snprintf(pathname, sizeof(pathname), "getwd: Cannot stat \"%s\" (%s)", d->d_name, strerror(errno)); (void) closedir(dp); return (NULL); |