diff options
93 files changed, 488 insertions, 353 deletions
diff --git a/config/pathsub.h b/config/pathsub.h index aa06a11a..7f2da579 100644 --- a/config/pathsub.h +++ b/config/pathsub.h @@ -61,7 +61,12 @@ extern char *program; -extern void fail(char *format, ...); +extern void fail(char *format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif extern char *getcomponent(char *path, char *name); extern char *ino2name(ino_t ino, char *dir); extern void *xmalloc(size_t size); diff --git a/include/base/ereport.h b/include/base/ereport.h index fe096750..a097a939 100644 --- a/include/base/ereport.h +++ b/include/base/ereport.h @@ -60,7 +60,12 @@ NSPR_BEGIN_EXTERN_C * the current date. */ -NSAPI_PUBLIC int INTereport(int degree, char *fmt, ...); +NSAPI_PUBLIC int INTereport(int degree, char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif NSAPI_PUBLIC int INTereport_v(int degree, char *fmt, va_list args); NSPR_END_EXTERN_C diff --git a/include/base/util.h b/include/base/util.h index fa3614ac..3302a1cf 100644 --- a/include/base/util.h +++ b/include/base/util.h @@ -67,12 +67,22 @@ NSAPI_PUBLIC int INTutil_itoa(int i, char *a); NSAPI_PUBLIC int INTutil_vsprintf(char *s, register const char *fmt, va_list args); -NSAPI_PUBLIC int INTutil_sprintf(char *s, const char *fmt, ...); +NSAPI_PUBLIC int INTutil_sprintf(char *s, const char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif NSAPI_PUBLIC int INTutil_vsnprintf(char *s, int n, register const char *fmt, va_list args); -NSAPI_PUBLIC int INTutil_snprintf(char *s, int n, const char *fmt, ...); +NSAPI_PUBLIC int INTutil_snprintf(char *s, int n, const char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif NSAPI_PUBLIC int INTutil_strftime(char *s, const char *format, const struct tm *t); diff --git a/ldap/admin/src/cfg_sspt.c b/ldap/admin/src/cfg_sspt.c index 7cd85f98..c25c7b97 100644 --- a/ldap/admin/src/cfg_sspt.c +++ b/ldap/admin/src/cfg_sspt.c @@ -239,6 +239,12 @@ is_root_user(const char *name, QUERY_VARS* query) #ifdef CGI_DEBUG #include <stdarg.h> +static void debug_log (const char* file, const char* format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif static void debug_log (const char* file, const char* format, ...) @@ -375,6 +381,12 @@ add_aci(LDAP* ld, char* DN, char* privilege) list of strings to substitute in the format; basically just constructs the correct aci string and passes it to add_aci */ +int add_aci_v(LDAP* ld, char* DN, char* format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif int add_aci_v(LDAP* ld, char* DN, char* format, ...) { diff --git a/ldap/admin/src/create_instance.c b/ldap/admin/src/create_instance.c index f599c299..4f718ae3 100644 --- a/ldap/admin/src/create_instance.c +++ b/ldap/admin/src/create_instance.c @@ -145,6 +145,13 @@ static int init_presence(char *sroot, server_config_s *cf, char *cs_path); #endif static char *make_error(char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif + +static char *make_error(char *fmt, ...) { static char errbuf[ERR_SIZE]; va_list args; @@ -661,6 +668,12 @@ char *chownconfig(char *sroot, char *user) #define chownsearch(a, b) #endif +char *gen_script(char *s_root, char *name, char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif char *gen_script(char *s_root, char *name, char *fmt, ...) { @@ -715,6 +728,12 @@ char *gen_script(char *s_root, char *name, char *fmt, ...) } char *gen_perl_script(char *s_root, char *cs_path, char *name, char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 4, 5))); +#else + ; +#endif +char *gen_perl_script(char *s_root, char *cs_path, char *name, char *fmt, ...) { char myperl[PATH_SIZE]; char fn[PATH_SIZE]; @@ -1356,8 +1375,7 @@ create_scripts(server_config_s *cf, char *param_name) /* ---------------------- Update server script files ---------------------- */ int update_server(server_config_s *cf) { - char line[PATH_SIZE], *t, *sroot = cf->sroot; - char subdir[PATH_SIZE]; + char *t; char error_param[BIG_LINE] = {0}; #if defined( SOLARIS ) diff --git a/ldap/admin/src/ds_remove_uninst.cpp b/ldap/admin/src/ds_remove_uninst.cpp index 79fef790..118c5d55 100644 --- a/ldap/admin/src/ds_remove_uninst.cpp +++ b/ldap/admin/src/ds_remove_uninst.cpp @@ -80,6 +80,13 @@ extern "C" { #include "setupapi.h" #define MAX_STR_SIZE 512 +static void dsLogMessage(const char *level, const char *which, + const char *format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif static InstallLog *installLog = NULL; diff --git a/ldap/admin/src/init_ds_env.c b/ldap/admin/src/init_ds_env.c index f291041c..c4a1ce49 100644 --- a/ldap/admin/src/init_ds_env.c +++ b/ldap/admin/src/init_ds_env.c @@ -48,6 +48,7 @@ #include "libadminutil/distadm.h" #include "init_ds_env.h" #include "dsalib.h" +#include "prprf.h" int init_ds_env() { diff --git a/ldap/admin/src/instindex.cpp b/ldap/admin/src/instindex.cpp index 6821ec8a..83ebe45a 100644 --- a/ldap/admin/src/instindex.cpp +++ b/ldap/admin/src/instindex.cpp @@ -55,7 +55,7 @@ #include <string.h> /* --------------------------------- main --------------------------------- */ - +#if NEEDED_FOR_DEBUGGING static void printInfo(int argc, char *argv[], char *envp[], FILE* fp) { @@ -76,6 +76,7 @@ printInfo(int argc, char *argv[], char *envp[], FILE* fp) fprintf(fp, "#####################################\n"); } +#endif #if defined (__hpux) && defined (__ia64) int main(int argc, char *argv[], char *envp[]) diff --git a/ldap/clients/dsgw/cgiutil.c b/ldap/clients/dsgw/cgiutil.c index 85437cf9..965a28f9 100644 --- a/ldap/clients/dsgw/cgiutil.c +++ b/ldap/clients/dsgw/cgiutil.c @@ -236,7 +236,7 @@ dsgw_get_cgi_var(char *varname, int required) if ( required == DSGW_CGIVAR_REQUIRED && ans == NULL ) { char errbuf[ 256 ]; - PR_snprintf( errbuf, 256, + PR_snprintf( errbuf, sizeof(errbuf), XP_GetClientStr(DBT_missingFormDataElement100s_), varname ); dsgw_error( DSGW_ERR_BADFORMDATA, errbuf, DSGW_ERROPT_EXIT, 0, NULL ); } @@ -325,21 +325,24 @@ dsgw_string_to_vec(char *in) vars++; ans = (char **) dsgw_ch_malloc((sizeof(char *)) * (vars+1)); - - x=0; - /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */ - tmp = strtok(in, "&"); - ans[x]=dsgw_ch_strdup(tmp); - dsgw_form_unescape(ans[x++]); - - while((tmp = strtok(NULL, "&"))) { - if ( strchr( tmp, '=' ) == NULL ) { - break; + if (ans) { + x=0; + /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */ + tmp = strtok(in, "&"); + if (tmp && *tmp && strchr(tmp, '=')) { + ans[x]=dsgw_ch_strdup(tmp); + dsgw_form_unescape(ans[x++]); + + while((x <= vars) && (tmp = strtok(NULL, "&"))) { + if ( strchr( tmp, '=' ) == NULL ) { + break; + } + ans[x] = dsgw_ch_strdup(tmp); + dsgw_form_unescape(ans[x++]); + } + } + ans[x] = NULL; } - ans[x] = dsgw_ch_strdup(tmp); - dsgw_form_unescape(ans[x++]); - } - ans[x] = NULL; return(ans); } diff --git a/ldap/clients/dsgw/ckdel.c b/ldap/clients/dsgw/ckdel.c index fa785f4d..596499b4 100644 --- a/ldap/clients/dsgw/ckdel.c +++ b/ldap/clients/dsgw/ckdel.c @@ -45,12 +45,16 @@ main( int argc, char **argv) { char cookie[ 512 ]; + char *ptr; int rc; printf( "Remove an entry to the cookie database\n" ); printf( "cookie: " ); - gets( cookie ); + fgets( cookie, sizeof(cookie), stdin ); + if (ptr = strchr(cookie, '\n')) { + *ptr = 0; + } rc = dsgw_delcookie( cookie ); if ( rc == 0 ) { diff --git a/ldap/clients/dsgw/ckdump.c b/ldap/clients/dsgw/ckdump.c index 5975ed5a..7b0cc54d 100644 --- a/ldap/clients/dsgw/ckdump.c +++ b/ldap/clients/dsgw/ckdump.c @@ -44,12 +44,6 @@ main() { - char *p; - time_t expires; - char dn[ 512 ]; - char pw[ 512 ]; - char expsec[ 512 ]; - #ifdef notdef /* this was some testing code... */ { char *ck, *r, *d, *p; diff --git a/ldap/clients/dsgw/ckget.c b/ldap/clients/dsgw/ckget.c index 6a01aabd..df48500e 100644 --- a/ldap/clients/dsgw/ckget.c +++ b/ldap/clients/dsgw/ckget.c @@ -55,9 +55,15 @@ main() printf( "Retrieve an entry from the cookie database\n" ); printf( "cookie: " ); - gets( cookie ); + fgets( cookie, sizeof(cookie), stdin ); + if (p = strchr(cookie, '\n')) { + *p = 0; + } printf( "dn: " ); - gets( dn ); + fgets( dn, sizeof(dn), stdin ); + if (p = strchr(dn, '\n')) { + *p = 0; + } rc = dsgw_ckdn2passwd( cookie, dn, &pw ); if ( rc == 0 ) { diff --git a/ldap/clients/dsgw/ckpurge.c b/ldap/clients/dsgw/ckpurge.c index cc40037c..1f9bc30f 100644 --- a/ldap/clients/dsgw/ckpurge.c +++ b/ldap/clients/dsgw/ckpurge.c @@ -44,11 +44,6 @@ main() { - char *p; - time_t expires; - char dn[ 512 ]; - char pw[ 512 ]; - char expsec[ 512 ]; int np = 0; time_t last; FILE *fp; diff --git a/ldap/clients/dsgw/ckput.c b/ldap/clients/dsgw/ckput.c index ebf5c2cc..42baf85f 100644 --- a/ldap/clients/dsgw/ckput.c +++ b/ldap/clients/dsgw/ckput.c @@ -59,17 +59,18 @@ main( int argc, char **argv) SEC_RNGInit(); SEC_SystemInfoForRNG(); + dn[0] = pw[0] = lifesec[0] = 0; if ( argc > 1 ) { while (( c = getopt( argc, argv, "d:l:p:" )) != EOF ) { switch ( c ) { case 'd': - strcpy( dn, optarg ); + PL_strncpyz( dn, optarg, sizeof(dn) ); break; case 'l': - strcpy( lifesec, optarg ); + PL_strncpyz( lifesec, optarg, sizeof(lifesec) ); break; case 'p': - strcpy( pw, optarg ); + PL_strncpyz( pw, optarg, sizeof(pw) ); break; } } @@ -77,11 +78,20 @@ main( int argc, char **argv) if ( strlen( dn ) == 0 || strlen( pw ) == 0 || strlen( lifesec ) == 0 ) { printf( "dn: " ); - gets( dn ); + fgets( dn, sizeof(dn), stdin ); + if (p = strchr(dn, '\n')) { + *p = 0; + } printf( "passwd: " ); - gets( pw ); + fgets( pw, sizeof(pw), stdin ); + if (p = strchr(pw, '\n')) { + *p = 0; + } printf( "expires in how many seconds? " ); - gets( lifesec ); + fgets( lifesec, sizeof(lifesec), stdin ); + if (p = strchr(lifesec, '\n')) { + *p = 0; + } } lifetime = atol( lifesec ); diff --git a/ldap/clients/dsgw/config.c b/ldap/clients/dsgw/config.c index 3cd0e73d..346f91f9 100644 --- a/ldap/clients/dsgw/config.c +++ b/ldap/clients/dsgw/config.c @@ -298,22 +298,6 @@ dsgw_read_config() read_dsgwconfig( fname, NULL, gc->gc_admserv, 0 ); free( fname ); -#if 0 - /* if necessary, try to set path to certificate database */ -#ifndef DSGW_NO_SSL - if ( gc->gc_ldapssl && gc->gc_securitypath == NULL ) { - if ( gc->gc_admserv ) { - if (( p = get_nsadm_var( "CertFile" )) != NULL ) { - gc->gc_securitypath = dsgw_ch_malloc( strlen( p ) + 4 ); - sprintf( gc->gc_securitypath, "%s.db", p ); - } - } else { - gc->gc_securitypath = DSGW_DEFSECURITYPATH; - } - } -#endif -#endif - if ( browser_ignores_acceptcharset() ) { set_dsgwcharset(); } else { @@ -379,7 +363,7 @@ read_dsgwconfig( char *filename, char *locsuffix, int templatesonly, int binddnf if ( strstr( filename, "dsgw-l10n.conf" ) != NULL ) { return; /* ignore if it's dsgw-l10n.conf */ } - PR_snprintf( buf, MAXPATHLEN + 100, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_cannotOpenConfigFileSN_), filename ); dsgw_error( DSGW_ERR_BADCONFIG, buf, DSGW_ERROPT_EXIT, 0, NULL ); } @@ -978,7 +962,7 @@ app_suffix (char *ldif, char *suffix) return; } - PR_snprintf( tmpldif, 128, "%s.tmp", ldif); + PR_snprintf( tmpldif, sizeof(tmpldif), "%s.tmp", ldif); if ( (newfp = fopen( tmpldif, "w" )) == NULL ) { dsgw_emitf (XP_GetClientStr(DBT_AppSuffixCouldNotOpenTmpFileSN_), ldif); @@ -1199,7 +1183,7 @@ dsgw_update_dbswitch( dsgwconfig *cfgp, char *dbhandle, int erropts ) } /* read old dbswitch.conf contents */ - PR_snprintf( oldfname, MAXPATHLEN, "%s/%s", userdb_path, + PR_snprintf( oldfname, sizeof(oldfname), "%s/%s", userdb_path, DSGW_DBSWITCH_FILE ); if (( rc = dbconf_read_config_file( oldfname, &cip )) != LDAPU_SUCCESS ) { report_ldapu_error( rc, DSGW_ERR_BADCONFIG, erropts ); @@ -1207,10 +1191,10 @@ dsgw_update_dbswitch( dsgwconfig *cfgp, char *dbhandle, int erropts ) } /* write db info to new file, replacing information for "dbhandle" */ - PR_snprintf( newfname, MAXPATHLEN, "%s/%s", userdb_path, + PR_snprintf( newfname, sizeof(newfname), "%s/%s", userdb_path, DSGW_DBSWITCH_TMPFILE ); if (( newfp = fopen( newfname, "w" )) == NULL ) { - PR_snprintf( buf, MAXPATHLEN + 100, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_cannotOpenConfigFileSForWritingN_), newfname ); dsgw_error( DSGW_ERR_UPDATE_DBSWITCH, buf, erropts, 0, NULL ); return( -1 ); @@ -1693,7 +1677,7 @@ fp_parse_line( for ( token = strtok_quote( line, " \t" ); token != NULL; token = strtok_quote( NULL, " \t" ) ) { if ( *argcp == MAXARGS ) { - PR_snprintf( buf, 20, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_maxD_), MAXARGS ); dsgw_error( DSGW_ERR_CONFIGTOOMANYARGS, buf, DSGW_ERROPT_EXIT, 0, NULL ); diff --git a/ldap/clients/dsgw/cookie.c b/ldap/clients/dsgw/cookie.c index 028dd1a9..681d10e2 100644 --- a/ldap/clients/dsgw/cookie.c +++ b/ldap/clients/dsgw/cookie.c @@ -144,8 +144,8 @@ dsgw_mkrndstr() PK11_ConfigurePKCS11(NULL, NULL, tokDes, ptokDes, NULL, NULL, NULL, NULL, 0, 0 ); /*NSS_NoDB_Init(NULL);*/ dsgw_initNSS(); - PK11_GenerateRandom(buf, RNDBUFLEN); - return( buf2str( buf, RNDBUFLEN )); + PK11_GenerateRandom(buf, sizeof(buf)); + return( buf2str( buf, sizeof(buf) )); } @@ -162,7 +162,7 @@ dsgw_opencookiedb() #define F_OK 0 #endif #endif - sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context); + PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context); if ( access( cdb, F_OK ) == 0 ) { fp = fopen( cdb, "r+" ); @@ -253,7 +253,7 @@ dsgw_ckdn2passwd( char *rndstr, char *dn, char **ret_pw ) } for (;;) { - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { dsgw_closecookiedb( fp ); #ifdef DSGW_DEBUG dsgw_log( "dsgw_ckdn2passwd: cookie <%s> not found in db\n", @@ -433,14 +433,14 @@ dsgw_delcookie( char *cookie ) if (( fp = dsgw_opencookiedb()) == NULL ) { return -1; } - fgets( buf, CKBUFSIZ, fp ); + fgets( buf, sizeof(buf), fp ); if ( strncmp( buf, "lastpurge:", 10 )) { dsgw_closecookiedb( fp ); return -1; } rc = DSGW_CKDB_KEY_NOT_PRESENT; for (;;) { - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { break; } if ( strncmp( buf, rndstr, CKLEN )) { @@ -513,7 +513,7 @@ dsgw_getlastpurged( FILE *fp ) pos = ftell( fp ); fseek( fp, 0L, SEEK_SET ); - fgets( buf, CKBUFSIZ, fp ); + fgets( buf, sizeof(buf), fp ); if ( strncmp( buf, "lastpurge:", 10 )) { ret = (time_t) 0L; } else { @@ -553,7 +553,7 @@ dsgw_purgedatabase( char *dn ) size_t csize; /* current size of file */ char cdb[MAXPATHLEN]; /*DSGW_COOKIEDB_FNAME + context*/ - sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context); + PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context); if (( fp = dsgw_opencookiedb()) == NULL ) { return -1; @@ -576,10 +576,11 @@ dsgw_purgedatabase( char *dn ) char *p; char *dbdn; int nukeit; + size_t maxlen = sizeof(expbuf); nukeit = 0; - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { break; } if ( strncmp( buf, "lastpurge:", 10 ) == 0 ) { @@ -596,8 +597,13 @@ dsgw_purgedatabase( char *dn ) dsgw_closecookiedb( fp ); return -1; } - strncpy( expbuf, exp, p - exp ); - expbuf[ p - exp ] = '\0'; + if ((p - exp) < maxlen) { + maxlen = p - exp; + } else { + maxlen--; /* need a length, not a count */ + } + strncpy( expbuf, exp, maxlen ); + expbuf[ maxlen ] = '\0'; time( &now ); /* Get the entry's DN */ @@ -678,7 +684,7 @@ dsgw_traverse_db() return; } - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { dsgw_closecookiedb( fp ); printf( "Cookie database is empty (no lastpurge line)\n" ); return; @@ -686,8 +692,9 @@ dsgw_traverse_db() puts( buf ); for (;;) { + size_t maxlen = sizeof(expbuf); char *p; - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { dsgw_closecookiedb( fp ); printf( "%d entries, %d expired\n", total, expired ); return; @@ -702,8 +709,13 @@ dsgw_traverse_db() return; } printf( "%s", buf ); - strncpy( expbuf, exp, p - exp + 1 ); - expbuf[ p - exp + 1 ] = '\0'; + if ((p - exp + 1) < maxlen) { + maxlen = p - exp + 1; + } else { + maxlen--; /* need a length, not a count */ + } + strncpy( expbuf, exp, maxlen ); + expbuf[ maxlen ] = '\0'; time( &now ); total++; if ( now > atol( expbuf )) { @@ -752,6 +764,7 @@ dsgw_mkcookie( char *dn, char *password, time_t lifetime, int *err ) return NULL; } + /* richm: replace with PR_smprintf */ ckbuf = dsgw_ch_malloc( strlen( DSGW_CKHDR ) + strlen( r ) + strlen( edn ) + strlen( DSGW_AUTHCKNAME ) + 2 + 20 ); ckbuf[ 0 ] = '\0'; @@ -770,26 +783,6 @@ dsgw_mkcookie( char *dn, char *password, time_t lifetime, int *err ) -#if 0 -/* - * Given a time_t, return a GMTString representation of that time. - */ -char * -dsgw_t2gmts( time_t cktime ) -{ - time_t tnl; - struct tm *pt; -#define TBUFSIZE 40 - char tbuf[ TBUFSIZE ]; - - tnl = time( NULL ); - pt = gmtime( &tnl ); - (void)strftime( tbuf, (size_t)TBUFSIZE, "%A, %d-%b-%y %T GMT", pt); - return( dsgw_ch_strdup( tbuf )); -} -#endif - - /* * Password obfuscation, etc. * There is no real security here -- we just encrypt using a hard-coded key. diff --git a/ldap/clients/dsgw/dbtdsgw.h b/ldap/clients/dsgw/dbtdsgw.h index 78546b64..9a7a01ea 100644 --- a/ldap/clients/dsgw/dbtdsgw.h +++ b/ldap/clients/dsgw/dbtdsgw.h @@ -463,5 +463,6 @@ BEGIN_STR(dsgw) ResDef( DBT_missingArgumentForOrgChartURLDirectiv_, 412, "Missing argument for \"url-orgchart-base\" directive\n" )/*extracted from config.c*/ ResDef( DBT_missingArgumentForOrgChartSearchAttr_ , 413, "Missing argument for \"orgchart-attrib-farleft-rdn\" directive\n" )/*extracted from config.c*/ ResDef( DBT_theCharsetIsNotSupported , 414, "The charset is not supported\n" ) + ResDef( DBT_invalidTemplateVarLen, 415, "The string length %d of template variable \"%s\" is too long\n" ) END_STR(dsgw) diff --git a/ldap/clients/dsgw/domodify.c b/ldap/clients/dsgw/domodify.c index 0d935f01..6ff48403 100644 --- a/ldap/clients/dsgw/domodify.c +++ b/ldap/clients/dsgw/domodify.c @@ -153,7 +153,7 @@ post_request() } if ( !quiet ) { - PR_snprintf( buf, 256, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_SDirectoryEntry_), changedesc ); dsgw_html_begin( buf, 1 ); } else { @@ -413,7 +413,7 @@ static int entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp ) { int lderr, i, j, opoffset, modop, mls, unique, unchanged_count; - char *varname, *varvalue, *retval, *attr, *p, **vals, **unchanged_attrs; + char *varname, *varvalue, *attr, *p, **vals, **unchanged_attrs; char *ntuserid = NULL; LDAPMod **pmods; diff --git a/ldap/clients/dsgw/dsexpldif.c b/ldap/clients/dsgw/dsexpldif.c index 79c0cdf3..66d0b040 100644 --- a/ldap/clients/dsgw/dsexpldif.c +++ b/ldap/clients/dsgw/dsexpldif.c @@ -124,14 +124,14 @@ handle_post() if (gc->gc_localdbconf == NULL) { /* remote */ - PR_snprintf (cmd, BIG_LINE, + PR_snprintf (cmd, sizeof(cmd), "./%s -b \"%s\" -h %s -p %d \"objectclass=*\" > %s 2> %s", DSGW_LDAPSEARCH, gc->gc_ldapsearchbase, gc->gc_ldapserver, gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE); } else { /* local database */ - PR_snprintf (cmd, BIG_LINE, + PR_snprintf (cmd, sizeof(cmd), "./%s -b \"\" -C %s \"objectclass=*\" > %s 2> %s", DSGW_LDAPSEARCH, gc->gc_localdbconf, ldiffile, DSGW_NULL_DEVICE); } diff --git a/ldap/clients/dsgw/dsgw.h b/ldap/clients/dsgw/dsgw.h index a35d2fb7..cbffeec8 100644 --- a/ldap/clients/dsgw/dsgw.h +++ b/ldap/clients/dsgw/dsgw.h @@ -825,7 +825,12 @@ void dsgw_remove_leading_and_trailing_spaces( char **sp ); int dsgw_parse_cookie( char *cookie, char **rndstr, char **dn ); char *dsgw_getvp( int cginum ); #ifdef DSGW_DEBUG -void dsgw_log( char *fmt, ... ); +void dsgw_log( char *fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif void dsgw_logstringarray( char *arrayname, char **strs ); void dsgw_log_out (const char* s, size_t n); #else @@ -875,16 +880,36 @@ void dsgw_html_href( char *urlprefix, char *url, char *label, char *value, void dsgw_strcat_escaped( char *s1, const char *s2 ); char *dsgw_strdup_escaped( const char *s ); void dsgw_substitute_and_output( char *s, char *tag, char *value, int escape ); -void dsgw_form_begin( const char* name, const char* format, ... ); +void dsgw_form_begin( const char* name, const char* format, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif char *dsgw_strdup_with_entities( char *s, int *madecopyp ); void dsgw_HTML_emits( char * ); void dsgw_emit_cgi_var( int argc, char **argv ); -void dsgw_emit_button( int argc, char **argv, const char* format, ... ); +void dsgw_emit_button( int argc, char **argv, const char* format, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif void dsgw_emit_alertForm(); -void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... ); +void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif void dsgw_emit_confirmForm(); void dsgw_emit_confirm( const char* frame, const char* yes, const char* no, - const char* windowOptions, int enquote, const char* fmt, ... ); + const char* windowOptions, int enquote, const char* fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 6, 7))); +#else + ; +#endif /* * in htmlparse.c: @@ -983,7 +1008,12 @@ void dsgw_emit_auth_dest( char *binddn, char* authdesturl ); * in emitf.c */ int dsgw_emits (const char* s); /* like fputs(s, stdout) */ -int dsgw_emitf (const char* format, ...); /* like printf */ +int dsgw_emitf (const char* format, ...) /* like printf */ +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif int dsgw_emitfv (const char* format, va_list argl); char* dsgw_emit_converts_to (char* charset); int is_UTF_8 (const char* charset); @@ -995,7 +1025,12 @@ size_t dsgw_fputn (FILE*, const char* buf, size_t len); void dsgw_quotation_begin (int kind); void dsgw_quotation_end(); int dsgw_quote_emits (int kind, const char* s); -int dsgw_quote_emitf (int kind, const char* format, ...); +int dsgw_quote_emitf (int kind, const char* format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif /* * in collate.c diff --git a/ldap/clients/dsgw/dsgwutil.c b/ldap/clients/dsgw/dsgwutil.c index afb16f74..a353f041 100644 --- a/ldap/clients/dsgw/dsgwutil.c +++ b/ldap/clients/dsgw/dsgwutil.c @@ -927,7 +927,7 @@ dsgw_get_tmp_log_dir() #endif install_dir = getenv("NETSITE_ROOT"); if (install_dir != NULL) { - sprintf(tmp_log, "%s/tmp/dsgw", install_dir); + PR_snprintf(tmp_log, sizeof(tmp_log), "%s/tmp/dsgw", install_dir); #if defined( XP_WIN32 ) for(ilen=0; ilen < strlen(tmp_log); ilen++) { @@ -937,15 +937,15 @@ dsgw_get_tmp_log_dir() #endif /* XP_WIN32 */ } else { #if defined( XP_WIN32 ) - ilen = strlen(tmp_dir); GetTempPath( ilen+1, tmp_dir ); + ilen = strlen(tmp_dir); /* Remove trailing slash. */ pch = tmp_dir[ilen-1]; if( pch == '\\' || pch == '/' ) tmp_dir[ilen-1] = '\0'; - sprintf(tmp_log, "%s\\DSGW", tmp_dir); + PR_snprintf(tmp_log, sizeof(tmp_log), "%s\\DSGW", tmp_dir); #else - sprintf(tmp_log, "/tmp/dsgw"); + PR_snprintf(tmp_log, sizeof(tmp_log), "/tmp/dsgw"); #endif } return tmp_log; @@ -964,7 +964,7 @@ dsgw_log_out (const char* s, size_t n) #else "%s/%.50s.out"; #endif - PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname ); + PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname ); log_out_fp = fopen( fname, "w" ); } if (log_out_fp != NULL) { @@ -996,14 +996,14 @@ dsgw_log( char *fmt, ... ) #else "%s/%.50s"; #endif - PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname ); + PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname ); if (( logfp = fopen( fname, "a+" )) == NULL ) { return; } } - memcpy( timebuf, ctime( &t ), 19 ); - timebuf[ 19 ] = '\0'; + memcpy( timebuf, ctime( &t ), sizeof(timebuf)-1 ); + timebuf[ sizeof(timebuf)-1 ] = '\0'; fprintf( logfp, "%s %s: ", timebuf, progname ); va_start( ap, fmt ); @@ -1327,7 +1327,7 @@ AcceptLangList(const char* AcceptLanguage, } } for ( i=0 ; i<countLang ; i++ ) { - strcpy(AcceptLanguageList[i],ptrLanguage[i]); + PL_strncpyz(AcceptLanguageList[i],ptrLanguage[i],sizeof(AcceptLanguageList[i])); } } else { @@ -1336,7 +1336,7 @@ AcceptLangList(const char* AcceptLanguage, cPtr = strtok(input,","); while (cPtr) { if (strlen(cPtr)<MAX_ACCEPT_LENGTH) { /* ignore if too long */ - strcpy(AcceptLanguageList[countLang++],cPtr); + PL_strncpyz(AcceptLanguageList[countLang++],cPtr,sizeof(AcceptLanguageList[i])); if (countLang>=MAX_ACCEPT_LANGUAGE) break; /* quit if too many */ } cPtr = strtok(NULL,","); diff --git a/ldap/clients/dsgw/dsimpldif.c b/ldap/clients/dsgw/dsimpldif.c index cceb7083..407fa662 100644 --- a/ldap/clients/dsgw/dsimpldif.c +++ b/ldap/clients/dsgw/dsimpldif.c @@ -148,17 +148,17 @@ handle_post() if (gc->gc_localdbconf == NULL) { /* remote */ - PR_snprintf (cmd, BIG_LINE, "./%s -a %s -h %s -p %d -f %s > %s 2>&1", + PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -h %s -p %d -f %s > %s 2>&1", DSGW_LDAPMODIFY, stop?"":"-c",gc->gc_ldapserver, gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE); } else { /* local database */ - PR_snprintf (cmd, BIG_LINE, "./%s -a %s -C %s -f %s > %s 2>&1", + PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -C %s -f %s > %s 2>&1", DSGW_LDAPMODIFY, stop?"":"-c", gc->gc_localdbconf, ldiffile, DSGW_NULL_DEVICE); } - PR_snprintf (path, BIG_LINE, "%s%s", userdb_path, DSGW_TOOLSDIR); + PR_snprintf (path, sizeof(path), "%s%s", userdb_path, DSGW_TOOLSDIR); chdir ( path ); fflush (stdout); if (system (cmd) == 0) { diff --git a/ldap/clients/dsgw/emitf.c b/ldap/clients/dsgw/emitf.c index a1f85dde..a6352821 100644 --- a/ldap/clients/dsgw/emitf.c +++ b/ldap/clients/dsgw/emitf.c @@ -188,12 +188,12 @@ dsgw_vxprintf (dsgw_producer produce, void* parm, char deffmt[DEFFMTC]; char* fmt = deffmt; - size_t fmtc = DEFFMTC; + size_t fmtc = sizeof(deffmt); const char* next; const char* f; - char buf [1024]; + char buf [1024] = {0}; int i; i = count_slots (format); @@ -396,33 +396,33 @@ dsgw_vxprintf (dsgw_producer produce, void* parm, } /* produce a single argument */ switch (islot->type) { - case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break; - case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break; - case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break; - case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break; - case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break; - case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break; - case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break; + case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break; + case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break; + case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break; + case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break; + case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break; + case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break; + case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break; case TYPE_WIDTH: case TYPE_PRECISION: switch ((++islot)->type) { - case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break; - case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break; - case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break; - case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break; - case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break; - case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break; - case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break; + case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break; + case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break; + case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break; + case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break; + case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break; + case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break; + case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break; case TYPE_WIDTH: case TYPE_PRECISION: switch ((++islot)->type) { - case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break; - case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break; - case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break; - case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break; - case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break; - case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break; - case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break; + case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break; + case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break; + case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break; + case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break; + case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break; + case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break; + case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break; case TYPE_WIDTH: case TYPE_PRECISION: goto bail; /* how did this happen? */ case TYPE_PERCENT: @@ -647,7 +647,7 @@ dsgw_emitn (void* parm, const char* s, size_t n) s += slen; /* advance pointer to next unconverted chars */ /* convert as many chars from s as will fit in buf */ result = dsgw_convert(DSGW_FROM_UTF8, emit_converter, - &bufptr, CONVERT_BUFSIZE, &len, + &bufptr, sizeof(buf), &len, s, n, &slen, &err); /* write the converted chars to the output */ n = dsgw_emitq ((FILE*)parm, buf, len); @@ -661,34 +661,6 @@ dsgw_emitn (void* parm, const char* s, size_t n) return parm; } -#if 0 -static void -dsgw_convert (void* parm, const char* s, size_t n) - /* Transform the output, in a visually distinctive way. - This function is intended for testing, only. - */ -{ - while (parm && n > 0) { - const size_t len = LDAP_UTF8LEN(s); - if (len == 1 && *s >= '!' && *s <= '~') { /* ASCII */ - /* output the double-width variant of this character */ - unsigned c = (unsigned)*s - '!' + 0xFF01; - unsigned char buf[3]; - buf[2] = 0x80 | (c & 0x3F); c >>= 6; - buf[1] = 0x80 | (c & 0x3F); c >>= 6; - buf[0] = 0xE0 | (c & 0x0F); - parm = dsgw_emitn (parm, (char*)buf, 3); - } else { - parm = dsgw_emitn (parm, s, len); - } - if (parm) { - n -= len; - s += len; - } - } -} -#endif - int dsgw_emits (const char* s) /* This function works like fputs(s, stdout), except it diff --git a/ldap/clients/dsgw/entrydisplay.c b/ldap/clients/dsgw/entrydisplay.c index 3a1bbb29..506044b5 100644 --- a/ldap/clients/dsgw/entrydisplay.c +++ b/ldap/clients/dsgw/entrydisplay.c @@ -239,7 +239,9 @@ static void dsgw_value_free( void **ldvals, int binary ) ; static char *dsgw_time(time_t secs_since_1970); /* attribute syntax handler routines */ +#if NEEDED_FOR_DEBUGGING static void ntdomain_display( struct dsgw_attrdispinfo *adip ); +#endif static void ntuserid_display( struct dsgw_attrdispinfo *adip ); static void str_display( struct dsgw_attrdispinfo *adip ); static void str_edit( struct dsgw_attrdispinfo *adip ); @@ -1623,10 +1625,10 @@ binvalue_display( struct dsgw_attrdispinfo *adip ) memcpy( &iValue, bin_data.bv_val, sizeof( iValue ) ); if(( adip->adi_opts & DSGW_ATTROPT_DECIMAL ) != 0 ) - PR_snprintf( szFormat, 512, "%%lu" ); + PR_snprintf( szFormat, sizeof(szFormat), "%%lu" ); else - PR_snprintf( szFormat, 512, "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 ); - PR_snprintf( szFlags, 512, szFormat, iValue ); + PR_snprintf( szFormat, sizeof(szFormat), "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 ); + PR_snprintf( szFlags, sizeof(szFlags), szFormat, iValue ); fputs( szFlags, stdout ); @@ -1639,6 +1641,7 @@ binvalue_display( struct dsgw_attrdispinfo *adip ) } } +#if NEEDED_FOR_DEBUGGING /* * display handler for NT Domain Identifier string */ @@ -1671,7 +1674,7 @@ ntdomain_display( struct dsgw_attrdispinfo *adip ) } } - +#endif /* @@ -3222,7 +3225,7 @@ dsgw_time(time_t secs_since_1970) } /* convert to utf8 */ - u_strToUTF8(obuf, BSIZ, NULL, dstr0, myStrlen, &err); + u_strToUTF8(obuf, sizeof(obuf), NULL, dstr0, myStrlen, &err); if (err != U_ZERO_ERROR) { dsgw_error( DSGW_ERR_LDAPGENERAL, NULL, DSGW_ERROPT_EXIT, err, NULL ); diff --git a/ldap/clients/dsgw/htmlparse.c b/ldap/clients/dsgw/htmlparse.c index 3b0007fc..9aa2567f 100644 --- a/ldap/clients/dsgw/htmlparse.c +++ b/ldap/clients/dsgw/htmlparse.c @@ -202,14 +202,14 @@ void *condarg } else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT && !strcmp(templates[ index ].name + 1, "CONTEXT ")) { char line[ BIG_LINE ]; - PR_snprintf( line, BIG_LINE, templates[ index ].format, context); + PR_snprintf( line, sizeof(line), templates[ index ].format, context); dsgw_emits( line ); } else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT ) { /* I just can't believe there's no easy way to create * a va_list. */ char line[ BIG_LINE ]; - PR_snprintf( line, BIG_LINE, templates[ index ].format, + PR_snprintf( line, sizeof(line), templates[ index ].format, ( *argc > 0 && vars[ 0 ] != NULL ) ? vars[ 0 ]: "", ( *argc > 1 && vars[ 1 ] != NULL ) ? vars[ 1 ]: "", ( *argc > 2 && vars[ 2 ] != NULL ) ? vars[ 2 ]: "", @@ -377,14 +377,14 @@ dsgw_pageheader(int argc, char **argv) dsgw_emits("<center><table border=2 width=100%%>\n"); - util_snprintf(line, BIG_LINE, "<tr>"); + util_snprintf(line, sizeof(line), "<tr>"); dsgw_emits(line); - util_snprintf(line, BIG_LINE, "<td align=center width=100%%>"); + util_snprintf(line, sizeof(line), "<td align=center width=100%%>"); dsgw_emits(line); - util_snprintf(line, BIG_LINE, "<hr size=0 width=0>"); + util_snprintf(line, sizeof(line), "<hr size=0 width=0>"); dsgw_emits(line); - util_snprintf(line, BIG_LINE, "<FONT size=+2><b>%s</b></FONT>" + util_snprintf(line, sizeof(line), "<FONT size=+2><b>%s</b></FONT>" "<hr size=0 width=0>" "</th>", ( argc > 0 ) ? argv[0] : "" ); dsgw_emits(line); @@ -399,7 +399,7 @@ dsgw_title( int argc, char **argv) char line[BIG_LINE]; dsgw_emits("<HTML>"); dsgw_head_begin(); - util_snprintf(line, BIG_LINE, "\n<TITLE>%s</TITLE></HEAD>\n" + util_snprintf(line, sizeof(line), "\n<TITLE>%s</TITLE></HEAD>\n" "<BODY %s>\n", ( argc > 0 ) ? argv[0] : "", dsgw_html_body_colors ); dsgw_emits(line); } @@ -411,10 +411,10 @@ dsgw_body( int argc, char **argv) char line[BIG_LINE]; if ( argc > 0 ) { - util_snprintf(line, BIG_LINE, "<BODY %s %s>\n", dsgw_html_body_colors, + util_snprintf(line, sizeof(line), "<BODY %s %s>\n", dsgw_html_body_colors, ( argc > 0 ) ? argv[0] : "" ); } else { - util_snprintf(line, BIG_LINE, "<BODY %s>\n", dsgw_html_body_colors ); + util_snprintf(line, sizeof(line), "<BODY %s>\n", dsgw_html_body_colors ); } dsgw_emits(line); @@ -451,14 +451,14 @@ dsgw_submit(int verify, char **vars) if(!verify) { char outstr[256]; - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=submit value=\"%s\">" "</td>\n", XP_GetClientStr(DBT_ok_1)); dsgw_emits(outstr); } else { char outstr[256]; - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=button value=\"%s\" " "onclick=\"verify(this.form)\">" "</td>\n", @@ -467,7 +467,7 @@ dsgw_submit(int verify, char **vars) } { char outstr[256]; - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=reset value=\"%s\"></td>\n", XP_GetClientStr(DBT_reset_)); dsgw_emits(outstr); @@ -489,12 +489,12 @@ dsgw_dialogsubmit(void) dsgw_emits("<center><table border=2 width=100%%><tr>"); - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=submit value=\"%s\">" "</td>\n", XP_GetClientStr(DBT_done_)); dsgw_emits(outstr); - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=button value=\"%s\" " "onClick=\"top.close()\"></td>\n", XP_GetClientStr(DBT_cancel_2)); @@ -707,8 +707,19 @@ int *argc } } else { if ( isvar != -1 ) { - isvar += LDAP_UTF8COPY(scratch + isvar, string); - scratch[ isvar ] = '\0'; + /* check for scratch overflow */ + if ((strlen(string) + isvar) < sizeof(scratch)) { + isvar += LDAP_UTF8COPY(scratch + isvar, string); + scratch[ isvar ] = '\0'; + } else { + char msg[BUFSIZ]; + /* error - buffer overflow */ + PR_snprintf(msg, sizeof(msg), XP_GetClientStr(DBT_invalidTemplateVarLen), + strlen(string), string); + template_error(msg); + *argc = 0; + return NULL; + } } else { if ( *string == DIRECTIVE_END ) { break; diff --git a/ldap/clients/dsgw/ldaputil.c b/ldap/clients/dsgw/ldaputil.c index d2a396f0..750fee67 100644 --- a/ldap/clients/dsgw/ldaputil.c +++ b/ldap/clients/dsgw/ldaputil.c @@ -50,6 +50,7 @@ #include <io.h> #include <fcntl.h> #endif +#include "libadminutil/distadm.h" static dsgwtmplinfo *init_listdisplay( char *tmplname, unsigned long options ); static int do_search( dsgwtmplinfo *tip, LDAP *ld, char *base, int scope, @@ -1305,7 +1306,7 @@ uid2dn( LDAP *ld, char *uid, char *base, int *ldaprc, char **lderrtxtp, *errsp = XP_GetClientStr(DBT_invalidUserIdOrNullLdapHandle_); return NULL; } - PR_snprintf( filtbuf, 85, "uid=%s", uid ); + PR_snprintf( filtbuf, sizeof(filtbuf), "uid=%s", uid ); if (( rc = ldap_search_s( ld, base, LDAP_SCOPE_SUBTREE, filtbuf, attrs, 1, &result )) != LDAP_SUCCESS ) { @@ -1423,10 +1424,10 @@ dsgw_emit_location_popup( LDAP *ld, int argc, char **argv, int erropts ) } if ( count > 1 ) { - util_snprintf( line, BIG_LINE, "%s\n<SELECT NAME=\"%s\">\n", + util_snprintf( line, sizeof(line), "%s\n<SELECT NAME=\"%s\">\n", prefix, varname ); } else { - util_snprintf( line, BIG_LINE, "<INPUT TYPE=\"hidden\" NAME=\"%s\" ", + util_snprintf( line, sizeof(line), "<INPUT TYPE=\"hidden\" NAME=\"%s\" ", varname ); } dsgw_emits( line ); @@ -1463,7 +1464,7 @@ dsgw_emit_location_popup( LDAP *ld, int argc, char **argv, int erropts ) } if ( count > 1 ) { - util_snprintf( line, BIG_LINE, "</SELECT>\n%s\n", suffix ); + util_snprintf( line, sizeof(line), "</SELECT>\n%s\n", suffix ); dsgw_emits( line ); } @@ -1500,7 +1501,7 @@ emit_one_loc_dn( char *dn, char *friendlyname, char *rootname, int only_one ) } } - util_snprintf( line, BIG_LINE, " VALUE=\"%s\">%s\n", escapeddn, + util_snprintf( line, sizeof(line), " VALUE=\"%s\">%s\n", escapeddn, only_one ? "" : friendlyname ); free( escapeddn ); if ( rdns != NULL ) { diff --git a/ldap/clients/dsgw/templateindex.c b/ldap/clients/dsgw/templateindex.c index 40df74f7..80c40c4b 100644 --- a/ldap/clients/dsgw/templateindex.c +++ b/ldap/clients/dsgw/templateindex.c @@ -63,11 +63,11 @@ char **ds_get_file_list( char *dir ) if( ( dir == NULL ) || (strlen( dir ) == 0) ) return NULL; - if( ( ret = malloc( sizeof( char * ) ) ) == NULL ) + if( ( ret = malloc( sizeof( char * ) * 2 ) ) == NULL ) return NULL; - strcpy(szWildcardFileSpec, dir); - strcat(szWildcardFileSpec, "/*"); + PL_strncpyz(szWildcardFileSpec, dir, sizeof(szWildcardFileSpec)); + PL_strcatn(szWildcardFileSpec, sizeof(szWildcardFileSpec), "/*"); hFile = _findfirst( szWildcardFileSpec, &fileinfo); if( hFile == -1 ) diff --git a/ldap/clients/dsgw/tutor.c b/ldap/clients/dsgw/tutor.c index 6803e470..11b3a564 100644 --- a/ldap/clients/dsgw/tutor.c +++ b/ldap/clients/dsgw/tutor.c @@ -124,7 +124,7 @@ void _my_return_html_file(char *filename, char *base) { *tmp='\0'; dsgw_emitf("<BASE href=\"%s%s/%s\">\n", surl, sn, base); } - while( fgets(line, BIG_LINE, html)) { + while( fgets(line, sizeof(line), html)) { dsgw_emits( line ); } } @@ -210,7 +210,7 @@ main( map=fopen(man_index, "r"); if(!map) goto ohwell; - while(fgets(line, BIG_LINE, map)) { + while(fgets(line, sizeof(line), map)) { if(line[0]==';') continue; else if(ldap_utf8isspace(line)) diff --git a/ldap/clients/orgchart/wrapper.c b/ldap/clients/orgchart/wrapper.c index 9bd6f398..1ab67b23 100644 --- a/ldap/clients/orgchart/wrapper.c +++ b/ldap/clients/orgchart/wrapper.c @@ -62,7 +62,7 @@ #define PATH_MAX 512 #endif -char *get_perl_file(char *); +char *get_perl_file(char *, size_t); /* @@ -77,7 +77,7 @@ main( int argc, char **argv ) printf("Content-type:text/html;charset=UTF-8\n\n<html>Hi\n"); - get_perl_file(script); + get_perl_file(script, sizeof(script)-1); if (strchr(script, '/') != NULL || strchr(script, '\\') != NULL) { printf("Paths not allowed. Filenames only.\n"); @@ -94,10 +94,11 @@ main( int argc, char **argv ) } char * -get_perl_file(char *script) { +get_perl_file(char *script, size_t scriptsize) { char *qs = getenv("QUERY_STRING"); char *p1 = NULL; char *p2 = NULL; + size_t maxsize; if (qs == NULL || *qs == '\0') { printf("No QUERY_STRING found\n"); @@ -113,6 +114,8 @@ get_perl_file(char *script) { for (p2 = p1; *p2 != '\0' && *p2 != '&'; p2++); - strncpy(script, p1, p2-p1); - script[p2-p1] = '\0'; + maxsize = (scriptsize < (p2-p1)) ? scriptsize : (p2-p1); + + PL_strncpyz(script, p1, maxsize); + script[maxsize] = '\0'; } diff --git a/ldap/servers/plugins/acl/acldllmain.c b/ldap/servers/plugins/acl/acldllmain.c index e1e3d6b6..900a45d0 100644 --- a/ldap/servers/plugins/acl/acldllmain.c +++ b/ldap/servers/plugins/acl/acldllmain.c @@ -136,6 +136,7 @@ void LDAPDebug( int level, char* fmt, ... ) va_list ap; va_start (ap, fmt); _snprintf (debugBuf, sizeof(debugBuf), fmt, ap); + debugBuf[sizeof(debugBuf)-1] = 0; va_end (ap); OutputDebugString (debugBuf); diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c index 3cf99fd6..e0ec42d7 100644 --- a/ldap/servers/plugins/acl/acllas.c +++ b/ldap/servers/plugins/acl/acllas.c @@ -1436,10 +1436,11 @@ dump_eval_info (char *caller, struct eval_info *info, int idx) if ( idx < 0 ) { sprintf ( buf, "\nuserDN=\"%s\"\nmember=", info->userDN); - if (info->member) + if (info->member && *info->member) { len = strlen (buf); - sprintf ( &(buf[len]), "\"%s\"", info->member ); + /* member is a char ** */ + sprintf ( &(buf[len]), "\"%s\"", *info->member ); } len = strlen (buf); sprintf ( &(buf[len]), "\nmemberinfo[%d]-[%d]:", info->c_idx, info->lu_idx ); diff --git a/ldap/servers/plugins/chainingdb/cb_instance.c b/ldap/servers/plugins/chainingdb/cb_instance.c index 7c315b00..3ead2908 100644 --- a/ldap/servers/plugins/chainingdb/cb_instance.c +++ b/ldap/servers/plugins/chainingdb/cb_instance.c @@ -1436,7 +1436,7 @@ void cb_instance_config_get(void *arg, cb_instance_config_info *config, char *bu sprintf(buf, "%o", (int) config->config_get_fn(arg)); break; case CB_CONFIG_TYPE_LONG: - sprintf(buf, "%d", (long) config->config_get_fn(arg)); + sprintf(buf, "%ld", (long) config->config_get_fn(arg)); break; case CB_CONFIG_TYPE_STRING: /* Remember the get function for strings returns memory diff --git a/ldap/servers/plugins/chainingdb/cb_monitor.c b/ldap/servers/plugins/chainingdb/cb_monitor.c index 573d1407..dbc45214 100644 --- a/ldap/servers/plugins/chainingdb/cb_monitor.c +++ b/ldap/servers/plugins/chainingdb/cb_monitor.c @@ -76,9 +76,9 @@ cb_search_monitor_callback(Slapi_PBlock * pb, Slapi_Entry * e, Slapi_Entry * ent char buf[CB_BUFSIZE]; struct berval val; struct berval *vals[2]; - int deletecount,addcount,modifycount,modrdncount,searchbasecount,searchonelevelcount; - int searchsubtreecount,abandoncount,bindcount,unbindcount,comparecount; - int outgoingconn, outgoingbindconn; + unsigned long deletecount,addcount,modifycount,modrdncount,searchbasecount,searchonelevelcount; + unsigned long searchsubtreecount,abandoncount,bindcount,unbindcount,comparecount; + unsigned int outgoingconn, outgoingbindconn; cb_backend_instance *inst = (cb_backend_instance *)arg; /* First make sure the backend instance is configured */ @@ -178,12 +178,12 @@ cb_search_monitor_callback(Slapi_PBlock * pb, Slapi_Entry * e, Slapi_Entry * ent val.bv_len = strlen( buf ); slapi_entry_attr_replace( e, CB_MONITOR_COMPARECOUNT, ( struct berval **)vals ); - sprintf( buf, "%d", outgoingconn ); + sprintf( buf, "%u", outgoingconn ); val.bv_val = buf; val.bv_len = strlen( buf ); slapi_entry_attr_replace( e, CB_MONITOR_OUTGOINGCONN, ( struct berval **)vals ); - sprintf( buf, "%d", outgoingbindconn ); + sprintf( buf, "%u", outgoingbindconn ); val.bv_val = buf; val.bv_len = strlen( buf ); slapi_entry_attr_replace( e, CB_MONITOR_OUTGOINGBINDCOUNT, ( struct berval **)vals ); diff --git a/ldap/servers/plugins/collation/dllmain.c b/ldap/servers/plugins/collation/dllmain.c index d4811fa7..0bbb5a9a 100644 --- a/ldap/servers/plugins/collation/dllmain.c +++ b/ldap/servers/plugins/collation/dllmain.c @@ -139,6 +139,7 @@ void LDAPDebug( int level, char* fmt, ... ) va_list ap; va_start (ap, fmt); _snprintf (debugBuf, sizeof(debugBuf), fmt, ap); + debugBuf[sizeof(debugBuf)-1] = 0; va_end (ap); OutputDebugString (debugBuf); diff --git a/ldap/servers/plugins/http/http_impl.c b/ldap/servers/plugins/http/http_impl.c index ee8ff043..2dac90a9 100644 --- a/ldap/servers/plugins/http/http_impl.c +++ b/ldap/servers/plugins/http/http_impl.c @@ -62,6 +62,7 @@ /*** from proto-slap.h ***/ int slapd_log_error_proc( char *subsystem, char *fmt, ... ); + char *config_get_instancedir(); /*** from ldaplog.h ***/ @@ -965,11 +966,11 @@ static PRStatus parseAtPath(const char *url, char **path) { PRStatus status = PR_SUCCESS; char *dir = "%s%s"; - *path = (char *)PR_Calloc(1, (strlen(dir) + 1024)); + *path = (char *)PR_Calloc(1, strlen(dir) + strlen(url) + 2); /* Just write the path and check for a starting / */ if ('/' != *url) { - PR_sscanf(*path, dir, "/", url); + sprintf(*path, dir, "/", url); } else { strcpy(*path, url); } diff --git a/ldap/servers/plugins/pam_passthru/pam_ptdllmain.c b/ldap/servers/plugins/pam_passthru/pam_ptdllmain.c index efbbe03d..96f55624 100644 --- a/ldap/servers/plugins/pam_passthru/pam_ptdllmain.c +++ b/ldap/servers/plugins/pam_passthru/pam_ptdllmain.c @@ -138,6 +138,7 @@ void LDAPDebug( int level, char* fmt, ... ) va_list ap; va_start (ap, fmt); _snprintf (debugBuf, sizeof(debugBuf), fmt, ap); + debugBuf[sizeof(debugBuf)-1] = 0; va_end (ap); OutputDebugString (debugBuf); diff --git a/ldap/servers/plugins/passthru/ptdllmain.c b/ldap/servers/plugins/passthru/ptdllmain.c index 9d8fbeeb..fe8b45e4 100644 --- a/ldap/servers/plugins/passthru/ptdllmain.c +++ b/ldap/servers/plugins/passthru/ptdllmain.c @@ -139,6 +139,7 @@ void LDAPDebug( int level, char* fmt, ... ) va_list ap; va_start (ap, fmt); _snprintf (debugBuf, sizeof(debugBuf), fmt, ap); + debugBuf[sizeof(debugBuf)-1] = 0; va_end (ap); OutputDebugString (debugBuf); diff --git a/ldap/servers/plugins/presence/presence.c b/ldap/servers/plugins/presence/presence.c index c5b1371e..41ebcbee 100644 --- a/ldap/servers/plugins/presence/presence.c +++ b/ldap/servers/plugins/presence/presence.c @@ -61,7 +61,13 @@ /*** from proto-slap.h ***/ -int slapd_log_error_proc( char *subsystem, char *fmt, ... ); +int slapd_log_error_proc( char *subsystem, char *fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif + /*** from ldaplog.h ***/ diff --git a/ldap/servers/plugins/replication/cl5_api.c b/ldap/servers/plugins/replication/cl5_api.c index 0f1f38be..1cf2ae2c 100644 --- a/ldap/servers/plugins/replication/cl5_api.c +++ b/ldap/servers/plugins/replication/cl5_api.c @@ -51,6 +51,7 @@ #include "cl5_api.h" #include "plhash.h" +#include "plstr.h" #include "db.h" #include "cl5_clcache.h" /* To use the Changelog Cache */ @@ -2124,7 +2125,7 @@ int cl5CreateDirIfNeeded (const char *dirName) } /* directory does not exist - try to create */ - strncpy (buff, dirName, MAXPATHLEN); + PL_strncpyz (buff, dirName, sizeof(buff)-1); t = strchr (buff, '/'); /* skip first slash */ diff --git a/ldap/servers/plugins/replication/repl.h b/ldap/servers/plugins/replication/repl.h index c964fb2e..561c1c67 100644 --- a/ldap/servers/plugins/replication/repl.h +++ b/ldap/servers/plugins/replication/repl.h @@ -61,10 +61,9 @@ typedef struct schedule_item } schedule_item; /* XXXggood - copied from slap.h - bad */ -#if defined( XP_WIN32 ) +/* XXXrichm - copied to match definition in slap.h - 20060406 */ +#ifndef NO_TIME #define NO_TIME (time_t)0 /* cannot be -1, NT's localtime( -1 ) returns NULL */ -#else -#define NO_TIME (time_t)-1 /* a value that time() does not return */ #endif /* diff --git a/ldap/servers/plugins/replication/repl5_inc_protocol.c b/ldap/servers/plugins/replication/repl5_inc_protocol.c index 276ab4f0..ba7c507b 100644 --- a/ldap/servers/plugins/replication/repl5_inc_protocol.c +++ b/ldap/servers/plugins/replication/repl5_inc_protocol.c @@ -242,6 +242,7 @@ repl5_inc_get_next_result(result_data *rd) return conres; } +#if NEEDED_FOR_DEBUGGING static void repl5_inc_log_operation_failure(int operation_code, int ldap_error, char* ldap_error_string, const char *agreement_name) { @@ -253,12 +254,12 @@ repl5_inc_log_operation_failure(int operation_code, int ldap_error, char* ldap_e ldap_error, ldap_error_string ? ldap_error_string : "NULL", op_string ? op_string : "NULL"); } +#endif /* Thread that collects results from async operations sent to the consumer */ static void repl5_inc_result_threadmain(void *param) { result_data *rd = (result_data*) param; - int res = 0; ConnResult conres = 0; Repl_Connection *conn = rd->prp->conn; int finished = 0; @@ -384,7 +385,6 @@ repl5_inc_rd_new(Private_Repl_Protocol *prp) static void repl5_inc_rd_list_destroy(repl5_inc_operation *op) { - repl5_inc_operation *cur = op; while (op) { repl5_inc_operation *next = op->next; repl5_inc_op_free(op); @@ -689,7 +689,7 @@ repl5_inc_run(Private_Repl_Protocol *prp) /* just ignore it and go to sleep */ protocol_sleep(prp, PR_INTERVAL_NO_TIMEOUT); } - else if (e1 = event_occurred(prp, EVENT_WINDOW_CLOSED) || + else if ((e1 = event_occurred(prp, EVENT_WINDOW_CLOSED)) || event_occurred(prp, EVENT_BACKOFF_EXPIRED)) { /* this events - should not occur - log a warning and go to sleep */ @@ -748,7 +748,7 @@ repl5_inc_run(Private_Repl_Protocol *prp) next_state = STATE_READY_TO_ACQUIRE; wait_change_timer_set = 0; } - else if (e1 = event_occurred(prp, EVENT_WINDOW_OPENED) || + else if ((e1 = event_occurred(prp, EVENT_WINDOW_OPENED)) || event_occurred(prp, EVENT_BACKOFF_EXPIRED)) { /* this events - should not occur - log a warning and clear the event */ @@ -849,7 +849,7 @@ repl5_inc_run(Private_Repl_Protocol *prp) { /* consume and ignore */ } - else if (e1 = event_occurred (prp, EVENT_WINDOW_OPENED) || + else if ((e1 = event_occurred (prp, EVENT_WINDOW_OPENED)) || event_occurred (prp, EVENT_BACKOFF_EXPIRED)) { /* This should never happen */ diff --git a/ldap/servers/plugins/replication/repl5_replica.c b/ldap/servers/plugins/replication/repl5_replica.c index 8ab8ee48..ae2e9f86 100644 --- a/ldap/servers/plugins/replication/repl5_replica.c +++ b/ldap/servers/plugins/replication/repl5_replica.c @@ -1539,7 +1539,7 @@ _replica_check_validity (const Replica *r) PR_ASSERT (r); if (r->repl_root == NULL || r->repl_type == 0 || r->repl_rid == 0 || - r->repl_rid > MAX_REPLICA_ID || r->repl_csngen == NULL || r->repl_name == NULL) + r->repl_csngen == NULL || r->repl_name == NULL) { return -1; } diff --git a/ldap/servers/plugins/replication/repl5_tot_protocol.c b/ldap/servers/plugins/replication/repl5_tot_protocol.c index fada1057..971fe079 100644 --- a/ldap/servers/plugins/replication/repl5_tot_protocol.c +++ b/ldap/servers/plugins/replication/repl5_tot_protocol.c @@ -125,7 +125,6 @@ repl5_tot_log_operation_failure(int ldap_error, char* ldap_error_string, const c static void repl5_tot_result_threadmain(void *param) { callback_data *cb = (callback_data*) param; - int res = 0; ConnResult conres = 0; Repl_Connection *conn = cb->prp->conn; int finished = 0; diff --git a/ldap/servers/plugins/replication/windows_connection.c b/ldap/servers/plugins/replication/windows_connection.c index 4583c102..fd9f56a6 100644 --- a/ldap/servers/plugins/replication/windows_connection.c +++ b/ldap/servers/plugins/replication/windows_connection.c @@ -665,8 +665,6 @@ send_dirsync_search(Repl_Connection *conn) const char* old_dn = NULL; char* dn = NULL; - int i=0; - int num_comp=0; LDAPDebug( LDAP_DEBUG_TRACE, "=> send_dirsync_search\n", 0, 0, 0 ); @@ -810,13 +808,10 @@ windows_conn_send_rename(Repl_Connection *conn, const char *dn, Slapi_Entry * windows_conn_get_search_result(Repl_Connection *conn) { int rc=0; - int matches=0; LDAPMessage *res = NULL; Slapi_Entry *e = NULL; LDAPMessage *lm = NULL; - char *a = ""; char *dn = ""; - BerElement *ber = NULL; LDAPDebug( LDAP_DEBUG_TRACE, "=> windows_conn_get_search_result\n", 0, 0, 0 ); diff --git a/ldap/servers/plugins/replication/windows_inc_protocol.c b/ldap/servers/plugins/replication/windows_inc_protocol.c index c3a642ef..2418f25d 100644 --- a/ldap/servers/plugins/replication/windows_inc_protocol.c +++ b/ldap/servers/plugins/replication/windows_inc_protocol.c @@ -386,7 +386,7 @@ windows_inc_run(Private_Repl_Protocol *prp) /* just ignore it and go to sleep */ protocol_sleep(prp, PR_INTERVAL_NO_TIMEOUT); } - else if (e1 = event_occurred(prp, EVENT_WINDOW_CLOSED) || + else if ((e1 = event_occurred(prp, EVENT_WINDOW_CLOSED)) || event_occurred(prp, EVENT_BACKOFF_EXPIRED)) { /* this events - should not occur - log a warning and go to sleep */ @@ -458,7 +458,7 @@ windows_inc_run(Private_Repl_Protocol *prp) next_state = STATE_READY_TO_ACQUIRE; wait_change_timer_set = 0; } - else if (e1 = event_occurred(prp, EVENT_WINDOW_OPENED) || + else if ((e1 = event_occurred(prp, EVENT_WINDOW_OPENED)) || event_occurred(prp, EVENT_BACKOFF_EXPIRED)) { /* this events - should not occur - log a warning and clear the event */ @@ -570,7 +570,7 @@ windows_inc_run(Private_Repl_Protocol *prp) { /* consume and ignore */ } - else if (e1 = event_occurred (prp, EVENT_WINDOW_OPENED) || + else if ((e1 = event_occurred (prp, EVENT_WINDOW_OPENED)) || event_occurred (prp, EVENT_BACKOFF_EXPIRED)) { /* This should never happen */ diff --git a/ldap/servers/plugins/replication/windows_private.c b/ldap/servers/plugins/replication/windows_private.c index 3ffd3e87..e81e341b 100644 --- a/ldap/servers/plugins/replication/windows_private.c +++ b/ldap/servers/plugins/replication/windows_private.c @@ -423,7 +423,6 @@ LDAPControl* windows_private_dirsync_control(const Repl_Agmt *ra) { LDAPControl *control = NULL; - LDAPControl **lc = &control ; BerElement *ber; Dirsync_Private *dp; @@ -498,7 +497,7 @@ void windows_private_update_dirsync_control(const Repl_Agmt *ra,LDAPControl **co goto choke; } - slapi_ch_free(&dp->dirsync_cookie); + slapi_ch_free_string(&dp->dirsync_cookie); dp->dirsync_cookie = ( char* ) slapi_ch_malloc(serverCookie->bv_len + 1); memcpy(dp->dirsync_cookie, serverCookie->bv_val, serverCookie->bv_len); @@ -548,7 +547,7 @@ void windows_private_null_dirsync_cookie(const Repl_Agmt *ra) PR_ASSERT (dp); dp->dirsync_cookie_len = 0; - slapi_ch_free(&dp->dirsync_cookie); + slapi_ch_free_string(&dp->dirsync_cookie); dp->dirsync_cookie = NULL; LDAPDebug( LDAP_DEBUG_TRACE, "<= windows_private_null_dirsync_control\n", 0, 0, 0 ); @@ -630,7 +629,6 @@ int windows_private_load_dirsync_cookie(const Repl_Agmt *ra) Slapi_DN* sdn = NULL; int rc = 0; Slapi_Entry *entry = NULL; - char* cookie = NULL; Slapi_Attr *attr = NULL; LDAPDebug( LDAP_DEBUG_TRACE, "=> windows_private_load_dirsync_cookie\n", 0, 0, 0 ); @@ -658,7 +656,7 @@ int windows_private_load_dirsync_cookie(const Repl_Agmt *ra) if (vals) { dp->dirsync_cookie_len = (int) (vals[0])->bv_len; - slapi_ch_free(&dp->dirsync_cookie); + slapi_ch_free_string(&dp->dirsync_cookie); dp->dirsync_cookie = ( char* ) slapi_ch_malloc(dp->dirsync_cookie_len + 1); memcpy(dp->dirsync_cookie,(vals[0]->bv_val), (vals[0])->bv_len+1); diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c b/ldap/servers/plugins/replication/windows_protocol_util.c index a8049fa3..cc409c6d 100644 --- a/ldap/servers/plugins/replication/windows_protocol_util.c +++ b/ldap/servers/plugins/replication/windows_protocol_util.c @@ -64,12 +64,12 @@ static int is_subject_of_agreemeent_local(const Slapi_Entry *local_entry,const R static int windows_create_remote_entry(Private_Repl_Protocol *prp,Slapi_Entry *original_entry, Slapi_DN *remote_sdn, Slapi_Entry **remote_entry, char** password); static int windows_get_local_entry(const Slapi_DN* local_dn,Slapi_Entry **local_entry); static int windows_get_local_entry_by_uniqueid(Private_Repl_Protocol *prp,const char* uniqueid,Slapi_Entry **local_entry); -static int map_entry_dn_outbound(Slapi_Entry *e, const Slapi_DN **dn, Private_Repl_Protocol *prp, int *missing_entry, int want_guid); +static int map_entry_dn_outbound(Slapi_Entry *e, Slapi_DN **dn, Private_Repl_Protocol *prp, int *missing_entry, int want_guid); static char* extract_ntuserdomainid_from_entry(Slapi_Entry *e); static int windows_get_remote_entry (Private_Repl_Protocol *prp, const Slapi_DN* remote_dn,Slapi_Entry **remote_entry); static const char* op2string (int op); static int is_subject_of_agreemeent_remote(Slapi_Entry *e, const Repl_Agmt *ra); -static int map_entry_dn_inbound(Slapi_Entry *e, const Slapi_DN **dn, const Repl_Agmt *ra); +static int map_entry_dn_inbound(Slapi_Entry *e, Slapi_DN **dn, const Repl_Agmt *ra); static int windows_update_remote_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry,Slapi_Entry *local_entry); @@ -678,12 +678,6 @@ windows_acquire_replica(Private_Repl_Protocol *prp, RUV **ruv, int check_ruv) void windows_release_replica(Private_Repl_Protocol *prp) { - - struct berval *retdata = NULL; - char *retoid = NULL; - struct berval *payload = NULL; - Slapi_DN *replarea_sdn = NULL; - LDAPDebug( LDAP_DEBUG_TRACE, "=> windows_release_replica\n", 0, 0, 0 ); PR_ASSERT(NULL != prp); @@ -1248,14 +1242,12 @@ windows_create_remote_entry(Private_Repl_Protocol *prp,Slapi_Entry *original_ent int retval = 0; char *entry_string = NULL; Slapi_Entry *new_entry = NULL; - Slapi_PBlock* pb = NULL; int rc = 0; int is_user = 0; int is_group = 0; Slapi_Attr *attr = NULL; char *username = NULL; const char *dn_string = NULL; - char *remote_entry_template = NULL; char *fqusername = NULL; const char *domain_name = windows_private_get_windows_domain(prp->agmt); int is_nt4 = windows_private_get_isnt4(prp->agmt); @@ -1309,7 +1301,6 @@ windows_create_remote_entry(Private_Repl_Protocol *prp,Slapi_Entry *original_ent for (rc = slapi_entry_first_attr(original_entry, &attr); rc == 0; rc = slapi_entry_next_attr(original_entry, attr, &attr)) { - Slapi_Value *value = NULL; char *type = NULL; Slapi_ValueSet *vs = NULL; int mapdn = 0; @@ -1449,7 +1440,6 @@ windows_map_mods_for_replay(Private_Repl_Protocol *prp,LDAPMod **original_mods, Slapi_Mods smods = {0}; Slapi_Mods mapped_smods = {0}; LDAPMod *mod = NULL; - int i=0; int is_nt4 = windows_private_get_isnt4(prp->agmt); LDAPDebug( LDAP_DEBUG_TRACE, "=> windows_map_mods_for_replay\n", 0, 0, 0 ); @@ -1944,7 +1934,7 @@ extract_container(const Slapi_DN *entry_dn, const Slapi_DN *suffix_dn) /* Given a non-tombstone entry, return the DN of its peer in AD (whether present or not) */ static int -map_entry_dn_outbound(Slapi_Entry *e, const Slapi_DN **dn, Private_Repl_Protocol *prp, int *missing_entry, int guid_form) +map_entry_dn_outbound(Slapi_Entry *e, Slapi_DN **dn, Private_Repl_Protocol *prp, int *missing_entry, int guid_form) { int retval = 0; char *guid = NULL; @@ -2048,7 +2038,7 @@ map_entry_dn_outbound(Slapi_Entry *e, const Slapi_DN **dn, Private_Repl_Protocol /* Given a tombstone entry, return the DN of its peer in this server (if present) */ static int -map_tombstone_dn_inbound(Slapi_Entry *e, const Slapi_DN **dn, const Repl_Agmt *ra) +map_tombstone_dn_inbound(Slapi_Entry *e, Slapi_DN **dn, const Repl_Agmt *ra) { int retval = 0; Slapi_DN *new_dn = NULL; @@ -2106,7 +2096,7 @@ map_tombstone_dn_inbound(Slapi_Entry *e, const Slapi_DN **dn, const Repl_Agmt *r /* Given a non-tombstone entry, return the DN of its peer in this server (whether present or not) */ static int -map_entry_dn_inbound(Slapi_Entry *e, const Slapi_DN **dn, const Repl_Agmt *ra) +map_entry_dn_inbound(Slapi_Entry *e, Slapi_DN **dn, const Repl_Agmt *ra) { int retval = 0; Slapi_DN *new_dn = NULL; @@ -2366,7 +2356,6 @@ windows_create_local_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry, for (rc = slapi_entry_first_attr(remote_entry, &attr); rc == 0; rc = slapi_entry_next_attr(remote_entry, attr, &attr)) { - Slapi_Value *value = NULL; char *type = NULL; Slapi_ValueSet *vs = NULL; int mapdn = 0; @@ -2517,7 +2506,6 @@ windows_generate_update_mods(Private_Repl_Protocol *prp,Slapi_Entry *remote_entr rc = slapi_entry_next_attr(remote_entry, attr, &attr)) { int is_present_local = 0; - Slapi_Value *value = NULL; char *type = NULL; Slapi_ValueSet *vs = NULL; char *local_type = NULL; @@ -2723,7 +2711,6 @@ windows_update_local_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry, { Slapi_Mods smods = {0}; int retval = 0; - int rc = 0; Slapi_PBlock *pb = NULL; int do_modify = 0; diff --git a/ldap/servers/plugins/syntaxes/dllmain.c b/ldap/servers/plugins/syntaxes/dllmain.c index 19538144..cde0a541 100644 --- a/ldap/servers/plugins/syntaxes/dllmain.c +++ b/ldap/servers/plugins/syntaxes/dllmain.c @@ -141,6 +141,7 @@ void LDAPDebug( int level, char* fmt, ... ) va_list ap; va_start (ap, fmt); _snprintf (debugBuf, sizeof(debugBuf), fmt, ap); + debugBuf[sizeof(debugBuf)-1] = 0; va_end (ap); OutputDebugString (debugBuf); diff --git a/ldap/servers/slapd/abandon.c b/ldap/servers/slapd/abandon.c index a87a5d07..278455c5 100644 --- a/ldap/servers/slapd/abandon.c +++ b/ldap/servers/slapd/abandon.c @@ -158,7 +158,7 @@ do_abandon( Slapi_PBlock *pb ) pb->pb_conn->c_connid, pb->pb_op->o_opid, id ); } else { slapi_log_access( LDAP_DEBUG_STATS, "conn=%d op=%d ABANDON" - " targetop=%d msgid=%d nentries=%d etime=%d\n", + " targetop=%d msgid=%d nentries=%d etime=%ld\n", pb->pb_conn->c_connid, pb->pb_op->o_opid, o->o_opid, id, o->o_results.r.r_search.nentries, current_time() - o->o_time ); diff --git a/ldap/servers/slapd/auth.c b/ldap/servers/slapd/auth.c index ccd2bf05..56fa517e 100644 --- a/ldap/servers/slapd/auth.c +++ b/ldap/servers/slapd/auth.c @@ -445,7 +445,7 @@ handle_handshake_done (PRFileDesc *prfd, void* clientData) != SECSuccess) { PRErrorCode errorCode = PR_GetError(); slapi_log_access (LDAP_DEBUG_STATS, - "conn=%d SSL failed to obtain cipher info; ", + "conn=%d SSL failed to obtain cipher info; " SLAPI_COMPONENT_NAME_NSPR " error %i (%s)\n", conn->c_connid, errorCode, slapd_pr_strerror(errorCode)); return; diff --git a/ldap/servers/slapd/back-ldbm/archive.c b/ldap/servers/slapd/back-ldbm/archive.c index 8050e393..cb317b52 100644 --- a/ldap/servers/slapd/back-ldbm/archive.c +++ b/ldap/servers/slapd/back-ldbm/archive.c @@ -207,7 +207,7 @@ int ldbm_back_archive2ldbm( Slapi_PBlock *pb ) c = *p; *p = '\0'; } - bakup_dir = slapi_ch_smprintf("%s%ctmp_%010d", directory, c, time(0)); + bakup_dir = slapi_ch_smprintf("%s%ctmp_%010ld", directory, c, time(0)); LDAPDebug( LDAP_DEBUG_ANY, "archive2db: backup dir: %s\n", bakup_dir, 0, 0); *p = c; @@ -315,10 +315,10 @@ int ldbm_back_ldbm2archive( Slapi_PBlock *pb ) if (task) { slapi_task_log_notice(task, "Failed to rename \"%s\" to \"%s\".", - directory, dir_bak, 0); + directory, dir_bak); slapi_task_log_notice(task, SLAPI_COMPONENT_NAME_NSPR " error %d (%s)", - prerr, slapd_pr_strerror(prerr), 0); + prerr, slapd_pr_strerror(prerr)); } return_value = -1; goto out; diff --git a/ldap/servers/slapd/back-ldbm/dbhelp.c b/ldap/servers/slapd/back-ldbm/dbhelp.c index 5ad59e84..29f2d284 100644 --- a/ldap/servers/slapd/back-ldbm/dbhelp.c +++ b/ldap/servers/slapd/back-ldbm/dbhelp.c @@ -51,7 +51,7 @@ static int dblayer_copy_file_keybykey(DB_ENV *env, char *source_file_name, char DB *source_file = NULL; DB *destination_file = NULL; DBC *source_cursor = NULL; - int dbtype = 0; + DBTYPE dbtype = 0; int dbflags = 0; int dbpagesize = 0; int cursor_flag = 0; diff --git a/ldap/servers/slapd/back-ldbm/dllmain.c b/ldap/servers/slapd/back-ldbm/dllmain.c index 187f78b8..47d3ce56 100644 --- a/ldap/servers/slapd/back-ldbm/dllmain.c +++ b/ldap/servers/slapd/back-ldbm/dllmain.c @@ -136,6 +136,7 @@ void LDAPDebug( int level, char* fmt, ... ) va_list ap; va_start (ap, fmt); _snprintf (debugBuf, sizeof(debugBuf), fmt, ap); + debugBuf[sizeof(debugBuf)-1] = 0; va_end (ap); OutputDebugString (debugBuf); diff --git a/ldap/servers/slapd/back-ldbm/import-merge.c b/ldap/servers/slapd/back-ldbm/import-merge.c index e5f817e7..bed6a9b6 100644 --- a/ldap/servers/slapd/back-ldbm/import-merge.c +++ b/ldap/servers/slapd/back-ldbm/import-merge.c @@ -654,8 +654,7 @@ int import_mega_merge(ImportJob *job) int passes = job->current_pass; if (1 == job->number_indexers) { - import_log_notice(job, "Beginning %d-way merge of one file...", passes, - job->number_indexers); + import_log_notice(job, "Beginning %d-way merge of one file...", passes); } else { import_log_notice(job, "Beginning %d-way merge of up to %lu files...", passes, job->number_indexers); diff --git a/ldap/servers/slapd/back-ldbm/import.h b/ldap/servers/slapd/back-ldbm/import.h index f0398deb..72dbd495 100644 --- a/ldap/servers/slapd/back-ldbm/import.h +++ b/ldap/servers/slapd/back-ldbm/import.h @@ -203,7 +203,13 @@ struct _import_worker_info { /* import.c */ FifoItem *import_fifo_fetch(ImportJob *job, ID id, int worker, int shift); void import_free_job(ImportJob *job); -void import_log_notice(ImportJob *job, char *format, ...); +void import_log_notice(ImportJob *job, char *format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif + void import_abort_all(ImportJob *job, int wait_for_them); int import_entry_belongs_here(Slapi_Entry *e, backend *be); int import_make_merge_filenames(char *directory, char *indexname, int pass, diff --git a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c index fa94025b..626df177 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c @@ -199,7 +199,7 @@ attrcrypt_keymgmt_store_key(ldbm_instance *li, attrcrypt_cipher_state *acs, SECK key_as_berval.bv_len = wrapped_symmetric_key.len; key_value = slapi_value_new_berval(&key_as_berval); /* key_value is now a copy of key_as_berval - free wrapped_symmetric_key */ - slapi_ch_free(&wrapped_symmetric_key.data); + slapi_ch_free_string((char **)&wrapped_symmetric_key.data); slapi_entry_add_value(e, KEY_ATTRIBUTE_NAME, key_value); slapi_value_free(&key_value); /* Store the entry */ diff --git a/ldap/servers/slapd/back-ldbm/ldbm_config.c b/ldap/servers/slapd/back-ldbm/ldbm_config.c index 7f27b47a..169d8e29 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_config.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_config.c @@ -1371,6 +1371,7 @@ int ldbm_config_load_dse_info(struct ldbminfo *li) void ldbm_config_get(void *arg, config_info *config, char *buf) { char *tmp_string; + size_t val = 0; if (config == NULL) { buf[0] = '\0'; @@ -1387,7 +1388,8 @@ void ldbm_config_get(void *arg, config_info *config, char *buf) sprintf(buf, "%ld", (long) config->config_get_fn(arg)); break; case CONFIG_TYPE_SIZE_T: - sprintf(buf, "%lu", (size_t) config->config_get_fn(arg)); + val = (size_t) config->config_get_fn(arg); + sprintf(buf, "%lu", val); break; case CONFIG_TYPE_STRING: /* Remember the get function for strings returns memory diff --git a/ldap/servers/slapd/back-ldbm/ldif2ldbm.c b/ldap/servers/slapd/back-ldbm/ldif2ldbm.c index 13c8ad89..07aa3e58 100644 --- a/ldap/servers/slapd/back-ldbm/ldif2ldbm.c +++ b/ldap/servers/slapd/back-ldbm/ldif2ldbm.c @@ -1307,7 +1307,7 @@ ldbm_back_ldbm2index(Slapi_PBlock *pb) if (NULL == inst) { if (task) { slapi_task_log_notice(task, "Unknown ldbm instance %s", - instance_name, 0, 0); + instance_name); } LDAPDebug(LDAP_DEBUG_ANY, "Unknown ldbm instance %s\n", instance_name, 0, 0); @@ -2081,7 +2081,7 @@ int ldbm_back_upgradedb(Slapi_PBlock *pb) { time_t tm = time(0); /* long */ - char *tmpname = slapi_ch_smprintf("%s/%d", dest_dir, tm); + char *tmpname = slapi_ch_smprintf("%s/%ld", dest_dir, tm); dest_dir = tmpname; } else /* not a directory */ diff --git a/ldap/servers/slapd/back-ldif/dllmain.c b/ldap/servers/slapd/back-ldif/dllmain.c index 9dc45e74..29942f99 100644 --- a/ldap/servers/slapd/back-ldif/dllmain.c +++ b/ldap/servers/slapd/back-ldif/dllmain.c @@ -140,6 +140,7 @@ void LDAPDebug( int level, char* fmt, ... ) va_list ap; va_start (ap, fmt); _snprintf (debugBuf, sizeof(debugBuf), fmt, ap); + debugBuf[sizeof(debugBuf)-1] = 0; va_end (ap); OutputDebugString (debugBuf); diff --git a/ldap/servers/slapd/csn.c b/ldap/servers/slapd/csn.c index ecabfc4b..7c517048 100644 --- a/ldap/servers/slapd/csn.c +++ b/ldap/servers/slapd/csn.c @@ -372,11 +372,12 @@ csn_max(const CSN *csn1,const CSN *csn2) int csn_increment_subsequence (CSN *csn) { + PRUint16 maxsubseq = (PRUint16)0xFFFFFFFF; if (csn == NULL) { return -1; } - else if (csn->subseqnum == 0xFFFFFFFF) + else if (csn->subseqnum == maxsubseq) { slapi_log_error(SLAPI_LOG_FATAL, NULL, "csn_increment_subsequence: subsequence overflow\n"); diff --git a/ldap/servers/slapd/csngen.c b/ldap/servers/slapd/csngen.c index dc45da22..9716d3b2 100644 --- a/ldap/servers/slapd/csngen.c +++ b/ldap/servers/slapd/csngen.c @@ -338,8 +338,8 @@ int csngen_adjust_time (CSNGen *gen, const CSN* csn) else /* remote_offset > CSN_MAX_TIME_ADJUST */ { slapi_log_error (SLAPI_LOG_FATAL, NULL, "csngen_adjust_time: " - "adjustment limit exceeded; value - %d, limit - %d\n", - remote_offset, CSN_MAX_TIME_ADJUST); + "adjustment limit exceeded; value - %ld, limit - %ld\n", + remote_offset, (long)CSN_MAX_TIME_ADJUST); PR_RWLock_Unlock (gen->lock); return CSN_LIMIT_EXCEEDED; } @@ -427,9 +427,9 @@ void csngen_dump_state (const CSNGen *gen) PR_RWLock_Rlock (gen->lock); slapi_log_error(SLAPI_LOG_FATAL, NULL, "CSN generator's state:\n"); slapi_log_error(SLAPI_LOG_FATAL, NULL, "\treplica id: %d\n", gen->state.rid); - slapi_log_error(SLAPI_LOG_FATAL, NULL, "\tsampled time: %d\n", gen->state.sampled_time); - slapi_log_error(SLAPI_LOG_FATAL, NULL, "\tlocal offset: %d\n", gen->state.local_offset); - slapi_log_error(SLAPI_LOG_FATAL, NULL, "\tremote offset: %d\n", gen->state.remote_offset); + slapi_log_error(SLAPI_LOG_FATAL, NULL, "\tsampled time: %ld\n", gen->state.sampled_time); + slapi_log_error(SLAPI_LOG_FATAL, NULL, "\tlocal offset: %ld\n", gen->state.local_offset); + slapi_log_error(SLAPI_LOG_FATAL, NULL, "\tremote offset: %ld\n", gen->state.remote_offset); slapi_log_error(SLAPI_LOG_FATAL, NULL, "\tsequence number: %d\n", gen->state.seq_num); PR_RWLock_Unlock (gen->lock); } diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c index 1f3de4f9..1fe82b77 100644 --- a/ldap/servers/slapd/daemon.c +++ b/ldap/servers/slapd/daemon.c @@ -2588,7 +2588,7 @@ int configure_pr_socket( PRFileDesc **pr_socket, int secure ) if ( NULL == nspr_layer_fd ) { slapi_log_error( SLAPI_LOG_FATAL, "configure_pr_socket", "Unable to move socket file descriptor %d above %d:" - " PR_GetIdentitiesLayer( 0x%x, PR_NSPR_IO_LAYER )" + " PR_GetIdentitiesLayer( %p, PR_NSPR_IO_LAYER )" " failed\n", ns, reservedescriptors, *pr_socket ); close( newfd ); /* can't fix things up in NSPR -- close copy */ } else { diff --git a/ldap/servers/slapd/eventq.c b/ldap/servers/slapd/eventq.c index ca7ab67b..8909e074 100644 --- a/ldap/servers/slapd/eventq.c +++ b/ldap/servers/slapd/eventq.c @@ -143,7 +143,7 @@ slapi_eq_once(slapi_eq_fn_t fn, void *arg, time_t when) /* scheduling. Too bad */ slapi_log_error(SLAPI_LOG_HOUSE, NULL, - "added one-time event id 0x%x at time %u\n", + "added one-time event id %p at time %ld\n", id, when); return(id); } @@ -175,7 +175,7 @@ slapi_eq_repeat(slapi_eq_fn_t fn, void *arg, time_t when, unsigned long interval tmp = eq_new(fn, arg, when, interval); eq_enqueue(tmp); slapi_log_error(SLAPI_LOG_HOUSE, NULL, - "added repeating event id 0x%x at time %u, interval %u\n", + "added repeating event id %p at time %ld, interval %lu\n", tmp->ec_id, when, interval); return(tmp->ec_id); } @@ -212,7 +212,7 @@ slapi_eq_cancel(Slapi_Eq_Context ctx) PR_Unlock(eq->eq_lock); } slapi_log_error(SLAPI_LOG_HOUSE, NULL, - "cancellation of event id 0x%x requested: %s\n", + "cancellation of event id %p requested: %s\n", ctx, found ? "cancellation succeeded" : "event not found"); return found; } @@ -306,7 +306,7 @@ eq_call_all() /* Call the scheduled function */ p->ec_fn(p->ec_when, p->ec_arg); slapi_log_error(SLAPI_LOG_HOUSE, NULL, - "Event id 0x%x called at %u (scheduled for %u)\n", + "Event id %p called at %ld (scheduled for %ld)\n", p->ec_id, current_time(), p->ec_when); if (0UL != p->ec_interval) { /* This is a repeating event. Requeue it. */ diff --git a/ldap/servers/slapd/filter.c b/ldap/servers/slapd/filter.c index eb2a4056..605333c8 100644 --- a/ldap/servers/slapd/filter.c +++ b/ldap/servers/slapd/filter.c @@ -100,14 +100,14 @@ get_filter( Connection *conn, BerElement *ber, int scope, logbuf = slapi_ch_malloc(logbufsize); *logbuf = '\0'; slapi_log_error( SLAPI_LOG_FATAL, "get_filter", "before optimize: %s\n", - slapi_filter_to_string(*filt, logbuf, logbufsize), 0, 0 ); + slapi_filter_to_string(*filt, logbuf, logbufsize)); } filter_optimize(*filt); if (NULL != logbuf) { slapi_log_error( SLAPI_LOG_FATAL, "get_filter", " after optimize: %s\n", - slapi_filter_to_string(*filt, logbuf, logbufsize), 0, 0 ); + slapi_filter_to_string(*filt, logbuf, logbufsize)); slapi_ch_free_string( &logbuf ); } diff --git a/ldap/servers/slapd/log.c b/ldap/servers/slapd/log.c index 022a126c..664c6d83 100644 --- a/ldap/servers/slapd/log.c +++ b/ldap/servers/slapd/log.c @@ -2269,7 +2269,7 @@ log_rotate: "LOGINFO:End of Log because size exceeded(Max:%d bytes) (Is:%d bytes)\n", maxlogsize, f_size, 0); } else if ( type == LOG_EXPIRED) { LDAPDebug(LDAP_DEBUG_TRACE, - "LOGINFO:End of Log because time exceeded(Max:%d secs) (Is:%d secs)\n", + "LOGINFO:End of Log because time exceeded(Max:%d secs) (Is:%ld secs)\n", rotationtime_secs, curr_time - log_createtime,0); } } diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h index 30f88b5c..e150a003 100644 --- a/ldap/servers/slapd/proto-slap.h +++ b/ldap/servers/slapd/proto-slap.h @@ -557,7 +557,13 @@ int lock_fclose( FILE *fp, FILE *lfp ); * log.c */ int slapd_log_error_proc( char *subsystem, char *fmt, ... ); -int slapi_log_access( int level, char *fmt, ... ); + +int slapi_log_access( int level, char *fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif int slapd_log_audit_proc(char *buffer, int buf_len); void log_access_flush(); diff --git a/ldap/servers/slapd/resourcelimit.c b/ldap/servers/slapd/resourcelimit.c index a73b0211..d4cce9c2 100644 --- a/ldap/servers/slapd/resourcelimit.c +++ b/ldap/servers/slapd/resourcelimit.c @@ -474,7 +474,7 @@ reslimit_update_from_entry( Slapi_Connection *conn, Slapi_Entry *e ) if ( slapi_valueset_next_value( vs, index, &v ) != -1 ) { char ebuf[ BUFSIZ ]; slapi_log_error( SLAPI_LOG_FATAL, SLAPI_RESLIMIT_MODULE, - "%s: ignoring multiple values for %s in entry \n", + "%s: ignoring multiple values for %s in entry %s\n", fnname, reslimit_map[ i ].rlmap_at, escape_string( slapi_entry_get_dn_const( e ), ebuf )); diff --git a/ldap/servers/slapd/result.c b/ldap/servers/slapd/result.c index dc26e986..dd9bf3dd 100644 --- a/ldap/servers/slapd/result.c +++ b/ldap/servers/slapd/result.c @@ -1696,7 +1696,7 @@ log_result( Slapi_PBlock *pb, Operation *op, int err, unsigned long tag, { slapi_log_access( LDAP_DEBUG_STATS, "conn=%d op=%d RESULT err=%d" - " tag=%d nentries=%d etime=%s%s%s" + " tag=%lu nentries=%d etime=%s%s%s" ", SASL bind in progress\n", op->o_connid, op->o_opid, @@ -1708,7 +1708,7 @@ log_result( Slapi_PBlock *pb, Operation *op, int err, unsigned long tag, { slapi_log_access( LDAP_DEBUG_ARGS, "conn=%s op=%d RESULT err=%d" - " tag=%d nentries=%d etime=%s%s%s" + " tag=%lu nentries=%d etime=%s%s%s" ", SASL bind in progress\n", LOG_INTERNAL_OP_CON_ID, LOG_INTERNAL_OP_OP_ID, @@ -1728,7 +1728,7 @@ log_result( Slapi_PBlock *pb, Operation *op, int err, unsigned long tag, { slapi_log_access( LDAP_DEBUG_STATS, "conn=%d op=%d RESULT err=%d" - " tag=%d nentries=%d etime=%s%s%s" + " tag=%lu nentries=%d etime=%s%s%s" " dn=\"%s\"\n", op->o_connid, op->o_opid, @@ -1740,7 +1740,7 @@ log_result( Slapi_PBlock *pb, Operation *op, int err, unsigned long tag, { slapi_log_access( LDAP_DEBUG_ARGS, "conn=%s op=%d RESULT err=%d" - " tag=%d nentries=%d etime=%s%s%s" + " tag=%lu nentries=%d etime=%s%s%s" " dn=\"%s\"\n", LOG_INTERNAL_OP_CON_ID, LOG_INTERNAL_OP_OP_ID, @@ -1754,7 +1754,7 @@ log_result( Slapi_PBlock *pb, Operation *op, int err, unsigned long tag, { slapi_log_access( LDAP_DEBUG_STATS, "conn=%d op=%d RESULT err=%d" - " tag=%d nentries=%d etime=%s%s%s\n", + " tag=%lu nentries=%d etime=%s%s%s\n", op->o_connid, op->o_opid, err, tag, nentries, @@ -1765,7 +1765,7 @@ log_result( Slapi_PBlock *pb, Operation *op, int err, unsigned long tag, { slapi_log_access( LDAP_DEBUG_ARGS, "conn=%s op=%d RESULT err=%d" - " tag=%d nentries=%d etime=%s%s%s\n", + " tag=%lu nentries=%d etime=%s%s%s\n", LOG_INTERNAL_OP_CON_ID, LOG_INTERNAL_OP_OP_ID, err, tag, nentries, diff --git a/ldap/servers/slapd/schema.c b/ldap/servers/slapd/schema.c index 6ce43a52..e3ca1685 100644 --- a/ldap/servers/slapd/schema.c +++ b/ldap/servers/slapd/schema.c @@ -151,7 +151,13 @@ static int schema_strcmp_array( char **sa1, char **sa2, const char *ignorestr ); static PRBool schema_type_is_interesting( const char *type ); static void schema_create_errormsg( char *errorbuf, size_t errorbufsize, - const char *prefix, const char *name, const char *fmt, ... ); + const char *prefix, const char *name, const char *fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 5, 6))); +#else + ; +#endif + /* Some utility functions for dealing with a dynamic buffer */ @@ -4066,7 +4072,7 @@ init_schema_dse(const char *configdir) { slapi_log_error(SLAPI_LOG_FATAL, "schema", "Could not add" " attribute type \"objectClass\" to the schema: %s\n", - errorbuf, 0, 0); + errorbuf); } rc = dse_read_file(pschemadse, &pb); diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h index 79041106..15ef187a 100644 --- a/ldap/servers/slapd/slapi-plugin.h +++ b/ldap/servers/slapd/slapi-plugin.h @@ -850,7 +850,12 @@ void slapi_ch_free_string( char **s ); struct berval* slapi_ch_bvdup(const struct berval*); struct berval** slapi_ch_bvecdup(struct berval**); void slapi_ch_bvfree(struct berval** v); -char * slapi_ch_smprintf(const char *fmt, ...); +char * slapi_ch_smprintf(const char *fmt, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif /* * syntax plugin routines diff --git a/ldap/servers/slapd/slapi-private.h b/ldap/servers/slapd/slapi-private.h index 9c9ce5c3..f666c260 100644 --- a/ldap/servers/slapd/slapi-private.h +++ b/ldap/servers/slapd/slapi-private.h @@ -1211,8 +1211,19 @@ struct _slapi_task { int slapi_task_register_handler(const char *name, dseCallbackFn func); void slapi_task_status_changed(Slapi_Task *task); -void slapi_task_log_status(Slapi_Task *task, char *format, ...); -void slapi_task_log_notice(Slapi_Task *task, char *format, ...); +void slapi_task_log_status(Slapi_Task *task, char *format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif + +void slapi_task_log_notice(Slapi_Task *task, char *format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif /* End of interface to support online tasks **********************************/ diff --git a/ldap/servers/slapd/tools/ldclt/ldclt.c b/ldap/servers/slapd/tools/ldclt/ldclt.c index 95b0982f..f4114c7c 100644 --- a/ldap/servers/slapd/tools/ldclt/ldclt.c +++ b/ldap/servers/slapd/tools/ldclt/ldclt.c @@ -3060,6 +3060,8 @@ main ( ldcltExit (EXIT_OTHER); /*JLS 25-08-00*/ ldcltExit (mctx.exitStatus); /*JLS 25-08-00*/ + + return mctx.exitStatus; } diff --git a/ldap/servers/slapd/tools/ldclt/repcheck.c b/ldap/servers/slapd/tools/ldclt/repcheck.c index 6967e708..8851f7fe 100644 --- a/ldap/servers/slapd/tools/ldclt/repcheck.c +++ b/ldap/servers/slapd/tools/ldclt/repcheck.c @@ -111,6 +111,7 @@ main(int argc, char**argv) char **tmp; struct hostent *serveraddr; struct sockaddr_in srvsaddr; + char *p; while((i=getopt(argc,argv,"p:"))!=EOF){ switch(i){ @@ -125,7 +126,10 @@ main(int argc, char**argv) maxop=npend=0; pendops=(Optype*)malloc(sizeof(Optype)*20); sigset(SIGPIPE,SIG_IGN); - while(gets(logline)){ + while(fgets(logline, sizeof(logline), stdin)){ + if (p = strchr(logline, '\n')) { + *p = 0; + } if(!connected){ if((sockfd=socket(AF_INET,SOCK_STREAM,0))==-1){ perror(argv[0]); diff --git a/ldap/servers/slapd/tools/ldclt/repslave.c b/ldap/servers/slapd/tools/ldclt/repslave.c index 952d91a3..3e892f66 100644 --- a/ldap/servers/slapd/tools/ldclt/repslave.c +++ b/ldap/servers/slapd/tools/ldclt/repslave.c @@ -314,8 +314,11 @@ main(int argc, char**argv) * Ignore SIGPIPE during write() */ sigset(SIGPIPE,SIG_IGN); - while(gets(logline)) + while(fgets(logline, sizeof(logline), stdin)) { + if (p = strchr(logline, '\n')) { + *p = 0; + } if(log) puts(logline); for(tmp=ldap_ops,i=0;tmp[i];i++) diff --git a/ldap/servers/slapd/tools/migratecred.c b/ldap/servers/slapd/tools/migratecred.c index d898889a..b8543b0f 100644 --- a/ldap/servers/slapd/tools/migratecred.c +++ b/ldap/servers/slapd/tools/migratecred.c @@ -172,7 +172,8 @@ main( int argc, char **argv) #endif #endif - sprintf(libpath, "%s/../lib/des-plugin%s", newpath, shared_lib); + snprintf(libpath, sizeof(libpath), "%s/../lib/des-plugin%s", newpath, shared_lib); + libpath[sizeof(libpath)-1] = 0; fct = (migrate_fn_type)sym_load(libpath, "migrateCredentials", "DES Plugin", 1 /* report errors */ ); diff --git a/ldap/servers/slapd/tools/pwenc.c b/ldap/servers/slapd/tools/pwenc.c index 350f7111..c87e0f64 100644 --- a/ldap/servers/slapd/tools/pwenc.c +++ b/ldap/servers/slapd/tools/pwenc.c @@ -129,7 +129,7 @@ main( argc, argv ) struct pw_scheme *pwsp, *cmppwsp; extern int optind; char *cpwd = NULL; /* candidate password for comparison */ - char errorbuf[BUFSIZ]; + char errorbuf[SLAPI_DSE_RETURNTEXT_SIZE]; slapdFrontendConfig_t *slapdFrontendConfig = NULL; char *opts = "Hs:c:D:"; diff --git a/lib/base/dns.cpp b/lib/base/dns.cpp index 834dcd7f..f2e5454e 100644 --- a/lib/base/dns.cpp +++ b/lib/base/dns.cpp @@ -109,7 +109,9 @@ char *dns_ip2host(char *ip, int verify) err = PR_InitializeNetAddr(PR_IpAddrNull, 0, &iaddr); - if((iaddr.inet.ip = inet_addr(ip)) == -1) + /* richm: ipv6 cleanup - use inet_aton or other more appropriate function + instead of inet_addr */ + if((iaddr.inet.ip = inet_addr(ip)) == (in_addr_t)-1) goto bong; /* diff --git a/lib/base/dnsdmain.cpp b/lib/base/dnsdmain.cpp index 8a2ba133..6ed82428 100644 --- a/lib/base/dnsdmain.cpp +++ b/lib/base/dnsdmain.cpp @@ -177,7 +177,7 @@ extern "C" NSAPI_PUBLIC char *dns_guess_domain(char * hname) if (domain != 0) { hnlen = strlen(hname); - if ((hnlen + dnlen + 2) <= sizeof(line)) { + if ((size_t)(hnlen + dnlen + 2) <= sizeof(line)) { strcpy(line, hname); line[hnlen] = '.'; strcpy(&line[hnlen+1], domain); diff --git a/lib/base/file.cpp b/lib/base/file.cpp index 7c6028c7..46e9ba16 100644 --- a/lib/base/file.cpp +++ b/lib/base/file.cpp @@ -543,23 +543,6 @@ static char errmsg[ERRMSG_SIZE]; #include "util.h" -static char *_errmsg_new(int code) -{ - char *ret; -#ifdef THREAD_ANY - if(!(ret = (char *) systhread_getdata(errmsg_key))) { - ret = (char *) PERM_MALLOC(256); - systhread_setdata(errmsg_key, (void *)ret); - } -#else - ret = errmsg; -#endif - util_snprintf(ret, ERRMSG_SIZE, "libsec code %d", code); -#ifndef MCC_BATMAN - PR_SetError(0,0); -#endif - return ret; -} #endif @@ -611,7 +594,7 @@ NSAPI_PUBLIC int system_errmsg_fn(char **buff, size_t maxlen) PR_SetError(0, 0); lmsg = nscp_error_msg; } else { - util_snprintf(static_error, ERRMSG_SIZE, "unknown error %d", nscp_error); + util_snprintf(static_error, sizeof(static_error), "unknown error %d", nscp_error); lmsg = static_error; } } else { diff --git a/lib/base/plist.cpp b/lib/base/plist.cpp index c2062767..6482cd05 100644 --- a/lib/base/plist.cpp +++ b/lib/base/plist.cpp @@ -818,7 +818,7 @@ PListNameProp(PList_t plist, int pindex, const char *pname) /* Is it time to grow the hash table? */ i = PLSIZENDX(pt->pt_sizendx); - if ((pt->pt_sizendx < PLMAXSIZENDX) && + if (((size_t)pt->pt_sizendx < PLMAXSIZENDX) && pt->pt_nsyms >= (i + i)) { PLSymbolTable_t *npt; diff --git a/lib/base/pool.cpp b/lib/base/pool.cpp index 915199c7..8a379549 100644 --- a/lib/base/pool.cpp +++ b/lib/base/pool.cpp @@ -195,7 +195,7 @@ _free_block(block_t *block) memset(block->data, 0xa, block->end-block->data); #endif /* POOL_ZERO_DEBUG */ - if ((freelist_size + block->end - block->data) > freelist_max) { + if ((unsigned long)(freelist_size + block->end - block->data) > freelist_max) { /* Just have to delete the whole block! */ crit_enter(freelist_lock); @@ -452,7 +452,7 @@ pool_realloc(pool_handle_t *pool_handle, void *ptr, size_t size) pool_t *pool = (pool_t *)pool_handle; void *newptr; block_t *block_ptr; - int oldsize; + size_t oldsize; if (pool_handle == NULL || pool_disable) return PERM_REALLOC(ptr, size); diff --git a/lib/ldaputil/certmap.c b/lib/ldaputil/certmap.c index 952d2116..2828bb42 100644 --- a/lib/ldaputil/certmap.c +++ b/lib/ldaputil/certmap.c @@ -46,6 +46,8 @@ */ #include <plstr.h> #include <prlink.h> +#include <prprf.h> + #include <key.h> #include <cert.h> #include <ldaputil/certmap.h> @@ -388,7 +390,7 @@ static int PresentInComps (long comps_bitmask, int tag) static void print_oid_bitmask (long bitmask) { - fprintf(stderr, "%x: ", bitmask); + fprintf(stderr, "%lx: ", bitmask); if (PresentInComps(bitmask, SEC_OID_AVA_COUNTRY_NAME)) fprintf(stderr, " C"); @@ -1812,7 +1814,7 @@ int ldapu_certmap_init (const char *config_file, *certmap_list = 0; *certmap_default = 0; - sprintf(this_dllname, "%s", dllname); + PR_snprintf(this_dllname, sizeof(this_dllname), "%s", dllname); if (!certmap_listinfo) return LDAPU_ERR_OUT_OF_MEMORY; diff --git a/lib/ldaputil/init.c b/lib/ldaputil/init.c index 15ed1b20..c5a4698a 100644 --- a/lib/ldaputil/init.c +++ b/lib/ldaputil/init.c @@ -39,6 +39,7 @@ #include <string.h> #include <prlink.h> #include <prio.h> +#include <prprf.h> /*#include "base/file.h"*/ #include "ldaputil/certmap.h" @@ -90,7 +91,7 @@ static int load_server_libs (const char *dir) if(is_lib) { char path[1024]; - sprintf(path, "%s%c%s", dir, FILE_PATHSEP, libname); + PR_snprintf(path, sizeof(path), "%s%c%s", dir, FILE_PATHSEP, libname); lib = PR_LoadLibrary(path); if (!lib) rv = LDAPU_ERR_UNABLE_TO_LOAD_PLUGIN; } @@ -123,7 +124,7 @@ NSAPI_PUBLIC int ldaputil_init (const char *config_file, if (serv_root && *serv_root) { /* Load common libraries */ - sprintf(dir, "%s%clib%c%s", serv_root, FILE_PATHSEP, + PR_snprintf(dir, sizeof(dir), "%s%clib%c%s", serv_root, FILE_PATHSEP, FILE_PATHSEP, "common"); rv = load_server_libs(dir); diff --git a/lib/ldaputil/ldapauth.c b/lib/ldaputil/ldapauth.c index 40ee9e77..dd062be6 100644 --- a/lib/ldaputil/ldapauth.c +++ b/lib/ldaputil/ldapauth.c @@ -46,6 +46,7 @@ #include <stdio.h> /* for BUFSIZ */ #include <string.h> /* for strncpy, strcat */ #include <ldap.h> +#include <prprf.h> #include <ldaputil/certmap.h> #include <ldaputil/errors.h> @@ -274,7 +275,7 @@ int ldapu_find_uid_attrs (LDAP *ld, const char *uid, const char *base, int retval; /* setup filter as (uid=<uid>) */ - sprintf(filter, ldapu_strings[LDAPU_STR_FILTER_USER], uid); + PR_snprintf(filter, sizeof(filter), ldapu_strings[LDAPU_STR_FILTER_USER], uid); retval = ldapu_find(ld, base, scope, filter, attrs, attrsonly, res); @@ -384,7 +385,7 @@ int ldapu_find_group_attrs (LDAP *ld, const char *groupid, int retval; /* setup the filter */ - sprintf(filter, + PR_snprintf(filter, sizeof(filter), ldapu_strings[LDAPU_STR_FILTER_GROUP], groupid); @@ -497,7 +498,7 @@ int ldapu_auth_udn_gdn_recurse (LDAP *ld, const char *userdn, return LDAPU_ERR_CIRCULAR_GROUPS; /* setup the filter */ - sprintf(member_filter, ldapu_strings[LDAPU_STR_FILTER_MEMBER], userdn, userdn); + PR_snprintf(member_filter, sizeof(member_filter), ldapu_strings[LDAPU_STR_FILTER_MEMBER], userdn, userdn); retval = ldapu_find(ld, groupdn, LDAP_SCOPE_BASE, member_filter, attrs, attrsonly, &res); @@ -510,7 +511,7 @@ int ldapu_auth_udn_gdn_recurse (LDAP *ld, const char *userdn, DBG_PRINT2("Find parent groups of \"%s\"\n", userdn); /* Modify the filter to include the objectclass check */ - sprintf(filter, ldapu_strings[LDAPU_STR_FILTER_MEMBER_RECURSE], + PR_snprintf(filter, sizeof(filter), ldapu_strings[LDAPU_STR_FILTER_MEMBER_RECURSE], member_filter); retval = ldapu_find(ld, base, LDAP_SCOPE_SUBTREE, filter, attrs, attrsonly, &res); @@ -1020,9 +1021,9 @@ int ldapu_auth_uid_attrfilter (LDAP *ld, const char *uid, const char *attrfilter /* setup filter as (& (uid=<uid>) (attrfilter)) */ if (*attrfilter == '(') - sprintf(filter, "(& (uid=%s) %s)", uid, attrfilter); + PR_snprintf(filter, sizeof(filter), "(& (uid=%s) %s)", uid, attrfilter); else - sprintf(filter, "(& (uid=%s) (%s))", uid, attrfilter); + PR_snprintf(filter, sizeof(filter), "(& (uid=%s) (%s))", uid, attrfilter); retval = ldapu_find(ld, base, scope, filter, attrs, attrsonly, &res); diff --git a/lib/libaccess/acl.yy.cpp b/lib/libaccess/acl.yy.cpp index 9ea95ac5..e248cea5 100644 --- a/lib/libaccess/acl.yy.cpp +++ b/lib/libaccess/acl.yy.cpp @@ -472,6 +472,7 @@ char *acltext; #ifdef XP_WIN32 #include <io.h> #endif +#include "plstr.h" #include "parse.h" #include "aclscan.h" @@ -1944,7 +1945,7 @@ acl_InitScanner(NSErr_t *errp, char *filename, char *buffer) acl_lineno = 1; acl_use_buffer = (filename == NULL) ? 1 : 0 ; if ( filename != NULL ) { - strcpy(acl_filename, filename); + PL_strncpyz(acl_filename, filename, sizeof(acl_filename)); #ifdef UTEST aclin = fopen(filename, "r"); if ( aclin == NULL ) { diff --git a/lib/libaccess/aclscan.l b/lib/libaccess/aclscan.l index 671e760a..fc96691b 100644 --- a/lib/libaccess/aclscan.l +++ b/lib/libaccess/aclscan.l @@ -53,6 +53,7 @@ #ifdef XP_WIN32 #include <io.h> #endif +#include "plstr.h" #include "parse.h" #include "aclscan.h" @@ -328,7 +329,7 @@ acl_InitScanner(NSErr_t *errp, char *filename, char *buffer) acl_lineno = 1; acl_use_buffer = (filename == NULL) ? 1 : 0 ; if ( filename != NULL ) { - strcpy(acl_filename, filename); + PL_strncpyz(acl_filename, filename, sizeof(acl_filename)); #ifdef UTEST yyin = fopen(filename, "r"); if ( yyin == NULL ) { diff --git a/lib/libaccess/authdb.cpp b/lib/libaccess/authdb.cpp index d87703f2..dad71bcb 100644 --- a/lib/libaccess/authdb.cpp +++ b/lib/libaccess/authdb.cpp @@ -167,10 +167,10 @@ static int acl_url_to_dbtype (const char *url, ACLDbType_t *dbtype_out) else { /* treat prefix in the url as dbtype if it has been registered. */ - int prefix_len = strcspn(url, ":"); + size_t prefix_len = strcspn(url, ":"); char dbtypestr[BIG_LINE]; - if (prefix_len) { + if (prefix_len && (prefix_len < sizeof(dbtypestr))) { strncpy(dbtypestr, url, prefix_len); dbtypestr[prefix_len] = 0; diff --git a/lib/libaccess/lasdns.cpp b/lib/libaccess/lasdns.cpp index 6b2c4a12..e3a541bd 100644 --- a/lib/libaccess/lasdns.cpp +++ b/lib/libaccess/lasdns.cpp @@ -132,7 +132,7 @@ LASDnsMatch(char *token, LASDnsContext_t *context) int LASDnsBuild(NSErr_t *errp, char *attr_pattern, LASDnsContext_t *context, int aliasflg) { - int delimiter; /* length of valid token */ + size_t delimiter; /* length of valid token */ char token[256]; /* max length dns name */ int i; int ipcnt; @@ -162,9 +162,13 @@ LASDnsBuild(NSErr_t *errp, char *attr_pattern, LASDnsContext_t *context, int ali } do { + size_t maxsize = sizeof(token); /* Get a single hostname from the pattern string */ delimiter = strcspn(attr_pattern, ", \t"); - strncpy(token, attr_pattern, delimiter); + if (delimiter >= maxsize) { + delimiter = maxsize-1; + } + PL_strncpyz(token, attr_pattern, delimiter); token[delimiter] = '\0'; /* Skip any white space after the token */ diff --git a/lib/libaccess/lasip.cpp b/lib/libaccess/lasip.cpp index 3e2ae56a..ed4761d9 100644 --- a/lib/libaccess/lasip.cpp +++ b/lib/libaccess/lasip.cpp @@ -95,6 +95,14 @@ dotdecimal(char *ipstr, char *netmaskstr, int *ip, int *netmask) if (strcspn(ipstr, "0123456789.*")) return LAS_EVAL_INVALID; + if (strlen(netmaskstr) >= sizeof(token)) { + return LAS_EVAL_INVALID; + } + + if (strlen(ipstr) >= sizeof(token)) { + return LAS_EVAL_INVALID; + } + *netmask = *ip = 0; /* Start with "don't care" */ for (i=0; i<4; i++) { @@ -263,6 +271,10 @@ LASIpBuild(NSErr_t *errp, char *attr_name, CmpOp_t comparator, char *attr_patter delimiter = strcspn(curptr, ", \t"); delimiter = (delimiter <= strlen(curptr)) ? delimiter : strlen(curptr); strncpy(token, curptr, delimiter); + if (delimiter >= sizeof(token)) { + return LAS_EVAL_INVALID; + } + token[delimiter] = '\0'; /* skip all the white space after the token */ curptr = strpbrk((curptr+delimiter), "1234567890+.*"); @@ -275,6 +287,9 @@ LASIpBuild(NSErr_t *errp, char *attr_name, CmpOp_t comparator, char *attr_patter curptr = strpbrk((++curptr), "1234567890.*"); delimiter = strcspn(curptr, ", \t"); delimiter = (delimiter <= strlen(curptr)) ? delimiter : strlen(curptr); + if (delimiter >= sizeof(token2)) { + return LAS_EVAL_INVALID; + } strncpy(token2, curptr, delimiter); token2[delimiter] = '\0'; retcode = dotdecimal(token, token2, &ip, &netmask); @@ -512,7 +527,7 @@ int LASIpEval(NSErr_t *errp, char *attr_name, CmpOp_t comparator, /* Cannot reach here. Even a 32 bit mismatch has a conclusion in * the pattern tree. */ - sprintf(ip_str, "%x", ip); + sprintf(ip_str, "%x", (unsigned int)ip); nserrGenerate(errp, ACLERRINTERNAL, ACLERR5240, ACL_Program, 2, XP_GetAdminStr(DBT_lasipevalReach32BitsWithoutConcl_), ip_str); return LAS_EVAL_INVALID; } diff --git a/lib/libaccess/lastod.cpp b/lib/libaccess/lastod.cpp index 4236b2cc..f167cfde 100644 --- a/lib/libaccess/lastod.cpp +++ b/lib/libaccess/lastod.cpp @@ -50,6 +50,7 @@ #include "aclutil.h" #include <libaccess/dbtlibaccess.h> #include <libaccess/aclerror.h> +#include "plstr.h" /* Day of the week LAS driver * Note that everything is case-insensitive. @@ -97,7 +98,7 @@ LASDayOfWeekEval(NSErr_t *errp, char *attr, CmpOp_t comparator, char *pattern, strftime(daystr, 4, "%a", localtime(&t)); #endif makelower(daystr); - strcpy(lcl_pattern, pattern); + PL_strncpyz(lcl_pattern, pattern, sizeof(lcl_pattern)); makelower(lcl_pattern); /* Compare the value to the pattern */ @@ -163,10 +164,18 @@ LASTimeOfDayEval(NSErr_t *errp, char *attr, CmpOp_t comparator, char *pattern, return LAS_EVAL_INVALID; } + if ((size_t)(dash-pattern) >= sizeof(start)) { + nserrGenerate(errp, ACLERRINVAL, ACLERR5610, ACL_Program, 2, XP_GetAdminStr(DBT_illegalComparatorForTimeOfDayDN_), comparator_string(comparator)); + return LAS_EVAL_INVALID; + } strncpy(start, pattern, dash-pattern); start[dash-pattern]='\0'; intstart = atoi(start); + if (strlen(dash+1) >= sizeof(end)) { + nserrGenerate(errp, ACLERRINVAL, ACLERR5610, ACL_Program, 2, XP_GetAdminStr(DBT_illegalComparatorForTimeOfDayDN_), comparator_string(comparator)); + return LAS_EVAL_INVALID; + } strcpy(end, dash+1); intend = atoi(end); diff --git a/lib/libadmin/authdb.c b/lib/libadmin/authdb.c index 2256b25d..d42c6783 100644 --- a/lib/libadmin/authdb.c +++ b/lib/libadmin/authdb.c @@ -60,11 +60,13 @@ NSAPI_PUBLIC char *get_userdb_dir(void) #ifdef USE_ADMSERV char *tmp = getenv("NETSITE_ROOT"); - sprintf(line, "%s%cuserdb", tmp, FILE_PATHSEP); + snprintf(line, sizeof(line), "%s%cuserdb", tmp, FILE_PATHSEP); + line[sizeof(line)-1] = 0; #else char *tmp = get_mag_var("#ServerRoot"); - sprintf(line, "%s%cadmin%cuserdb", tmp, FILE_PATHSEP, FILE_PATHSEP); + snprintf(line, sizeof(line), "%s%cadmin%cuserdb", tmp, FILE_PATHSEP, FILE_PATHSEP); + line[sizeof(line)-1] = 0; #endif userdb = STRDUP(line); return userdb; diff --git a/lib/libsi18n/acclanglist.c b/lib/libsi18n/acclanglist.c index 1fd4f15f..e66d6595 100644 --- a/lib/libsi18n/acclanglist.c +++ b/lib/libsi18n/acclanglist.c @@ -200,6 +200,7 @@ XP_AccLangList(char* AcceptLanguage, /* Add current language for future appending.,make sure it's not on list */ if ((strlen(curLanguageList[i]) > 2) && (curLanguageList[i][2] == '_')) { strncpy(lang, curLanguageList[i], 2); + lang[sizeof(lang)-1] = 0; for (k = 0; (k < index) && strcmp(AcceptLanguageList[k], lang); k++); if (k != index) lang[0] = '\0'; diff --git a/lib/libsi18n/makstrdb.c b/lib/libsi18n/makstrdb.c index 4669a79c..ca69f9b1 100644 --- a/lib/libsi18n/makstrdb.c +++ b/lib/libsi18n/makstrdb.c @@ -119,7 +119,6 @@ XP_MakeStringDatabase(void) char* cptr; RESOURCE_TABLE* table; NSRESHANDLE hresdb; - char DBTlibraryName[128]; /* Creating database */ hresdb = NSResCreateTable(DATABASE_NAME, NULL); @@ -189,7 +188,7 @@ XP_MakeStringProperties(void) */ src = table->str; dest = buffer; - while (*src) { + while (*src && (sizeof(buffer) > (dest-buffer))) { if (*src < 0x20) { strcpy(dest,"\\u00"); dest += 4; |