Replace my "inane" usage of snprintf to copy strings with strncpy as

used by OpenBSD. (Quite frankly, I think it's perfectly reasonable to use snprintf to copy strings, given that the semantics for strncpy() are utterly idiotic and there is no POSIX sstrncpy().) While I'm at it, incorporate some of OpenBSD's bugfixes to cron. NOT for 2.2
author: pst <pst@FreeBSD.org> 1996-12-17 00:55:20 +0000
committer: pst <pst@FreeBSD.org> 1996-12-17 00:55:20 +0000
commit: 253df5b08a3b317eaf4a167361219cc2de05aa31 (patch)
tree: 19c4dd1a0d2247fce3e58d233ea6294b83fd819d /usr.sbin/cron
parent: f5dbed887331c9ef9a08faa00caa1cb9cfa9d579 (diff)
download: FreeBSD-src-253df5b08a3b317eaf4a167361219cc2de05aa31.zip
FreeBSD-src-253df5b08a3b317eaf4a167361219cc2de05aa31.tar.gz
9 files changed, 102 insertions, 41 deletions
diff --git a/usr.sbin/cron/cron/cron.h b/usr.sbin/cron/cron/cron.h
index 457392f..e381783 100644
--- a/usr.sbin/cron/cron/cron.h
+++ b/usr.sbin/cron/cron/cron.h
@@ -17,7 +17,7 @@
 
 /* cron.h - header for vixie's cron
  *
- * $Id: cron.h,v 1.2 1995/05/30 03:46:59 rgrimes Exp $
+ * $Id: cron.h,v 1.3 1996/08/05 00:31:24 pst Exp $
  *
  * vix 14nov88 [rest of log is in RCS]
  * vix 14jan87 [0 or 7 can be sunday; thanks, mwm@berkeley]
@@ -31,6 +31,7 @@
 #include "compat.h"
 
 #include <stdio.h>
+#include <errno.h>
 #include <ctype.h>
 #include <bitstring.h>
 #include <pwd.h>
diff --git a/usr.sbin/cron/cron/database.c b/usr.sbin/cron/cron/database.c
index 58d545d..224c247 100644
--- a/usr.sbin/cron/cron/database.c
+++ b/usr.sbin/cron/cron/database.c
@@ -16,7 +16,7 @@
  */
 
 #if !defined(lint) && !defined(LINT)
-static char rcsid[] = "$Id: database.c,v 1.2 1996/09/08 23:50:23 pst Exp $";
+static char rcsid[] = "$Id: database.c,v 1.3 1996/09/10 03:38:20 peter Exp $";
 #endif
 
 /* vix 26jan87 [RCS has the log]
@@ -112,8 +112,9 @@ load_database(old_db)
 		if (dp->d_name[0] == '.')
 			continue;
 
-		(void)snprintf(fname, sizeof fname, "%s", dp->d_name);
-		(void)snprintf(tabname, sizeof tabname, CRON_TAB(fname));
+		(void) strncpy(fname, dp->d_name, sizeof(fname));
+		fname[sizeof(fname)-1] = '\0';
+		(void) snprintf(tabname, sizeof tabname, CRON_TAB(fname));
 
 		process_crontab(fname, fname, tabname,
 				&statbuf, &new_db, old_db);
diff --git a/usr.sbin/cron/cron/do_command.c b/usr.sbin/cron/cron/do_command.c
index 51e6fee..0883bbd 100644
--- a/usr.sbin/cron/cron/do_command.c
+++ b/usr.sbin/cron/cron/do_command.c
@@ -16,7 +16,7 @@
  */
 
 #if !defined(lint) && !defined(LINT)
-static char rcsid[] = "$Id: do_command.c,v 1.5 1995/05/30 03:47:00 rgrimes Exp $";
+static char rcsid[] = "$Id: do_command.c,v 1.6 1995/09/10 13:02:56 joerg Exp $";
 #endif
 
 
@@ -215,12 +215,13 @@ child_process(e, u)
 		/* set our directory, uid and gid.  Set gid first, since once
 		 * we set uid, we've lost root privledges.
 		 */
-		chdir(env_get("HOME", e->envp));
+		setgid(e->gid);
 # if defined(BSD)
 		initgroups(env_get("LOGNAME", e->envp), e->gid);
 # endif
-		setgid(e->gid);
+		setlogin(usernm);
 		setuid(e->uid);		/* we aren't root after this... */
+		chdir(env_get("HOME", e->envp));
 
 		/* exec the command.
 		 */
@@ -375,8 +376,8 @@ child_process(e, u)
 				auto char	hostname[MAXHOSTNAMELEN];
 
 				(void) gethostname(hostname, MAXHOSTNAMELEN);
-				(void) sprintf(mailcmd, MAILARGS,
-					       MAILCMD);
+				(void) snprintf(mailcmd, sizeof(mailcmd),
+					       MAILARGS, MAILCMD);
 				if (!(mail = cron_popen(mailcmd, "w"))) {
 					perror(MAILCMD);
 					(void) _exit(ERROR_EXIT);
@@ -434,7 +435,7 @@ child_process(e, u)
 			if (mailto && status) {
 				char buf[MAX_TEMPSTR];
 
-				sprintf(buf,
+				snprintf(buf, sizeof(buf),
 			"mailed %d byte%s of output but got status 0x%04x\n",
 					bytes, (bytes==1)?"":"s",
 					status);
diff --git a/usr.sbin/cron/cron/job.c b/usr.sbin/cron/cron/job.c
index adaa072..18e96b6 100644
--- a/usr.sbin/cron/cron/job.c
+++ b/usr.sbin/cron/cron/job.c
@@ -16,7 +16,7 @@
  */
 
 #if !defined(lint) && !defined(LINT)
-static char rcsid[] = "$Id: job.c,v 1.6 1994/01/15 20:43:43 vixie Exp $";
+static char rcsid[] = "$Id: job.c,v 1.2 1996/11/01 23:27:36 millert Exp $";
 #endif
 
 
@@ -45,7 +45,8 @@ job_add(e, u)
 		if (j->e == e && j->u == u) { return; }
 
 	/* build a job queue element */
-	j = (job*)malloc(sizeof(job));
+	if ((j = (job*)malloc(sizeof(job))) == NULL)
+		return;
 	j->next = (job*) NULL;
 	j->e = e;
 	j->u = u;
diff --git a/usr.sbin/cron/cron/popen.c b/usr.sbin/cron/cron/popen.c
index 55708bb..44638da 100644
--- a/usr.sbin/cron/cron/popen.c
+++ b/usr.sbin/cron/cron/popen.c
@@ -24,7 +24,7 @@
  */
 
 #ifndef lint
-static char rcsid[] = "$Id: popen.c,v 1.5 1994/01/15 20:43:43 vixie Exp $";
+static char rcsid[] = "$Id: popen.c,v 1.1.1.1 1995/10/18 08:47:31 deraadt Exp $";
 static char sccsid[] = "@(#)popen.c	5.7 (Berkeley) 2/14/89";
 #endif /* not lint */
 
@@ -32,6 +32,7 @@ static char sccsid[] = "@(#)popen.c	5.7 (Berkeley) 2/14/89";
 #include <sys/signal.h>
 
 
+#define MAX_ARGS 100
 #define WANT_GLOBBING 0
 
 /*
@@ -50,7 +51,7 @@ cron_popen(program, type)
 	FILE *iop;
 	int argc, pdes[2];
 	PID_T pid;
-	char *argv[100];
+	char *argv[MAX_ARGS + 1];
 #if WANT_GLOBBING
 	char **pop, *vv[2];
 	int gargc;
@@ -72,7 +73,7 @@ cron_popen(program, type)
 		return(NULL);
 
 	/* break up string into pieces */
-	for (argc = 0, cp = program;; cp = NULL)
+	for (argc = 0, cp = program; argc < MAX_ARGS; cp = NULL)
 		if (!(argv[argc++] = strtok(cp, " \t\n")))
 			break;
 
diff --git a/usr.sbin/cron/cron/user.c b/usr.sbin/cron/cron/user.c
index 5f7ab13..a2ce35b 100644
--- a/usr.sbin/cron/cron/user.c
+++ b/usr.sbin/cron/cron/user.c
@@ -16,7 +16,7 @@
  */
 
 #if !defined(lint) && !defined(LINT)
-static char rcsid[] = "$Id: user.c,v 1.1.1.1 1994/08/27 13:43:03 jkh Exp $";
+static char rcsid[] = "$Id: user.c,v 1.2 1996/11/01 23:27:39 millert Exp $";
 #endif
 
 /* vix 26jan87 [log is in RCS file]
@@ -52,7 +52,7 @@ load_user(crontab_fd, pw, name)
 	user	*u;
 	entry	*e;
 	int	status;
-	char	**envp;
+	char	**envp, **tenvp;
 
 	if (!(file = fdopen(crontab_fd, "r"))) {
 		perror("fdopen on crontab_fd in load_user");
@@ -63,14 +63,25 @@ load_user(crontab_fd, pw, name)
 
 	/* file is open.  build user entry, then read the crontab file.
 	 */
-	u = (user *) malloc(sizeof(user));
-	u->name = strdup(name);
+	if ((u = (user *) malloc(sizeof(user))) == NULL) {
+		errno = ENOMEM;
+		return NULL;
+	}
+	if ((u->name = strdup(name)) == NULL) {
+		free(u);
+		errno = ENOMEM;
+		return NULL;
+	}
 	u->crontab = NULL;
 
-	/*
+	/* 
 	 * init environment.  this will be copied/augmented for each entry.
 	 */
-	envp = env_init();
+	if ((envp = env_init()) == NULL) {
+		free(u->name);
+		free(u);
+		return NULL;
+	}
 
 	/*
 	 * load the crontab
@@ -89,7 +100,13 @@ load_user(crontab_fd, pw, name)
 			}
 			break;
 		case TRUE:
-			envp = env_set(envp, envstr);
+			if ((tenvp = env_set(envp, envstr))) {
+				envp = tenvp;
+			} else {
+				free_user(u);
+				u = NULL;
+				goto done;
+			}
 			break;
 		}
 	}
diff --git a/usr.sbin/cron/crontab/crontab.c b/usr.sbin/cron/crontab/crontab.c
index 12e7b93..6b4b9dc 100644
--- a/usr.sbin/cron/crontab/crontab.c
+++ b/usr.sbin/cron/crontab/crontab.c
@@ -17,7 +17,7 @@
  */
 
 #if !defined(lint) && !defined(LINT)
-static char rcsid[] = "$Id: crontab.c,v 1.5 1996/08/05 00:31:27 pst Exp $";
+static char rcsid[] = "$Id: crontab.c,v 1.6 1996/08/05 00:50:02 pst Exp $";
 #endif
 
 /* crontab - install and manage per-user crontab files
@@ -142,7 +142,8 @@ parse_args(argc, argv)
 		fprintf(stderr, "bailing out.\n");
 		exit(ERROR_EXIT);
 	}
-	strcpy(User, pw->pw_name);
+	(void) strncpy(User, pw->pw_name, (sizeof User)-1);
+	User[(sizeof User)-1] = '\0';
 	strcpy(RealUser, User);
 	Filename[0] = '\0';
 	Option = opt_unknown;
@@ -165,7 +166,8 @@ parse_args(argc, argv)
 					ProgramName, optarg);
 				exit(ERROR_EXIT);
 			}
-			(void) snprintf(User, sizeof(user), "%s", optarg);
+			(void) strncpy(User, pw->pw_name, (sizeof User)-1);
+			User[(sizeof User)-1] = '\0';
 			break;
 		case 'l':
 			if (Option != opt_unknown)
@@ -196,8 +198,9 @@ parse_args(argc, argv)
 	} else {
 		if (argv[optind] != NULL) {
 			Option = opt_replace;
-			(void) snprintf(Filename, sizeof(Filename), "%s",
-					argv[optind]);
+			(void) strncpy (Filename, argv[optind], (sizeof Filename)-1);
+			Filename[(sizeof Filename)-1] = '\0';
+
 		} else {
 			usage("file name must be specified for replace");
 		}
@@ -299,6 +302,7 @@ edit_cmd() {
 	time_t		mtime;
 	WAIT_T		waiter;
 	PID_T		pid, xpid;
+	mode_t		um;
 
 	log_it(RealUser, Pid, "BEGIN EDIT", User);
 	(void) sprintf(n, CRON_TAB(User));
@@ -315,11 +319,14 @@ edit_cmd() {
 		}
 	}
 
-	(void) sprintf(Filename, "/tmp/crontab.%d", Pid);
-	if (-1 == (t = open(Filename, O_CREAT|O_EXCL|O_RDWR, 0600))) {
+	um = umask(077);
+	(void) sprintf(Filename, "/tmp/crontab.XXXXXXXXXX");
+	if ((t = mkstemp(Filename)) == -1) {
 		perror(Filename);
+		(void) umask(um);
 		goto fatal;
 	}
+	(void) umask(um);
 #ifdef HAS_FCHOWN
 	if (fchown(t, getuid(), getgid()) < 0) {
 #else
@@ -480,7 +487,7 @@ edit_cmd() {
 		goto done;
 	default:
 		fprintf(stderr, "%s: panic: bad switch() in replace_cmd()\n",
-			ProgramName);
+		    ProgramName);
 		goto fatal;
 	}
  remove:
@@ -503,6 +510,11 @@ replace_cmd() {
 	time_t	now = time(NULL);
 	char	**envp = env_init();
 
+	if (envp == NULL) {
+		fprintf(stderr, "%s: Cannot allocate memory.\n", ProgramName);
+		return (-2);
+	}
+
 	(void) sprintf(n, "tmp.%d", Pid);
 	(void) sprintf(tn, CRON_TAB(n));
 	if (!(tmp = fopen(tn, "w+"))) {
diff --git a/usr.sbin/cron/lib/compat.c b/usr.sbin/cron/lib/compat.c
index 87eeacc..eb69fcd 100644
--- a/usr.sbin/cron/lib/compat.c
+++ b/usr.sbin/cron/lib/compat.c
@@ -16,7 +16,7 @@
  */
 
 #if !defined(lint) && !defined(LINT)
-static char rcsid[] = "$Id: compat.c,v 1.1.1.1 1994/08/27 13:43:02 jkh Exp $";
+static char rcsid[] = "$Id: compat.c,v 1.2 1996/11/01 23:27:28 millert Exp $";
 #endif
 
 /* vix 30dec93 [broke this out of misc.c - see RCS log for history]
@@ -53,7 +53,10 @@ strdup(str)
 {
 	char	*temp;
 
-	temp = malloc(strlen(str) + 1);
+	if ((temp = malloc(strlen(str) + 1)) == NULL) {
+		errno = ENOMEM;
+		return NULL;
+	}
 	(void) strcpy(temp, str);
 	return temp;
 }
@@ -143,7 +146,7 @@ getdtablesize() {
  * Snarfage done by Jarkko Hietaniemi <Jarkko.Hietaniemi@hut.fi>
  * *) well, almost, had to K&R the function entry, HPUX "cc"
  * does not grok ANSI function prototypes */
-
+ 
 /*
  * flock (fd, operation)
  *
@@ -199,13 +202,13 @@ flock(fd, operation)
 	case LOCK_UN:		/* unlock */
 		i = lockf (fd, F_ULOCK, 0);
 		break;
-
+ 
 	default:		/* can't decipher operation */
 		i = -1;
 		errno = EINVAL;
 		break;
 	}
-
+ 
 	return (i);
 }
 #endif /*NEED_FLOCK*/
@@ -227,7 +230,7 @@ setenv(name, value, overwrite)
 		return -1;
 	}
 
-	sprintf("%s=%s", name, value);
+	sprintf(tmp, "%s=%s", name, value);
 	return putenv(tmp);	/* intentionally orphan 'tmp' storage */
 }
 #endif
diff --git a/usr.sbin/cron/lib/env.c b/usr.sbin/cron/lib/env.c
index f370601..6537262 100644
--- a/usr.sbin/cron/lib/env.c
+++ b/usr.sbin/cron/lib/env.c
@@ -16,7 +16,7 @@
  */
 
 #if !defined(lint) && !defined(LINT)
-static char rcsid[] = "$Id: env.c,v 1.1.1.1 1994/08/27 13:43:02 jkh Exp $";
+static char rcsid[] = "$Id: env.c,v 1.2 1996/12/16 18:21:00 pst Exp $";
 #endif
 
 
@@ -28,7 +28,8 @@ env_init()
 {
 	register char	**p = (char **) malloc(sizeof(char **));
 
-	p[0] = NULL;
+	if (p)
+		p[0] = NULL;
 	return (p);
 }
 
@@ -55,8 +56,18 @@ env_copy(envp)
 	for (count = 0;  envp[count] != NULL;  count++)
 		;
 	p = (char **) malloc((count+1) * sizeof(char *));  /* 1 for the NULL */
+	if (p == NULL) {
+		errno = ENOMEM;
+		return NULL;
+	}
 	for (i = 0;  i < count;  i++)
-		p[i] = strdup(envp[i]);
+		if ((p[i] = strdup(envp[i])) == NULL) {
+			while (--i >= 0)
+				(void) free(p[i]);
+			free(p);
+			errno = ENOMEM;
+			return NULL;
+		}
 	p[count] = NULL;
 	return (p);
 }
@@ -87,7 +98,11 @@ env_set(envp, envstr)
 		 * save our new one there, and return the existing array.
 		 */
 		free(envp[found]);
-		envp[found] = strdup(envstr);
+		if ((envp[found] = strdup(envstr)) == NULL) {
+			envp[found] = "";
+			errno = ENOMEM;
+			return NULL;
+		}
 		return (envp);
 	}
 
@@ -98,8 +113,15 @@ env_set(envp, envstr)
 	 */
 	p = (char **) realloc((void *) envp,
 			      (unsigned) ((count+1) * sizeof(char **)));
+	if (p == NULL) 	{
+		errno = ENOMEM;
+		return NULL;
+	}
 	p[count] = p[count-1];
-	p[count-1] = strdup(envstr);
+	if ((p[count-1] = strdup(envstr)) == NULL) {
+		errno = ENOMEM;
+		return NULL;
+	}
 	return (p);
 }
 
@@ -154,6 +176,8 @@ load_env(envstr, f)
 		}
 	}
 
+	if (strlen(name) + 1 + strlen(val) >= MAX_ENVSTR-1)
+		return (FALSE);
 	(void) sprintf(envstr, "%s=%s", name, val);
 	Debug(DPARS, ("load_env, <%s> <%s> -> <%s>\n", name, val, envstr))
 	return (TRUE);
author	pst <pst@FreeBSD.org>	1996-12-17 00:55:20 +0000
committer	pst <pst@FreeBSD.org>	1996-12-17 00:55:20 +0000
commit	253df5b08a3b317eaf4a167361219cc2de05aa31 (patch)
tree	19c4dd1a0d2247fce3e58d233ea6294b83fd819d /usr.sbin/cron
parent	f5dbed887331c9ef9a08faa00caa1cb9cfa9d579 (diff)
download	FreeBSD-src-253df5b08a3b317eaf4a167361219cc2de05aa31.zip FreeBSD-src-253df5b08a3b317eaf4a167361219cc2de05aa31.tar.gz