summaryrefslogtreecommitdiffstats
path: root/ldap/clients
diff options
context:
space:
mode:
authorRich Megginson <rmeggins@redhat.com>2006-04-11 02:14:54 +0000
committerRich Megginson <rmeggins@redhat.com>2006-04-11 02:14:54 +0000
commite8c67e58c2faa3e3f5d328a92391a5a6a4569620 (patch)
tree7e16092b4dfb0106f446bb6a79552004399f7155 /ldap/clients
parent9545e36805201ac0e3172b762373c6df741c2721 (diff)
downloadds-e8c67e58c2faa3e3f5d328a92391a5a6a4569620.tar.gz
ds-e8c67e58c2faa3e3f5d328a92391a5a6a4569620.tar.xz
ds-e8c67e58c2faa3e3f5d328a92391a5a6a4569620.zip
Bug(s) fixed: 186280
Bug Description: ldapserver: Close potential security vulnerabilities in CGI code Reviewed by: Nathan, Noriko, and Pete (Thanks!) Fix Description: Clean up usage of sprintf, strcpy, fgets instead of gets, fixed buffer usage, etc., mostly in the CGI code and other user facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick to force it to check printf style varargs functions, to check the format string against the argument string, for type mismatches, missing arguments, and too many arguments. In the CGI form argument parsing code, we needed to be more careful about checking for bad input - good input is supposed to look like this: name=value&name=value&..... &name=value. I don't think the original code was checking properly for something like name&name=value. There was another place where we were not checking to see if a buffer had enough room before appending a string to it. I had to change a couple of functions to allow passing in the size of the buffer. Fixed some issues raised by Noriko and Nathan. Platforms tested: RHEL4 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none
Diffstat (limited to 'ldap/clients')
-rw-r--r--ldap/clients/dsgw/cgiutil.c33
-rw-r--r--ldap/clients/dsgw/ckdel.c6
-rw-r--r--ldap/clients/dsgw/ckdump.c6
-rw-r--r--ldap/clients/dsgw/ckget.c10
-rw-r--r--ldap/clients/dsgw/ckpurge.c5
-rw-r--r--ldap/clients/dsgw/ckput.c22
-rw-r--r--ldap/clients/dsgw/config.c28
-rw-r--r--ldap/clients/dsgw/cookie.c63
-rw-r--r--ldap/clients/dsgw/dbtdsgw.h1
-rw-r--r--ldap/clients/dsgw/domodify.c4
-rw-r--r--ldap/clients/dsgw/dsexpldif.c4
-rw-r--r--ldap/clients/dsgw/dsgw.h49
-rw-r--r--ldap/clients/dsgw/dsgwutil.c20
-rw-r--r--ldap/clients/dsgw/dsimpldif.c6
-rw-r--r--ldap/clients/dsgw/emitf.c76
-rw-r--r--ldap/clients/dsgw/entrydisplay.c13
-rw-r--r--ldap/clients/dsgw/htmlparse.c43
-rw-r--r--ldap/clients/dsgw/ldaputil.c11
-rw-r--r--ldap/clients/dsgw/templateindex.c6
-rw-r--r--ldap/clients/dsgw/tutor.c4
-rw-r--r--ldap/clients/orgchart/wrapper.c13
21 files changed, 219 insertions, 204 deletions
diff --git a/ldap/clients/dsgw/cgiutil.c b/ldap/clients/dsgw/cgiutil.c
index 85437cf9..965a28f9 100644
--- a/ldap/clients/dsgw/cgiutil.c
+++ b/ldap/clients/dsgw/cgiutil.c
@@ -236,7 +236,7 @@ dsgw_get_cgi_var(char *varname, int required)
if ( required == DSGW_CGIVAR_REQUIRED && ans == NULL ) {
char errbuf[ 256 ];
- PR_snprintf( errbuf, 256,
+ PR_snprintf( errbuf, sizeof(errbuf),
XP_GetClientStr(DBT_missingFormDataElement100s_), varname );
dsgw_error( DSGW_ERR_BADFORMDATA, errbuf, DSGW_ERROPT_EXIT, 0, NULL );
}
@@ -325,21 +325,24 @@ dsgw_string_to_vec(char *in)
vars++;
ans = (char **) dsgw_ch_malloc((sizeof(char *)) * (vars+1));
-
- x=0;
- /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */
- tmp = strtok(in, "&");
- ans[x]=dsgw_ch_strdup(tmp);
- dsgw_form_unescape(ans[x++]);
-
- while((tmp = strtok(NULL, "&"))) {
- if ( strchr( tmp, '=' ) == NULL ) {
- break;
+ if (ans) {
+ x=0;
+ /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */
+ tmp = strtok(in, "&");
+ if (tmp && *tmp && strchr(tmp, '=')) {
+ ans[x]=dsgw_ch_strdup(tmp);
+ dsgw_form_unescape(ans[x++]);
+
+ while((x <= vars) && (tmp = strtok(NULL, "&"))) {
+ if ( strchr( tmp, '=' ) == NULL ) {
+ break;
+ }
+ ans[x] = dsgw_ch_strdup(tmp);
+ dsgw_form_unescape(ans[x++]);
+ }
+ }
+ ans[x] = NULL;
}
- ans[x] = dsgw_ch_strdup(tmp);
- dsgw_form_unescape(ans[x++]);
- }
- ans[x] = NULL;
return(ans);
}
diff --git a/ldap/clients/dsgw/ckdel.c b/ldap/clients/dsgw/ckdel.c
index fa785f4d..596499b4 100644
--- a/ldap/clients/dsgw/ckdel.c
+++ b/ldap/clients/dsgw/ckdel.c
@@ -45,12 +45,16 @@
main( int argc, char **argv)
{
char cookie[ 512 ];
+ char *ptr;
int rc;
printf( "Remove an entry to the cookie database\n" );
printf( "cookie: " );
- gets( cookie );
+ fgets( cookie, sizeof(cookie), stdin );
+ if (ptr = strchr(cookie, '\n')) {
+ *ptr = 0;
+ }
rc = dsgw_delcookie( cookie );
if ( rc == 0 ) {
diff --git a/ldap/clients/dsgw/ckdump.c b/ldap/clients/dsgw/ckdump.c
index 5975ed5a..7b0cc54d 100644
--- a/ldap/clients/dsgw/ckdump.c
+++ b/ldap/clients/dsgw/ckdump.c
@@ -44,12 +44,6 @@
main()
{
- char *p;
- time_t expires;
- char dn[ 512 ];
- char pw[ 512 ];
- char expsec[ 512 ];
-
#ifdef notdef /* this was some testing code... */
{
char *ck, *r, *d, *p;
diff --git a/ldap/clients/dsgw/ckget.c b/ldap/clients/dsgw/ckget.c
index 6a01aabd..df48500e 100644
--- a/ldap/clients/dsgw/ckget.c
+++ b/ldap/clients/dsgw/ckget.c
@@ -55,9 +55,15 @@ main()
printf( "Retrieve an entry from the cookie database\n" );
printf( "cookie: " );
- gets( cookie );
+ fgets( cookie, sizeof(cookie), stdin );
+ if (p = strchr(cookie, '\n')) {
+ *p = 0;
+ }
printf( "dn: " );
- gets( dn );
+ fgets( dn, sizeof(dn), stdin );
+ if (p = strchr(dn, '\n')) {
+ *p = 0;
+ }
rc = dsgw_ckdn2passwd( cookie, dn, &pw );
if ( rc == 0 ) {
diff --git a/ldap/clients/dsgw/ckpurge.c b/ldap/clients/dsgw/ckpurge.c
index cc40037c..1f9bc30f 100644
--- a/ldap/clients/dsgw/ckpurge.c
+++ b/ldap/clients/dsgw/ckpurge.c
@@ -44,11 +44,6 @@
main()
{
- char *p;
- time_t expires;
- char dn[ 512 ];
- char pw[ 512 ];
- char expsec[ 512 ];
int np = 0;
time_t last;
FILE *fp;
diff --git a/ldap/clients/dsgw/ckput.c b/ldap/clients/dsgw/ckput.c
index ebf5c2cc..42baf85f 100644
--- a/ldap/clients/dsgw/ckput.c
+++ b/ldap/clients/dsgw/ckput.c
@@ -59,17 +59,18 @@ main( int argc, char **argv)
SEC_RNGInit();
SEC_SystemInfoForRNG();
+ dn[0] = pw[0] = lifesec[0] = 0;
if ( argc > 1 ) {
while (( c = getopt( argc, argv, "d:l:p:" )) != EOF ) {
switch ( c ) {
case 'd':
- strcpy( dn, optarg );
+ PL_strncpyz( dn, optarg, sizeof(dn) );
break;
case 'l':
- strcpy( lifesec, optarg );
+ PL_strncpyz( lifesec, optarg, sizeof(lifesec) );
break;
case 'p':
- strcpy( pw, optarg );
+ PL_strncpyz( pw, optarg, sizeof(pw) );
break;
}
}
@@ -77,11 +78,20 @@ main( int argc, char **argv)
if ( strlen( dn ) == 0 || strlen( pw ) == 0 || strlen( lifesec ) == 0 ) {
printf( "dn: " );
- gets( dn );
+ fgets( dn, sizeof(dn), stdin );
+ if (p = strchr(dn, '\n')) {
+ *p = 0;
+ }
printf( "passwd: " );
- gets( pw );
+ fgets( pw, sizeof(pw), stdin );
+ if (p = strchr(pw, '\n')) {
+ *p = 0;
+ }
printf( "expires in how many seconds? " );
- gets( lifesec );
+ fgets( lifesec, sizeof(lifesec), stdin );
+ if (p = strchr(lifesec, '\n')) {
+ *p = 0;
+ }
}
lifetime = atol( lifesec );
diff --git a/ldap/clients/dsgw/config.c b/ldap/clients/dsgw/config.c
index 3cd0e73d..346f91f9 100644
--- a/ldap/clients/dsgw/config.c
+++ b/ldap/clients/dsgw/config.c
@@ -298,22 +298,6 @@ dsgw_read_config()
read_dsgwconfig( fname, NULL, gc->gc_admserv, 0 );
free( fname );
-#if 0
- /* if necessary, try to set path to certificate database */
-#ifndef DSGW_NO_SSL
- if ( gc->gc_ldapssl && gc->gc_securitypath == NULL ) {
- if ( gc->gc_admserv ) {
- if (( p = get_nsadm_var( "CertFile" )) != NULL ) {
- gc->gc_securitypath = dsgw_ch_malloc( strlen( p ) + 4 );
- sprintf( gc->gc_securitypath, "%s.db", p );
- }
- } else {
- gc->gc_securitypath = DSGW_DEFSECURITYPATH;
- }
- }
-#endif
-#endif
-
if ( browser_ignores_acceptcharset() ) {
set_dsgwcharset();
} else {
@@ -379,7 +363,7 @@ read_dsgwconfig( char *filename, char *locsuffix, int templatesonly, int binddnf
if ( strstr( filename, "dsgw-l10n.conf" ) != NULL ) {
return; /* ignore if it's dsgw-l10n.conf */
}
- PR_snprintf( buf, MAXPATHLEN + 100,
+ PR_snprintf( buf, sizeof(buf),
XP_GetClientStr(DBT_cannotOpenConfigFileSN_), filename );
dsgw_error( DSGW_ERR_BADCONFIG, buf, DSGW_ERROPT_EXIT, 0, NULL );
}
@@ -978,7 +962,7 @@ app_suffix (char *ldif, char *suffix)
return;
}
- PR_snprintf( tmpldif, 128, "%s.tmp", ldif);
+ PR_snprintf( tmpldif, sizeof(tmpldif), "%s.tmp", ldif);
if ( (newfp = fopen( tmpldif, "w" )) == NULL ) {
dsgw_emitf (XP_GetClientStr(DBT_AppSuffixCouldNotOpenTmpFileSN_),
ldif);
@@ -1199,7 +1183,7 @@ dsgw_update_dbswitch( dsgwconfig *cfgp, char *dbhandle, int erropts )
}
/* read old dbswitch.conf contents */
- PR_snprintf( oldfname, MAXPATHLEN, "%s/%s", userdb_path,
+ PR_snprintf( oldfname, sizeof(oldfname), "%s/%s", userdb_path,
DSGW_DBSWITCH_FILE );
if (( rc = dbconf_read_config_file( oldfname, &cip )) != LDAPU_SUCCESS ) {
report_ldapu_error( rc, DSGW_ERR_BADCONFIG, erropts );
@@ -1207,10 +1191,10 @@ dsgw_update_dbswitch( dsgwconfig *cfgp, char *dbhandle, int erropts )
}
/* write db info to new file, replacing information for "dbhandle" */
- PR_snprintf( newfname, MAXPATHLEN, "%s/%s", userdb_path,
+ PR_snprintf( newfname, sizeof(newfname), "%s/%s", userdb_path,
DSGW_DBSWITCH_TMPFILE );
if (( newfp = fopen( newfname, "w" )) == NULL ) {
- PR_snprintf( buf, MAXPATHLEN + 100,
+ PR_snprintf( buf, sizeof(buf),
XP_GetClientStr(DBT_cannotOpenConfigFileSForWritingN_), newfname );
dsgw_error( DSGW_ERR_UPDATE_DBSWITCH, buf, erropts, 0, NULL );
return( -1 );
@@ -1693,7 +1677,7 @@ fp_parse_line(
for ( token = strtok_quote( line, " \t" ); token != NULL;
token = strtok_quote( NULL, " \t" ) ) {
if ( *argcp == MAXARGS ) {
- PR_snprintf( buf, 20,
+ PR_snprintf( buf, sizeof(buf),
XP_GetClientStr(DBT_maxD_), MAXARGS );
dsgw_error( DSGW_ERR_CONFIGTOOMANYARGS, buf,
DSGW_ERROPT_EXIT, 0, NULL );
diff --git a/ldap/clients/dsgw/cookie.c b/ldap/clients/dsgw/cookie.c
index 028dd1a9..681d10e2 100644
--- a/ldap/clients/dsgw/cookie.c
+++ b/ldap/clients/dsgw/cookie.c
@@ -144,8 +144,8 @@ dsgw_mkrndstr()
PK11_ConfigurePKCS11(NULL, NULL, tokDes, ptokDes, NULL, NULL, NULL, NULL, 0, 0 );
/*NSS_NoDB_Init(NULL);*/
dsgw_initNSS();
- PK11_GenerateRandom(buf, RNDBUFLEN);
- return( buf2str( buf, RNDBUFLEN ));
+ PK11_GenerateRandom(buf, sizeof(buf));
+ return( buf2str( buf, sizeof(buf) ));
}
@@ -162,7 +162,7 @@ dsgw_opencookiedb()
#define F_OK 0
#endif
#endif
- sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context);
+ PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context);
if ( access( cdb, F_OK ) == 0 ) {
fp = fopen( cdb, "r+" );
@@ -253,7 +253,7 @@ dsgw_ckdn2passwd( char *rndstr, char *dn, char **ret_pw )
}
for (;;) {
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
dsgw_closecookiedb( fp );
#ifdef DSGW_DEBUG
dsgw_log( "dsgw_ckdn2passwd: cookie <%s> not found in db\n",
@@ -433,14 +433,14 @@ dsgw_delcookie( char *cookie )
if (( fp = dsgw_opencookiedb()) == NULL ) {
return -1;
}
- fgets( buf, CKBUFSIZ, fp );
+ fgets( buf, sizeof(buf), fp );
if ( strncmp( buf, "lastpurge:", 10 )) {
dsgw_closecookiedb( fp );
return -1;
}
rc = DSGW_CKDB_KEY_NOT_PRESENT;
for (;;) {
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
break;
}
if ( strncmp( buf, rndstr, CKLEN )) {
@@ -513,7 +513,7 @@ dsgw_getlastpurged( FILE *fp )
pos = ftell( fp );
fseek( fp, 0L, SEEK_SET );
- fgets( buf, CKBUFSIZ, fp );
+ fgets( buf, sizeof(buf), fp );
if ( strncmp( buf, "lastpurge:", 10 )) {
ret = (time_t) 0L;
} else {
@@ -553,7 +553,7 @@ dsgw_purgedatabase( char *dn )
size_t csize; /* current size of file */
char cdb[MAXPATHLEN]; /*DSGW_COOKIEDB_FNAME + context*/
- sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context);
+ PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context);
if (( fp = dsgw_opencookiedb()) == NULL ) {
return -1;
@@ -576,10 +576,11 @@ dsgw_purgedatabase( char *dn )
char *p;
char *dbdn;
int nukeit;
+ size_t maxlen = sizeof(expbuf);
nukeit = 0;
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
break;
}
if ( strncmp( buf, "lastpurge:", 10 ) == 0 ) {
@@ -596,8 +597,13 @@ dsgw_purgedatabase( char *dn )
dsgw_closecookiedb( fp );
return -1;
}
- strncpy( expbuf, exp, p - exp );
- expbuf[ p - exp ] = '\0';
+ if ((p - exp) < maxlen) {
+ maxlen = p - exp;
+ } else {
+ maxlen--; /* need a length, not a count */
+ }
+ strncpy( expbuf, exp, maxlen );
+ expbuf[ maxlen ] = '\0';
time( &now );
/* Get the entry's DN */
@@ -678,7 +684,7 @@ dsgw_traverse_db()
return;
}
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
dsgw_closecookiedb( fp );
printf( "Cookie database is empty (no lastpurge line)\n" );
return;
@@ -686,8 +692,9 @@ dsgw_traverse_db()
puts( buf );
for (;;) {
+ size_t maxlen = sizeof(expbuf);
char *p;
- if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) {
+ if ( fgets( buf, sizeof(buf), fp ) == NULL ) {
dsgw_closecookiedb( fp );
printf( "%d entries, %d expired\n", total, expired );
return;
@@ -702,8 +709,13 @@ dsgw_traverse_db()
return;
}
printf( "%s", buf );
- strncpy( expbuf, exp, p - exp + 1 );
- expbuf[ p - exp + 1 ] = '\0';
+ if ((p - exp + 1) < maxlen) {
+ maxlen = p - exp + 1;
+ } else {
+ maxlen--; /* need a length, not a count */
+ }
+ strncpy( expbuf, exp, maxlen );
+ expbuf[ maxlen ] = '\0';
time( &now );
total++;
if ( now > atol( expbuf )) {
@@ -752,6 +764,7 @@ dsgw_mkcookie( char *dn, char *password, time_t lifetime, int *err )
return NULL;
}
+ /* richm: replace with PR_smprintf */
ckbuf = dsgw_ch_malloc( strlen( DSGW_CKHDR ) + strlen( r ) +
strlen( edn ) + strlen( DSGW_AUTHCKNAME ) + 2 + 20 );
ckbuf[ 0 ] = '\0';
@@ -770,26 +783,6 @@ dsgw_mkcookie( char *dn, char *password, time_t lifetime, int *err )
-#if 0
-/*
- * Given a time_t, return a GMTString representation of that time.
- */
-char *
-dsgw_t2gmts( time_t cktime )
-{
- time_t tnl;
- struct tm *pt;
-#define TBUFSIZE 40
- char tbuf[ TBUFSIZE ];
-
- tnl = time( NULL );
- pt = gmtime( &tnl );
- (void)strftime( tbuf, (size_t)TBUFSIZE, "%A, %d-%b-%y %T GMT", pt);
- return( dsgw_ch_strdup( tbuf ));
-}
-#endif
-
-
/*
* Password obfuscation, etc.
* There is no real security here -- we just encrypt using a hard-coded key.
diff --git a/ldap/clients/dsgw/dbtdsgw.h b/ldap/clients/dsgw/dbtdsgw.h
index 78546b64..9a7a01ea 100644
--- a/ldap/clients/dsgw/dbtdsgw.h
+++ b/ldap/clients/dsgw/dbtdsgw.h
@@ -463,5 +463,6 @@ BEGIN_STR(dsgw)
ResDef( DBT_missingArgumentForOrgChartURLDirectiv_, 412, "Missing argument for \"url-orgchart-base\" directive\n" )/*extracted from config.c*/
ResDef( DBT_missingArgumentForOrgChartSearchAttr_ , 413, "Missing argument for \"orgchart-attrib-farleft-rdn\" directive\n" )/*extracted from config.c*/
ResDef( DBT_theCharsetIsNotSupported , 414, "The charset is not supported\n" )
+ ResDef( DBT_invalidTemplateVarLen, 415, "The string length %d of template variable \"%s\" is too long\n" )
END_STR(dsgw)
diff --git a/ldap/clients/dsgw/domodify.c b/ldap/clients/dsgw/domodify.c
index 0d935f01..6ff48403 100644
--- a/ldap/clients/dsgw/domodify.c
+++ b/ldap/clients/dsgw/domodify.c
@@ -153,7 +153,7 @@ post_request()
}
if ( !quiet ) {
- PR_snprintf( buf, 256,
+ PR_snprintf( buf, sizeof(buf),
XP_GetClientStr(DBT_SDirectoryEntry_), changedesc );
dsgw_html_begin( buf, 1 );
} else {
@@ -413,7 +413,7 @@ static int
entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp )
{
int lderr, i, j, opoffset, modop, mls, unique, unchanged_count;
- char *varname, *varvalue, *retval, *attr, *p, **vals, **unchanged_attrs;
+ char *varname, *varvalue, *attr, *p, **vals, **unchanged_attrs;
char *ntuserid = NULL;
LDAPMod **pmods;
diff --git a/ldap/clients/dsgw/dsexpldif.c b/ldap/clients/dsgw/dsexpldif.c
index 79c0cdf3..66d0b040 100644
--- a/ldap/clients/dsgw/dsexpldif.c
+++ b/ldap/clients/dsgw/dsexpldif.c
@@ -124,14 +124,14 @@ handle_post()
if (gc->gc_localdbconf == NULL) {
/* remote */
- PR_snprintf (cmd, BIG_LINE,
+ PR_snprintf (cmd, sizeof(cmd),
"./%s -b \"%s\" -h %s -p %d \"objectclass=*\" > %s 2> %s",
DSGW_LDAPSEARCH, gc->gc_ldapsearchbase, gc->gc_ldapserver,
gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE);
}
else {
/* local database */
- PR_snprintf (cmd, BIG_LINE,
+ PR_snprintf (cmd, sizeof(cmd),
"./%s -b \"\" -C %s \"objectclass=*\" > %s 2> %s",
DSGW_LDAPSEARCH, gc->gc_localdbconf, ldiffile, DSGW_NULL_DEVICE);
}
diff --git a/ldap/clients/dsgw/dsgw.h b/ldap/clients/dsgw/dsgw.h
index a35d2fb7..cbffeec8 100644
--- a/ldap/clients/dsgw/dsgw.h
+++ b/ldap/clients/dsgw/dsgw.h
@@ -825,7 +825,12 @@ void dsgw_remove_leading_and_trailing_spaces( char **sp );
int dsgw_parse_cookie( char *cookie, char **rndstr, char **dn );
char *dsgw_getvp( int cginum );
#ifdef DSGW_DEBUG
-void dsgw_log( char *fmt, ... );
+void dsgw_log( char *fmt, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 1, 2)));
+#else
+ ;
+#endif
void dsgw_logstringarray( char *arrayname, char **strs );
void dsgw_log_out (const char* s, size_t n);
#else
@@ -875,16 +880,36 @@ void dsgw_html_href( char *urlprefix, char *url, char *label, char *value,
void dsgw_strcat_escaped( char *s1, const char *s2 );
char *dsgw_strdup_escaped( const char *s );
void dsgw_substitute_and_output( char *s, char *tag, char *value, int escape );
-void dsgw_form_begin( const char* name, const char* format, ... );
+void dsgw_form_begin( const char* name, const char* format, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 2, 3)));
+#else
+ ;
+#endif
char *dsgw_strdup_with_entities( char *s, int *madecopyp );
void dsgw_HTML_emits( char * );
void dsgw_emit_cgi_var( int argc, char **argv );
-void dsgw_emit_button( int argc, char **argv, const char* format, ... );
+void dsgw_emit_button( int argc, char **argv, const char* format, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 3, 4)));
+#else
+ ;
+#endif
void dsgw_emit_alertForm();
-void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... );
+void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 3, 4)));
+#else
+ ;
+#endif
void dsgw_emit_confirmForm();
void dsgw_emit_confirm( const char* frame, const char* yes, const char* no,
- const char* windowOptions, int enquote, const char* fmt, ... );
+ const char* windowOptions, int enquote, const char* fmt, ... )
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 6, 7)));
+#else
+ ;
+#endif
/*
* in htmlparse.c:
@@ -983,7 +1008,12 @@ void dsgw_emit_auth_dest( char *binddn, char* authdesturl );
* in emitf.c
*/
int dsgw_emits (const char* s); /* like fputs(s, stdout) */
-int dsgw_emitf (const char* format, ...); /* like printf */
+int dsgw_emitf (const char* format, ...) /* like printf */
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 1, 2)));
+#else
+ ;
+#endif
int dsgw_emitfv (const char* format, va_list argl);
char* dsgw_emit_converts_to (char* charset);
int is_UTF_8 (const char* charset);
@@ -995,7 +1025,12 @@ size_t dsgw_fputn (FILE*, const char* buf, size_t len);
void dsgw_quotation_begin (int kind);
void dsgw_quotation_end();
int dsgw_quote_emits (int kind, const char* s);
-int dsgw_quote_emitf (int kind, const char* format, ...);
+int dsgw_quote_emitf (int kind, const char* format, ...)
+#ifdef __GNUC__
+ __attribute__ ((format (printf, 2, 3)));
+#else
+ ;
+#endif
/*
* in collate.c
diff --git a/ldap/clients/dsgw/dsgwutil.c b/ldap/clients/dsgw/dsgwutil.c
index afb16f74..a353f041 100644
--- a/ldap/clients/dsgw/dsgwutil.c
+++ b/ldap/clients/dsgw/dsgwutil.c
@@ -927,7 +927,7 @@ dsgw_get_tmp_log_dir()
#endif
install_dir = getenv("NETSITE_ROOT");
if (install_dir != NULL) {
- sprintf(tmp_log, "%s/tmp/dsgw", install_dir);
+ PR_snprintf(tmp_log, sizeof(tmp_log), "%s/tmp/dsgw", install_dir);
#if defined( XP_WIN32 )
for(ilen=0; ilen < strlen(tmp_log); ilen++)
{
@@ -937,15 +937,15 @@ dsgw_get_tmp_log_dir()
#endif /* XP_WIN32 */
} else {
#if defined( XP_WIN32 )
- ilen = strlen(tmp_dir);
GetTempPath( ilen+1, tmp_dir );
+ ilen = strlen(tmp_dir);
/* Remove trailing slash. */
pch = tmp_dir[ilen-1];
if( pch == '\\' || pch == '/' )
tmp_dir[ilen-1] = '\0';
- sprintf(tmp_log, "%s\\DSGW", tmp_dir);
+ PR_snprintf(tmp_log, sizeof(tmp_log), "%s\\DSGW", tmp_dir);
#else
- sprintf(tmp_log, "/tmp/dsgw");
+ PR_snprintf(tmp_log, sizeof(tmp_log), "/tmp/dsgw");
#endif
}
return tmp_log;
@@ -964,7 +964,7 @@ dsgw_log_out (const char* s, size_t n)
#else
"%s/%.50s.out";
#endif
- PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname );
+ PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname );
log_out_fp = fopen( fname, "w" );
}
if (log_out_fp != NULL) {
@@ -996,14 +996,14 @@ dsgw_log( char *fmt, ... )
#else
"%s/%.50s";
#endif
- PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname );
+ PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname );
if (( logfp = fopen( fname, "a+" )) == NULL ) {
return;
}
}
- memcpy( timebuf, ctime( &t ), 19 );
- timebuf[ 19 ] = '\0';
+ memcpy( timebuf, ctime( &t ), sizeof(timebuf)-1 );
+ timebuf[ sizeof(timebuf)-1 ] = '\0';
fprintf( logfp, "%s %s: ", timebuf, progname );
va_start( ap, fmt );
@@ -1327,7 +1327,7 @@ AcceptLangList(const char* AcceptLanguage,
}
}
for ( i=0 ; i<countLang ; i++ ) {
- strcpy(AcceptLanguageList[i],ptrLanguage[i]);
+ PL_strncpyz(AcceptLanguageList[i],ptrLanguage[i],sizeof(AcceptLanguageList[i]));
}
} else {
@@ -1336,7 +1336,7 @@ AcceptLangList(const char* AcceptLanguage,
cPtr = strtok(input,",");
while (cPtr) {
if (strlen(cPtr)<MAX_ACCEPT_LENGTH) { /* ignore if too long */
- strcpy(AcceptLanguageList[countLang++],cPtr);
+ PL_strncpyz(AcceptLanguageList[countLang++],cPtr,sizeof(AcceptLanguageList[i]));
if (countLang>=MAX_ACCEPT_LANGUAGE) break; /* quit if too many */
}
cPtr = strtok(NULL,",");
diff --git a/ldap/clients/dsgw/dsimpldif.c b/ldap/clients/dsgw/dsimpldif.c
index cceb7083..407fa662 100644
--- a/ldap/clients/dsgw/dsimpldif.c
+++ b/ldap/clients/dsgw/dsimpldif.c
@@ -148,17 +148,17 @@ handle_post()
if (gc->gc_localdbconf == NULL) {
/* remote */
- PR_snprintf (cmd, BIG_LINE, "./%s -a %s -h %s -p %d -f %s > %s 2>&1",
+ PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -h %s -p %d -f %s > %s 2>&1",
DSGW_LDAPMODIFY, stop?"":"-c",gc->gc_ldapserver,
gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE);
}
else {
/* local database */
- PR_snprintf (cmd, BIG_LINE, "./%s -a %s -C %s -f %s > %s 2>&1",
+ PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -C %s -f %s > %s 2>&1",
DSGW_LDAPMODIFY, stop?"":"-c", gc->gc_localdbconf, ldiffile,
DSGW_NULL_DEVICE);
}
- PR_snprintf (path, BIG_LINE, "%s%s", userdb_path, DSGW_TOOLSDIR);
+ PR_snprintf (path, sizeof(path), "%s%s", userdb_path, DSGW_TOOLSDIR);
chdir ( path );
fflush (stdout);
if (system (cmd) == 0) {
diff --git a/ldap/clients/dsgw/emitf.c b/ldap/clients/dsgw/emitf.c
index a1f85dde..a6352821 100644
--- a/ldap/clients/dsgw/emitf.c
+++ b/ldap/clients/dsgw/emitf.c
@@ -188,12 +188,12 @@ dsgw_vxprintf (dsgw_producer produce, void* parm,
char deffmt[DEFFMTC];
char* fmt = deffmt;
- size_t fmtc = DEFFMTC;
+ size_t fmtc = sizeof(deffmt);
const char* next;
const char* f;
- char buf [1024];
+ char buf [1024] = {0};
int i;
i = count_slots (format);
@@ -396,33 +396,33 @@ dsgw_vxprintf (dsgw_producer produce, void* parm,
}
/* produce a single argument */
switch (islot->type) {
- case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break;
- case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break;
- case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break;
- case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break;
- case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break;
- case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break;
- case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break;
+ case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break;
+ case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break;
+ case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break;
+ case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break;
+ case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break;
+ case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break;
+ case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break;
case TYPE_WIDTH:
case TYPE_PRECISION:
switch ((++islot)->type) {
- case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break;
- case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break;
- case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break;
- case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break;
- case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break;
- case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break;
- case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break;
+ case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break;
+ case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break;
+ case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break;
+ case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break;
+ case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break;
+ case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break;
+ case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break;
case TYPE_WIDTH:
case TYPE_PRECISION:
switch ((++islot)->type) {
- case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break;
- case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break;
- case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break;
- case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break;
- case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break;
- case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break;
- case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break;
+ case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break;
+ case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break;
+ case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break;
+ case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break;
+ case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break;
+ case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break;
+ case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break;
case TYPE_WIDTH:
case TYPE_PRECISION: goto bail; /* how did this happen? */
case TYPE_PERCENT:
@@ -647,7 +647,7 @@ dsgw_emitn (void* parm, const char* s, size_t n)
s += slen; /* advance pointer to next unconverted chars */
/* convert as many chars from s as will fit in buf */
result = dsgw_convert(DSGW_FROM_UTF8, emit_converter,
- &bufptr, CONVERT_BUFSIZE, &len,
+ &bufptr, sizeof(buf), &len,
s, n, &slen, &err);
/* write the converted chars to the output */
n = dsgw_emitq ((FILE*)parm, buf, len);
@@ -661,34 +661,6 @@ dsgw_emitn (void* parm, const char* s, size_t n)
return parm;
}
-#if 0
-static void
-dsgw_convert (void* parm, const char* s, size_t n)
- /* Transform the output, in a visually distinctive way.
- This function is intended for testing, only.
- */
-{
- while (parm && n > 0) {
- const size_t len = LDAP_UTF8LEN(s);
- if (len == 1 && *s >= '!' && *s <= '~') { /* ASCII */
- /* output the double-width variant of this character */
- unsigned c = (unsigned)*s - '!' + 0xFF01;
- unsigned char buf[3];
- buf[2] = 0x80 | (c & 0x3F); c >>= 6;
- buf[1] = 0x80 | (c & 0x3F); c >>= 6;
- buf[0] = 0xE0 | (c & 0x0F);
- parm = dsgw_emitn (parm, (char*)buf, 3);
- } else {
- parm = dsgw_emitn (parm, s, len);
- }
- if (parm) {
- n -= len;
- s += len;
- }
- }
-}
-#endif
-
int
dsgw_emits (const char* s)
/* This function works like fputs(s, stdout), except it
diff --git a/ldap/clients/dsgw/entrydisplay.c b/ldap/clients/dsgw/entrydisplay.c
index 3a1bbb29..506044b5 100644
--- a/ldap/clients/dsgw/entrydisplay.c
+++ b/ldap/clients/dsgw/entrydisplay.c
@@ -239,7 +239,9 @@ static void dsgw_value_free( void **ldvals, int binary ) ;
static char *dsgw_time(time_t secs_since_1970);
/* attribute syntax handler routines */
+#if NEEDED_FOR_DEBUGGING
static void ntdomain_display( struct dsgw_attrdispinfo *adip );
+#endif
static void ntuserid_display( struct dsgw_attrdispinfo *adip );
static void str_display( struct dsgw_attrdispinfo *adip );
static void str_edit( struct dsgw_attrdispinfo *adip );
@@ -1623,10 +1625,10 @@ binvalue_display( struct dsgw_attrdispinfo *adip )
memcpy( &iValue, bin_data.bv_val, sizeof( iValue ) );
if(( adip->adi_opts & DSGW_ATTROPT_DECIMAL ) != 0 )
- PR_snprintf( szFormat, 512, "%%lu" );
+ PR_snprintf( szFormat, sizeof(szFormat), "%%lu" );
else
- PR_snprintf( szFormat, 512, "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 );
- PR_snprintf( szFlags, 512, szFormat, iValue );
+ PR_snprintf( szFormat, sizeof(szFormat), "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 );
+ PR_snprintf( szFlags, sizeof(szFlags), szFormat, iValue );
fputs( szFlags, stdout );
@@ -1639,6 +1641,7 @@ binvalue_display( struct dsgw_attrdispinfo *adip )
}
}
+#if NEEDED_FOR_DEBUGGING
/*
* display handler for NT Domain Identifier string
*/
@@ -1671,7 +1674,7 @@ ntdomain_display( struct dsgw_attrdispinfo *adip )
}
}
-
+#endif
/*
@@ -3222,7 +3225,7 @@ dsgw_time(time_t secs_since_1970)
}
/* convert to utf8 */
- u_strToUTF8(obuf, BSIZ, NULL, dstr0, myStrlen, &err);
+ u_strToUTF8(obuf, sizeof(obuf), NULL, dstr0, myStrlen, &err);
if (err != U_ZERO_ERROR) {
dsgw_error( DSGW_ERR_LDAPGENERAL, NULL, DSGW_ERROPT_EXIT, err, NULL );
diff --git a/ldap/clients/dsgw/htmlparse.c b/ldap/clients/dsgw/htmlparse.c
index 3b0007fc..9aa2567f 100644
--- a/ldap/clients/dsgw/htmlparse.c
+++ b/ldap/clients/dsgw/htmlparse.c
@@ -202,14 +202,14 @@ void *condarg
} else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT &&
!strcmp(templates[ index ].name + 1, "CONTEXT ")) {
char line[ BIG_LINE ];
- PR_snprintf( line, BIG_LINE, templates[ index ].format, context);
+ PR_snprintf( line, sizeof(line), templates[ index ].format, context);
dsgw_emits( line );
} else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT ) {
/* I just can't believe there's no easy way to create
* a va_list. */
char line[ BIG_LINE ];
- PR_snprintf( line, BIG_LINE, templates[ index ].format,
+ PR_snprintf( line, sizeof(line), templates[ index ].format,
( *argc > 0 && vars[ 0 ] != NULL ) ? vars[ 0 ]: "",
( *argc > 1 && vars[ 1 ] != NULL ) ? vars[ 1 ]: "",
( *argc > 2 && vars[ 2 ] != NULL ) ? vars[ 2 ]: "",
@@ -377,14 +377,14 @@ dsgw_pageheader(int argc, char **argv)
dsgw_emits("<center><table border=2 width=100%%>\n");
- util_snprintf(line, BIG_LINE, "<tr>");
+ util_snprintf(line, sizeof(line), "<tr>");
dsgw_emits(line);
- util_snprintf(line, BIG_LINE, "<td align=center width=100%%>");
+ util_snprintf(line, sizeof(line), "<td align=center width=100%%>");
dsgw_emits(line);
- util_snprintf(line, BIG_LINE, "<hr size=0 width=0>");
+ util_snprintf(line, sizeof(line), "<hr size=0 width=0>");
dsgw_emits(line);
- util_snprintf(line, BIG_LINE, "<FONT size=+2><b>%s</b></FONT>"
+ util_snprintf(line, sizeof(line), "<FONT size=+2><b>%s</b></FONT>"
"<hr size=0 width=0>"
"</th>", ( argc > 0 ) ? argv[0] : "" );
dsgw_emits(line);
@@ -399,7 +399,7 @@ dsgw_title( int argc, char **argv)
char line[BIG_LINE];
dsgw_emits("<HTML>");
dsgw_head_begin();
- util_snprintf(line, BIG_LINE, "\n<TITLE>%s</TITLE></HEAD>\n"
+ util_snprintf(line, sizeof(line), "\n<TITLE>%s</TITLE></HEAD>\n"
"<BODY %s>\n", ( argc > 0 ) ? argv[0] : "", dsgw_html_body_colors );
dsgw_emits(line);
}
@@ -411,10 +411,10 @@ dsgw_body( int argc, char **argv)
char line[BIG_LINE];
if ( argc > 0 ) {
- util_snprintf(line, BIG_LINE, "<BODY %s %s>\n", dsgw_html_body_colors,
+ util_snprintf(line, sizeof(line), "<BODY %s %s>\n", dsgw_html_body_colors,
( argc > 0 ) ? argv[0] : "" );
} else {
- util_snprintf(line, BIG_LINE, "<BODY %s>\n", dsgw_html_body_colors );
+ util_snprintf(line, sizeof(line), "<BODY %s>\n", dsgw_html_body_colors );
}
dsgw_emits(line);
@@ -451,14 +451,14 @@ dsgw_submit(int verify, char **vars)
if(!verify) {
char outstr[256];
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=submit value=\"%s\">"
"</td>\n",
XP_GetClientStr(DBT_ok_1));
dsgw_emits(outstr);
} else {
char outstr[256];
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=button value=\"%s\" "
"onclick=\"verify(this.form)\">"
"</td>\n",
@@ -467,7 +467,7 @@ dsgw_submit(int verify, char **vars)
}
{
char outstr[256];
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=reset value=\"%s\"></td>\n",
XP_GetClientStr(DBT_reset_));
dsgw_emits(outstr);
@@ -489,12 +489,12 @@ dsgw_dialogsubmit(void)
dsgw_emits("<center><table border=2 width=100%%><tr>");
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=submit value=\"%s\">"
"</td>\n",
XP_GetClientStr(DBT_done_));
dsgw_emits(outstr);
- PR_snprintf(outstr, 256, "<td width=50%% align=center>"
+ PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>"
"<input type=button value=\"%s\" "
"onClick=\"top.close()\"></td>\n",
XP_GetClientStr(DBT_cancel_2));
@@ -707,8 +707,19 @@ int *argc
}
} else {
if ( isvar != -1 ) {
- isvar += LDAP_UTF8COPY(scratch + isvar, string);
- scratch[ isvar ] = '\0';
+ /* check for scratch overflow */
+ if ((strlen(string) + isvar) < sizeof(scratch)) {
+ isvar += LDAP_UTF8COPY(scratch + isvar, string);
+ scratch[ isvar ] = '\0';
+ } else {
+ char msg[BUFSIZ];
+ /* error - buffer overflow */
+ PR_snprintf(msg, sizeof(msg), XP_GetClientStr(DBT_invalidTemplateVarLen),
+ strlen(string), string);
+ template_error(msg);
+ *argc = 0;
+ return NULL;
+ }
} else {
if ( *string == DIRECTIVE_END ) {
break;
diff --git a/ldap/clients/dsgw/ldaputil.c b/ldap/clients/dsgw/ldaputil.c
index d2a396f0..750fee67 100644
--- a/ldap/clients/dsgw/ldaputil.c
+++ b/ldap/clients/dsgw/ldaputil.c
@@ -50,6 +50,7 @@
#include <io.h>
#include <fcntl.h>
#endif
+#include "libadminutil/distadm.h"
static dsgwtmplinfo *init_listdisplay( char *tmplname, unsigned long options );
static int do_search( dsgwtmplinfo *tip, LDAP *ld, char *base, int scope,
@@ -1305,7 +1306,7 @@ uid2dn( LDAP *ld, char *uid, char *base, int *ldaprc, char **lderrtxtp,
*errsp = XP_GetClientStr(DBT_invalidUserIdOrNullLdapHandle_);
return NULL;
}
- PR_snprintf( filtbuf, 85, "uid=%s", uid );
+ PR_snprintf( filtbuf, sizeof(filtbuf), "uid=%s", uid );
if (( rc = ldap_search_s( ld, base, LDAP_SCOPE_SUBTREE, filtbuf,
attrs, 1, &result )) != LDAP_SUCCESS ) {
@@ -1423,10 +1424,10 @@ dsgw_emit_location_popup( LDAP *ld, int argc, char **argv, int erropts )
}
if ( count > 1 ) {
- util_snprintf( line, BIG_LINE, "%s\n<SELECT NAME=\"%s\">\n",
+ util_snprintf( line, sizeof(line), "%s\n<SELECT NAME=\"%s\">\n",
prefix, varname );
} else {
- util_snprintf( line, BIG_LINE, "<INPUT TYPE=\"hidden\" NAME=\"%s\" ",
+ util_snprintf( line, sizeof(line), "<INPUT TYPE=\"hidden\" NAME=\"%s\" ",
varname );
}
dsgw_emits( line );
@@ -1463,7 +1464,7 @@ dsgw_emit_location_popup( LDAP *ld, int argc, char **argv, int erropts )
}
if ( count > 1 ) {
- util_snprintf( line, BIG_LINE, "</SELECT>\n%s\n", suffix );
+ util_snprintf( line, sizeof(line), "</SELECT>\n%s\n", suffix );
dsgw_emits( line );
}
@@ -1500,7 +1501,7 @@ emit_one_loc_dn( char *dn, char *friendlyname, char *rootname, int only_one )
}
}
- util_snprintf( line, BIG_LINE, " VALUE=\"%s\">%s\n", escapeddn,
+ util_snprintf( line, sizeof(line), " VALUE=\"%s\">%s\n", escapeddn,
only_one ? "" : friendlyname );
free( escapeddn );
if ( rdns != NULL ) {
diff --git a/ldap/clients/dsgw/templateindex.c b/ldap/clients/dsgw/templateindex.c
index 40df74f7..80c40c4b 100644
--- a/ldap/clients/dsgw/templateindex.c
+++ b/ldap/clients/dsgw/templateindex.c
@@ -63,11 +63,11 @@ char **ds_get_file_list( char *dir )
if( ( dir == NULL ) || (strlen( dir ) == 0) )
return NULL;
- if( ( ret = malloc( sizeof( char * ) ) ) == NULL )
+ if( ( ret = malloc( sizeof( char * ) * 2 ) ) == NULL )
return NULL;
- strcpy(szWildcardFileSpec, dir);
- strcat(szWildcardFileSpec, "/*");
+ PL_strncpyz(szWildcardFileSpec, dir, sizeof(szWildcardFileSpec));
+ PL_strcatn(szWildcardFileSpec, sizeof(szWildcardFileSpec), "/*");
hFile = _findfirst( szWildcardFileSpec, &fileinfo);
if( hFile == -1 )
diff --git a/ldap/clients/dsgw/tutor.c b/ldap/clients/dsgw/tutor.c
index 6803e470..11b3a564 100644
--- a/ldap/clients/dsgw/tutor.c
+++ b/ldap/clients/dsgw/tutor.c
@@ -124,7 +124,7 @@ void _my_return_html_file(char *filename, char *base) {
*tmp='\0';
dsgw_emitf("<BASE href=\"%s%s/%s\">\n", surl, sn, base);
}
- while( fgets(line, BIG_LINE, html)) {
+ while( fgets(line, sizeof(line), html)) {
dsgw_emits( line );
}
}
@@ -210,7 +210,7 @@ main(
map=fopen(man_index, "r");
if(!map)
goto ohwell;
- while(fgets(line, BIG_LINE, map)) {
+ while(fgets(line, sizeof(line), map)) {
if(line[0]==';')
continue;
else if(ldap_utf8isspace(line))
diff --git a/ldap/clients/orgchart/wrapper.c b/ldap/clients/orgchart/wrapper.c
index 9bd6f398..1ab67b23 100644
--- a/ldap/clients/orgchart/wrapper.c
+++ b/ldap/clients/orgchart/wrapper.c
@@ -62,7 +62,7 @@
#define PATH_MAX 512
#endif
-char *get_perl_file(char *);
+char *get_perl_file(char *, size_t);
/*
@@ -77,7 +77,7 @@ main( int argc, char **argv )
printf("Content-type:text/html;charset=UTF-8\n\n<html>Hi\n");
- get_perl_file(script);
+ get_perl_file(script, sizeof(script)-1);
if (strchr(script, '/') != NULL || strchr(script, '\\') != NULL) {
printf("Paths not allowed. Filenames only.\n");
@@ -94,10 +94,11 @@ main( int argc, char **argv )
}
char *
-get_perl_file(char *script) {
+get_perl_file(char *script, size_t scriptsize) {
char *qs = getenv("QUERY_STRING");
char *p1 = NULL;
char *p2 = NULL;
+ size_t maxsize;
if (qs == NULL || *qs == '\0') {
printf("No QUERY_STRING found\n");
@@ -113,6 +114,8 @@ get_perl_file(char *script) {
for (p2 = p1; *p2 != '\0' && *p2 != '&'; p2++);
- strncpy(script, p1, p2-p1);
- script[p2-p1] = '\0';
+ maxsize = (scriptsize < (p2-p1)) ? scriptsize : (p2-p1);
+
+ PL_strncpyz(script, p1, maxsize);
+ script[maxsize] = '\0';
}
generated by cgit (git 2.34.1) at 2024-10-04 14:32:20 +0000