diff options
| author | imp <imp@FreeBSD.org> | 1998-06-09 04:17:29 +0000 |
|---|---|---|
| committer | imp <imp@FreeBSD.org> | 1998-06-09 04:17:29 +0000 |
| commit | a51cfac66561e49404427c1f83558e065a044bd9 (patch) | |
| tree | ef4c907c3868bfdb4e37e3f7fe334916bf2132a0 /usr.bin/systat | |
| parent | 94f67b7ef56a6df8d3c217cd5cc00b14f2dc3ae2 (diff) | |
| download | FreeBSD-src-a51cfac66561e49404427c1f83558e065a044bd9.zip FreeBSD-src-a51cfac66561e49404427c1f83558e065a044bd9.tar.gz | |
o Use snprintf rather than sprintf
o Add more checks for buffer overflows
o Use snprintf rather than strcat/cpy and have better checks for max
length exceeded.
Most of these changes are not exploitable buffer overruns, but it never
hurts to be safe.
Inspired by and obtained from: OpenBSD
Diffstat (limited to 'usr.bin/systat')
| -rw-r--r-- | usr.bin/systat/disks.c | 6 | ||||
| -rw-r--r-- | usr.bin/systat/iostat.c | 2 | ||||
| -rw-r--r-- | usr.bin/systat/main.c | 4 | ||||
| -rw-r--r-- | usr.bin/systat/mbufs.c | 6 | ||||
| -rw-r--r-- | usr.bin/systat/netstat.c | 14 | ||||
| -rw-r--r-- | usr.bin/systat/pigs.c | 2 | ||||
| -rw-r--r-- | usr.bin/systat/swap.c | 15 | ||||
| -rw-r--r-- | usr.bin/systat/vmstat.c | 6 |
8 files changed, 32 insertions, 23 deletions
diff --git a/usr.bin/systat/disks.c b/usr.bin/systat/disks.c index f1ec4ab..1e97fdb 100644 --- a/usr.bin/systat/disks.c +++ b/usr.bin/systat/disks.c @@ -128,8 +128,10 @@ dkinit() dk_select = (int *)calloc(dk_ndrive, sizeof (int)); for (cp = buf, i = 0; i < dk_ndrive; i++) { dr_name[i] = cp; - sprintf(dr_name[i], "dk%d", i); - cp += strlen(dr_name[i]) + 1; + snprintf(cp, sizeof(buf) - (cp - buf), "dk%d", i); + cp += strlen(cp) + 1; + if (cp > buf + sizeof(buf)) + errx(1, "buf too small in dkinit, aborting"); if (dk_mspw[i] != 0.0) dk_select[i] = 1; } diff --git a/usr.bin/systat/iostat.c b/usr.bin/systat/iostat.c index 33e9969..cc8bacf4 100644 --- a/usr.bin/systat/iostat.c +++ b/usr.bin/systat/iostat.c @@ -354,7 +354,7 @@ histogram(val, colwidth, scale) k = MIN(v, colwidth); if (v > colwidth) { - sprintf(buf, "%4.1f", val); + snprintf(buf, sizeof(buf), "%4.1f", val); k -= strlen(buf); while (k--) waddch(wnd, 'X'); diff --git a/usr.bin/systat/main.c b/usr.bin/systat/main.c index 7b55805..3a97aa3 100644 --- a/usr.bin/systat/main.c +++ b/usr.bin/systat/main.c @@ -42,7 +42,7 @@ static char copyright[] = static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/6/93"; #endif static const char rcsid[] = - "$Id: main.c,v 1.6 1997/08/13 06:45:10 charnier Exp $"; + "$Id: main.c,v 1.7 1997/08/26 10:59:26 charnier Exp $"; #endif /* not lint */ #include <sys/param.h> @@ -258,7 +258,7 @@ error(fmt, va_alist) if (wnd) { getyx(stdscr, oy, ox); - (void) vsprintf(buf, fmt, ap); + (void) vsnprintf(buf, sizeof(buf), fmt, ap); clrtoeol(); standout(); mvaddstr(CMDLINE, 0, buf); diff --git a/usr.bin/systat/mbufs.c b/usr.bin/systat/mbufs.c index 08e4347..dc27c5f 100644 --- a/usr.bin/systat/mbufs.c +++ b/usr.bin/systat/mbufs.c @@ -34,7 +34,7 @@ #ifndef lint static char sccsid[] = "@(#)mbufs.c 8.1 (Berkeley) 6/6/93"; static const char rcsid[] = - "$Id: mbufs.c,v 1.5 1997/02/24 20:59:03 wollman Exp $"; + "$Id: mbufs.c,v 1.6 1997/09/24 02:43:40 wollman Exp $"; #endif /* not lint */ #include <sys/param.h> @@ -121,7 +121,7 @@ showmbufs() mvwprintw(wnd, 1+j, 0, "%-10.10s", mtnames[index]); wmove(wnd, 1 + j, 10); if (max > 60) { - sprintf(buf, " %d", max); + snprintf(buf, sizeof(buf), " %d", max); max = 60; while (max--) waddch(wnd, 'X'); @@ -136,7 +136,7 @@ showmbufs() if (mb->m_mbufs) { mvwprintw(wnd, 1+j, 0, "%-10.10s", "free"); if (mb->m_mbufs > 60) { - sprintf(buf, " %d", mb->m_mbufs); + snprintf(buf, sizeof(buf), " %d", mb->m_mbufs); mb->m_mbufs = 60; while (mb->m_mbufs--) waddch(wnd, 'X'); diff --git a/usr.bin/systat/netstat.c b/usr.bin/systat/netstat.c index b8be493..1e587e9 100644 --- a/usr.bin/systat/netstat.c +++ b/usr.bin/systat/netstat.c @@ -36,7 +36,7 @@ static char sccsid[] = "@(#)netstat.c 8.1 (Berkeley) 6/6/93"; */ static const char rcsid[] = - "$Id$"; + "$Id: netstat.c,v 1.8 1997/02/22 19:57:16 peter Exp $"; #endif /* not lint */ /* @@ -372,14 +372,16 @@ inetprint(in, port, proto) struct servent *sp = 0; char line[80], *cp, *index(); - sprintf(line, "%.*s.", 16, inetname(*in)); + snprintf(line, sizeof(line), "%.*s.", 16, inetname(*in)); cp = index(line, '\0'); if (!nflag && port) sp = getservbyport(port, proto); if (sp || port == 0) - sprintf(cp, "%.8s", sp ? sp->s_name : "*"); + snprintf(cp, sizeof(line) - (cp - line), "%.8s", + sp ? sp->s_name : "*"); else - sprintf(cp, "%d", ntohs((u_short)port)); + snprintf(cp, sizeof(line) - (cp - line), "%d", + ntohs((u_short)port)); /* pad to full column to clear any garbage */ cp = index(line, '\0'); while (cp - line < 22) @@ -420,11 +422,11 @@ inetname(in) if (in.s_addr == INADDR_ANY) strcpy(line, "*"); else if (cp) - strcpy(line, cp); + snprintf(line, sizeof(line), "%s", cp); else { in.s_addr = ntohl(in.s_addr); #define C(x) ((x) & 0xff) - sprintf(line, "%u.%u.%u.%u", C(in.s_addr >> 24), + snprintf(line, sizeof(line), "%u.%u.%u.%u", C(in.s_addr >> 24), C(in.s_addr >> 16), C(in.s_addr >> 8), C(in.s_addr)); } return (line); diff --git a/usr.bin/systat/pigs.c b/usr.bin/systat/pigs.c index f637a63..e14d3eb 100644 --- a/usr.bin/systat/pigs.c +++ b/usr.bin/systat/pigs.c @@ -125,7 +125,7 @@ showpigs() wmove(wnd, y, 0); wclrtoeol(wnd); mvwaddstr(wnd, y, 0, uname); - sprintf(pidname, "%10.10s", pname); + snprintf(pidname, sizeof(pidname), "%10.10s", pname); mvwaddstr(wnd, y, 9, pidname); wmove(wnd, y, 20); for (j = pt[k].pt_pctcpu*factor + 0.5; j > 0; j--) diff --git a/usr.bin/systat/swap.c b/usr.bin/systat/swap.c index 3c27e1c..33b56ed 100644 --- a/usr.bin/systat/swap.c +++ b/usr.bin/systat/swap.c @@ -36,7 +36,7 @@ static char sccsid[] = "@(#)swap.c 8.3 (Berkeley) 4/29/95"; #endif static const char rcsid[] = - "$Id$"; + "$Id: swap.c,v 1.5 1997/07/06 04:37:22 bde Exp $"; #endif /* not lint */ /* @@ -122,17 +122,22 @@ initswap() { int i; char msgbuf[BUFSIZ]; + char *cp; static int once = 0; u_long ptr; if (once) return (1); if (kvm_nlist(kd, syms)) { - strcpy(msgbuf, "systat: swap: cannot find"); - for (i = 0; syms[i].n_name != NULL; i++) { + snprintf(msgbuf, sizeof(msgbuf), "systat: swap: cannot find"); + cp = msgbuf + strlen(msgbuf) + 1; + for (i = 0; + syms[i].n_name != NULL && cp - msgbuf < sizeof(msgbuf); + i++) { if (syms[i].n_value == 0) { - strcat(msgbuf, " "); - strcat(msgbuf, syms[i].n_name); + snprintf(cp, sizeof(msgbuf) - (cp - msgbuf), + " %s", syms[i].n_name); + cp += strlen(cp) + 1; } } error(msgbuf); diff --git a/usr.bin/systat/vmstat.c b/usr.bin/systat/vmstat.c index ad35b55..c699a84 100644 --- a/usr.bin/systat/vmstat.c +++ b/usr.bin/systat/vmstat.c @@ -36,7 +36,7 @@ static char sccsid[] = "@(#)vmstat.c 8.2 (Berkeley) 1/12/94"; #endif static const char rcsid[] = - "$Id: vmstat.c,v 1.23 1997/09/25 01:14:25 peter Exp $"; + "$Id: vmstat.c,v 1.24 1998/05/27 21:01:37 jhay Exp $"; #endif /* not lint */ /* @@ -585,7 +585,7 @@ putint(n, l, c, w) addch(' '); return; } - sprintf(b, "%*d", w, n); + snprintf(b, sizeof(b), "%*d", w, n); if (strlen(b) > w) { while (w-- > 0) addch('*'); @@ -607,7 +607,7 @@ putfloat(f, l, c, w, d, nz) addch(' '); return; } - sprintf(b, "%*.*f", w, d, f); + snprintf(b, sizeof(b), "%*.*f", w, d, f); if (strlen(b) > w) { while (--w >= 0) addch('*'); |
