From e231ed05e32582d27ca2e8cd8958dfb31103db4b Mon Sep 17 00:00:00 2001 From: kris Date: Wed, 9 May 2001 08:37:18 +0000 Subject: Patches from OpenBSD: - check the msg.tsp_type value prior to using it as an index into char *tsptype[] - use strlcpy's instead of strcpy's - & handle short packets properly. Submitted by: "Andrew R. Reiter" Obtained from: OpenBSD --- usr.sbin/timed/timedc/cmds.c | 45 ++++++++++++++++++++++++++++++++------------ 1 file changed, 33 insertions(+), 12 deletions(-) (limited to 'usr.sbin/timed') diff --git a/usr.sbin/timed/timedc/cmds.c b/usr.sbin/timed/timedc/cmds.c index 51613d1..21a5a04 100644 --- a/usr.sbin/timed/timedc/cmds.c +++ b/usr.sbin/timed/timedc/cmds.c @@ -277,7 +277,7 @@ msite(argc, argv) fd_set ready; struct sockaddr_in dest; int i, length; - struct sockaddr from; + struct sockaddr_in from; struct timeval tout; struct tsp msg; struct servent *srvp; @@ -308,7 +308,7 @@ msite(argc, argv) } bcopy(hp->h_addr, &dest.sin_addr.s_addr, hp->h_length); - (void)strcpy(msg.tsp_name, myname); + (void)strlcpy(msg.tsp_name, myname, sizeof(msg.tsp_name)); msg.tsp_type = TSP_MSITE; msg.tsp_vers = TSPVERSION; bytenetorder(&msg); @@ -325,20 +325,31 @@ msite(argc, argv) FD_SET(sock, &ready); if (select(FD_SETSIZE, &ready, (fd_set *)0, (fd_set *)0, &tout)) { - length = sizeof(struct sockaddr); + length = sizeof(from); cc = recvfrom(sock, &msg, sizeof(struct tsp), 0, - &from, &length); + (struct sockaddr *)&from, &length); if (cc < 0) { warn("recvfrom"); continue; } + if (cc < sizeof(struct tsp)) { + fprintf(stderr, + "short packet (%u/%u bytes) from %s\n", + cc, sizeof(struct tsp), + inet_ntoa(from.sin_addr)); + continue; + } bytehostorder(&msg); if (msg.tsp_type == TSP_ACK) { printf("master timedaemon at %s is %s\n", tgtname, msg.tsp_name); } else { - printf("received wrong ack: %s\n", - tsptype[msg.tsp_type]); + if (msg.tsp_type >= TSPTYPENUMBER) + printf("unknown ack received: %u\n", + msg.tsp_type); + else + printf("wrong ack received: %s\n", + tsptype[msg.tsp_type]); } } else { printf("communication error with %s\n", tgtname); @@ -397,7 +408,7 @@ testing(argc, argv) msg.tsp_vers = TSPVERSION; if (gethostname(myname, sizeof(myname) - 1) < 0) err(1, "gethostname"); - (void)strcpy(msg.tsp_name, myname); + (void)strlcpy(msg.tsp_name, myname, sizeof(msg.tsp_name)); bytenetorder(&msg); if (sendto(sock, &msg, sizeof(struct tsp), 0, (struct sockaddr*)&sin, @@ -421,7 +432,7 @@ tracing(argc, argv) int cc; fd_set ready; struct sockaddr_in dest; - struct sockaddr from; + struct sockaddr_in from; struct timeval tout; struct tsp msg; struct servent *srvp; @@ -466,22 +477,32 @@ tracing(argc, argv) FD_ZERO(&ready); FD_SET(sock, &ready); if (select(FD_SETSIZE, &ready, (fd_set *)0, (fd_set *)0, &tout)) { - length = sizeof(struct sockaddr); + length = sizeof(from); cc = recvfrom(sock, &msg, sizeof(struct tsp), 0, - &from, &length); + (struct sockaddr *)&from, &length); if (cc < 0) { warn("recvfrom"); return; } + if (cc < sizeof(struct tsp)) { + fprintf(stderr, "short pack (%u/%u bytes) from %s\n", + cc, sizeof(struct tsp), inet_ntoa(from.sin_addr)); + return; + } bytehostorder(&msg); if (msg.tsp_type == TSP_ACK) if (onflag) printf("timed tracing enabled\n"); else printf("timed tracing disabled\n"); - else - printf("wrong ack received: %s\n", + else { + if (msg.tsp_type >= TSPTYPENUMBER) + printf("unknown ack received: %u\n", + msg.tsp_type); + else + printf("wrong ack received: %s\n", tsptype[msg.tsp_type]); + } } else printf("communication error\n"); } -- cgit v1.1