From 9a6732bd4e65d3bdaeb59e6b7cd0331484e1c331 Mon Sep 17 00:00:00 2001 From: imp Date: Tue, 9 Jun 1998 04:28:05 +0000 Subject: o Use snprintf rather than sprintf. o Revert gid to caller before a shell so we can run setgid. o minor style nits to make bruce happy :-) o use strncpy correctly. --- usr.bin/tip/tip/cmds.c | 10 +++++----- usr.bin/tip/tip/cu.c | 4 ++-- usr.bin/tip/tip/tip.c | 9 +++++---- 3 files changed, 12 insertions(+), 11 deletions(-) (limited to 'usr.bin') diff --git a/usr.bin/tip/tip/cmds.c b/usr.bin/tip/tip/cmds.c index 9c8adad..ea24a53 100644 --- a/usr.bin/tip/tip/cmds.c +++ b/usr.bin/tip/tip/cmds.c @@ -36,7 +36,7 @@ static char sccsid[] = "@(#)cmds.c 8.1 (Berkeley) 6/6/93"; #endif static const char rcsid[] = - "$Id: cmds.c,v 1.5 1997/08/25 05:02:09 imp Exp $"; + "$Id: cmds.c,v 1.6 1997/08/26 10:25:16 eivind Exp $"; #endif /* not lint */ #include "tipconf.h" @@ -181,7 +181,7 @@ cu_take(cc) printf("\r\n%s: cannot create\r\n", argv[1]); return; } - (void)sprintf(line, "cat %s ; echo \"\" ; echo ___tip_end_of_file_marker___", argv[0]); + (void)snprintf(line, sizeof(line), "cat %s ; echo \"\" ; echo ___tip_end_of_file_marker___", argv[0]); xfer(line, fd, "\n___tip_end_of_file_marker___\n"); } @@ -554,9 +554,9 @@ cu_put(cc) return; } if (boolean(value(ECHOCHECK))) - sprintf(line, "cat>%s\r", argv[1]); + snprintf(line, sizeof(line), "cat>%s\r", argv[1]); else - sprintf(line, "stty -echo;cat>%s;stty echo\r", argv[1]); + snprintf(line, sizeof(line), "stty -echo;cat>%s;stty echo\r", argv[1]); transmit(fd, "\04", line); } @@ -1027,7 +1027,7 @@ expand(name) /* signal(SIGINT, sigint) */ return(name); } - sprintf(cmdbuf, "echo %s", name); + snprintf(cmdbuf, sizeof(cmdbuf), "echo %s", name); if ((pid = vfork()) == 0) { Shell = value(SHELL); if (Shell == NOSTR) diff --git a/usr.bin/tip/tip/cu.c b/usr.bin/tip/tip/cu.c index 8767af9..50955fc 100644 --- a/usr.bin/tip/tip/cu.c +++ b/usr.bin/tip/tip/cu.c @@ -36,7 +36,7 @@ static char sccsid[] = "@(#)cu.c 8.1 (Berkeley) 6/6/93"; #endif static const char rcsid[] = - "$Id$"; + "$Id: cu.c,v 1.2 1997/08/18 07:16:02 charnier Exp $"; #endif /* not lint */ #include "tipconf.h" @@ -110,7 +110,7 @@ cumain(argc, argv) * The "cu" host name is used to define the * attributes of the generic dialer. */ - (void)sprintf(sbuf, "cu%d", BR); + (void)snprintf(sbuf, sizeof(sbuf), "cu%d", BR); if ((i = hunt(sbuf)) == 0) { printf("all ports busy\n"); exit(3); diff --git a/usr.bin/tip/tip/tip.c b/usr.bin/tip/tip/tip.c index 0aecc29..b4298a9 100644 --- a/usr.bin/tip/tip/tip.c +++ b/usr.bin/tip/tip/tip.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)tip.c 8.1 (Berkeley) 6/6/93"; #endif static const char rcsid[] = - "$Id: tip.c,v 1.6 1997/08/26 10:25:19 eivind Exp $"; + "$Id: tip.c,v 1.7 1997/09/18 14:07:17 phk Exp $"; #endif /* not lint */ /* @@ -153,13 +153,13 @@ main(argc, argv) * Copy the number then stomp on the original (in case the number * is private, we don't want 'ps' or 'w' to find it). */ - if (strlen(system) > sizeof PNbuf - 1) + if (strlen(system) > sizeof(PNbuf - 1)) errx(1, "phone number too long (max = %d bytes)", sizeof PNbuf - 1); - strncpy( PNbuf, system, sizeof PNbuf - 1 ); + strncpy(PNbuf, system, sizeof(PNbuf - 1)); for (p = system; *p; p++) *p = '\0'; PN = PNbuf; - (void)sprintf(sbuf, "tip%ld", BR); + (void)snprintf(sbuf, sizeof(sbuf), "tip%ld", BR); system = sbuf; notnumber: @@ -333,6 +333,7 @@ daemon_uid() void shell_uid() { + setegid(gid); seteuid(uid); } -- cgit v1.1