o Use snprintf rather than sprintf

o Add more checks for buffer overflows
o Use snprintf rather than strcat/cpy and have better checks for max
  length exceeded.

Most of these changes are not exploitable buffer overruns, but it never
hurts to be safe.

Inspired by and obtained from: OpenBSD
This commit is contained in:
Warner Losh 1998-06-09 04:17:29 +00:00
parent 9a1f6729af
commit 448b84a0e4
8 changed files with 32 additions and 23 deletions

View File

@ -128,8 +128,10 @@ dkinit()
dk_select = (int *)calloc(dk_ndrive, sizeof (int));
for (cp = buf, i = 0; i < dk_ndrive; i++) {
dr_name[i] = cp;
sprintf(dr_name[i], "dk%d", i);
cp += strlen(dr_name[i]) + 1;
snprintf(cp, sizeof(buf) - (cp - buf), "dk%d", i);
cp += strlen(cp) + 1;
if (cp > buf + sizeof(buf))
errx(1, "buf too small in dkinit, aborting");
if (dk_mspw[i] != 0.0)
dk_select[i] = 1;
}

View File

@ -354,7 +354,7 @@ histogram(val, colwidth, scale)
k = MIN(v, colwidth);
if (v > colwidth) {
sprintf(buf, "%4.1f", val);
snprintf(buf, sizeof(buf), "%4.1f", val);
k -= strlen(buf);
while (k--)
waddch(wnd, 'X');

View File

@ -42,7 +42,7 @@ static char copyright[] =
static char sccsid[] = "@(#)main.c 8.1 (Berkeley) 6/6/93";
#endif
static const char rcsid[] =
"$Id: main.c,v 1.6 1997/08/13 06:45:10 charnier Exp $";
"$Id: main.c,v 1.7 1997/08/26 10:59:26 charnier Exp $";
#endif /* not lint */
#include <sys/param.h>
@ -258,7 +258,7 @@ error(fmt, va_alist)
if (wnd) {
getyx(stdscr, oy, ox);
(void) vsprintf(buf, fmt, ap);
(void) vsnprintf(buf, sizeof(buf), fmt, ap);
clrtoeol();
standout();
mvaddstr(CMDLINE, 0, buf);

View File

@ -34,7 +34,7 @@
#ifndef lint
static char sccsid[] = "@(#)mbufs.c 8.1 (Berkeley) 6/6/93";
static const char rcsid[] =
"$Id: mbufs.c,v 1.5 1997/02/24 20:59:03 wollman Exp $";
"$Id: mbufs.c,v 1.6 1997/09/24 02:43:40 wollman Exp $";
#endif /* not lint */
#include <sys/param.h>
@ -121,7 +121,7 @@ showmbufs()
mvwprintw(wnd, 1+j, 0, "%-10.10s", mtnames[index]);
wmove(wnd, 1 + j, 10);
if (max > 60) {
sprintf(buf, " %d", max);
snprintf(buf, sizeof(buf), " %d", max);
max = 60;
while (max--)
waddch(wnd, 'X');
@ -136,7 +136,7 @@ showmbufs()
if (mb->m_mbufs) {
mvwprintw(wnd, 1+j, 0, "%-10.10s", "free");
if (mb->m_mbufs > 60) {
sprintf(buf, " %d", mb->m_mbufs);
snprintf(buf, sizeof(buf), " %d", mb->m_mbufs);
mb->m_mbufs = 60;
while (mb->m_mbufs--)
waddch(wnd, 'X');

View File

@ -36,7 +36,7 @@
static char sccsid[] = "@(#)netstat.c 8.1 (Berkeley) 6/6/93";
*/
static const char rcsid[] =
"$Id$";
"$Id: netstat.c,v 1.8 1997/02/22 19:57:16 peter Exp $";
#endif /* not lint */
/*
@ -372,14 +372,16 @@ inetprint(in, port, proto)
struct servent *sp = 0;
char line[80], *cp, *index();
sprintf(line, "%.*s.", 16, inetname(*in));
snprintf(line, sizeof(line), "%.*s.", 16, inetname(*in));
cp = index(line, '\0');
if (!nflag && port)
sp = getservbyport(port, proto);
if (sp || port == 0)
sprintf(cp, "%.8s", sp ? sp->s_name : "*");
snprintf(cp, sizeof(line) - (cp - line), "%.8s",
sp ? sp->s_name : "*");
else
sprintf(cp, "%d", ntohs((u_short)port));
snprintf(cp, sizeof(line) - (cp - line), "%d",
ntohs((u_short)port));
/* pad to full column to clear any garbage */
cp = index(line, '\0');
while (cp - line < 22)
@ -420,11 +422,11 @@ inetname(in)
if (in.s_addr == INADDR_ANY)
strcpy(line, "*");
else if (cp)
strcpy(line, cp);
snprintf(line, sizeof(line), "%s", cp);
else {
in.s_addr = ntohl(in.s_addr);
#define C(x) ((x) & 0xff)
sprintf(line, "%u.%u.%u.%u", C(in.s_addr >> 24),
snprintf(line, sizeof(line), "%u.%u.%u.%u", C(in.s_addr >> 24),
C(in.s_addr >> 16), C(in.s_addr >> 8), C(in.s_addr));
}
return (line);

View File

@ -125,7 +125,7 @@ showpigs()
wmove(wnd, y, 0);
wclrtoeol(wnd);
mvwaddstr(wnd, y, 0, uname);
sprintf(pidname, "%10.10s", pname);
snprintf(pidname, sizeof(pidname), "%10.10s", pname);
mvwaddstr(wnd, y, 9, pidname);
wmove(wnd, y, 20);
for (j = pt[k].pt_pctcpu*factor + 0.5; j > 0; j--)

View File

@ -36,7 +36,7 @@
static char sccsid[] = "@(#)swap.c 8.3 (Berkeley) 4/29/95";
#endif
static const char rcsid[] =
"$Id$";
"$Id: swap.c,v 1.5 1997/07/06 04:37:22 bde Exp $";
#endif /* not lint */
/*
@ -122,17 +122,22 @@ initswap()
{
int i;
char msgbuf[BUFSIZ];
char *cp;
static int once = 0;
u_long ptr;
if (once)
return (1);
if (kvm_nlist(kd, syms)) {
strcpy(msgbuf, "systat: swap: cannot find");
for (i = 0; syms[i].n_name != NULL; i++) {
snprintf(msgbuf, sizeof(msgbuf), "systat: swap: cannot find");
cp = msgbuf + strlen(msgbuf) + 1;
for (i = 0;
syms[i].n_name != NULL && cp - msgbuf < sizeof(msgbuf);
i++) {
if (syms[i].n_value == 0) {
strcat(msgbuf, " ");
strcat(msgbuf, syms[i].n_name);
snprintf(cp, sizeof(msgbuf) - (cp - msgbuf),
" %s", syms[i].n_name);
cp += strlen(cp) + 1;
}
}
error(msgbuf);

View File

@ -36,7 +36,7 @@
static char sccsid[] = "@(#)vmstat.c 8.2 (Berkeley) 1/12/94";
#endif
static const char rcsid[] =
"$Id: vmstat.c,v 1.23 1997/09/25 01:14:25 peter Exp $";
"$Id: vmstat.c,v 1.24 1998/05/27 21:01:37 jhay Exp $";
#endif /* not lint */
/*
@ -585,7 +585,7 @@ putint(n, l, c, w)
addch(' ');
return;
}
sprintf(b, "%*d", w, n);
snprintf(b, sizeof(b), "%*d", w, n);
if (strlen(b) > w) {
while (w-- > 0)
addch('*');
@ -607,7 +607,7 @@ putfloat(f, l, c, w, d, nz)
addch(' ');
return;
}
sprintf(b, "%*.*f", w, d, f);
snprintf(b, sizeof(b), "%*.*f", w, d, f);
if (strlen(b) > w) {
while (--w >= 0)
addch('*');