diff options
Diffstat (limited to 'ldap/clients')
-rw-r--r-- | ldap/clients/dsgw/cgiutil.c | 33 | ||||
-rw-r--r-- | ldap/clients/dsgw/ckdel.c | 6 | ||||
-rw-r--r-- | ldap/clients/dsgw/ckdump.c | 6 | ||||
-rw-r--r-- | ldap/clients/dsgw/ckget.c | 10 | ||||
-rw-r--r-- | ldap/clients/dsgw/ckpurge.c | 5 | ||||
-rw-r--r-- | ldap/clients/dsgw/ckput.c | 22 | ||||
-rw-r--r-- | ldap/clients/dsgw/config.c | 28 | ||||
-rw-r--r-- | ldap/clients/dsgw/cookie.c | 63 | ||||
-rw-r--r-- | ldap/clients/dsgw/dbtdsgw.h | 1 | ||||
-rw-r--r-- | ldap/clients/dsgw/domodify.c | 4 | ||||
-rw-r--r-- | ldap/clients/dsgw/dsexpldif.c | 4 | ||||
-rw-r--r-- | ldap/clients/dsgw/dsgw.h | 49 | ||||
-rw-r--r-- | ldap/clients/dsgw/dsgwutil.c | 20 | ||||
-rw-r--r-- | ldap/clients/dsgw/dsimpldif.c | 6 | ||||
-rw-r--r-- | ldap/clients/dsgw/emitf.c | 76 | ||||
-rw-r--r-- | ldap/clients/dsgw/entrydisplay.c | 13 | ||||
-rw-r--r-- | ldap/clients/dsgw/htmlparse.c | 43 | ||||
-rw-r--r-- | ldap/clients/dsgw/ldaputil.c | 11 | ||||
-rw-r--r-- | ldap/clients/dsgw/templateindex.c | 6 | ||||
-rw-r--r-- | ldap/clients/dsgw/tutor.c | 4 | ||||
-rw-r--r-- | ldap/clients/orgchart/wrapper.c | 13 |
21 files changed, 219 insertions, 204 deletions
diff --git a/ldap/clients/dsgw/cgiutil.c b/ldap/clients/dsgw/cgiutil.c index 85437cf9..965a28f9 100644 --- a/ldap/clients/dsgw/cgiutil.c +++ b/ldap/clients/dsgw/cgiutil.c @@ -236,7 +236,7 @@ dsgw_get_cgi_var(char *varname, int required) if ( required == DSGW_CGIVAR_REQUIRED && ans == NULL ) { char errbuf[ 256 ]; - PR_snprintf( errbuf, 256, + PR_snprintf( errbuf, sizeof(errbuf), XP_GetClientStr(DBT_missingFormDataElement100s_), varname ); dsgw_error( DSGW_ERR_BADFORMDATA, errbuf, DSGW_ERROPT_EXIT, 0, NULL ); } @@ -325,21 +325,24 @@ dsgw_string_to_vec(char *in) vars++; ans = (char **) dsgw_ch_malloc((sizeof(char *)) * (vars+1)); - - x=0; - /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */ - tmp = strtok(in, "&"); - ans[x]=dsgw_ch_strdup(tmp); - dsgw_form_unescape(ans[x++]); - - while((tmp = strtok(NULL, "&"))) { - if ( strchr( tmp, '=' ) == NULL ) { - break; + if (ans) { + x=0; + /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */ + tmp = strtok(in, "&"); + if (tmp && *tmp && strchr(tmp, '=')) { + ans[x]=dsgw_ch_strdup(tmp); + dsgw_form_unescape(ans[x++]); + + while((x <= vars) && (tmp = strtok(NULL, "&"))) { + if ( strchr( tmp, '=' ) == NULL ) { + break; + } + ans[x] = dsgw_ch_strdup(tmp); + dsgw_form_unescape(ans[x++]); + } + } + ans[x] = NULL; } - ans[x] = dsgw_ch_strdup(tmp); - dsgw_form_unescape(ans[x++]); - } - ans[x] = NULL; return(ans); } diff --git a/ldap/clients/dsgw/ckdel.c b/ldap/clients/dsgw/ckdel.c index fa785f4d..596499b4 100644 --- a/ldap/clients/dsgw/ckdel.c +++ b/ldap/clients/dsgw/ckdel.c @@ -45,12 +45,16 @@ main( int argc, char **argv) { char cookie[ 512 ]; + char *ptr; int rc; printf( "Remove an entry to the cookie database\n" ); printf( "cookie: " ); - gets( cookie ); + fgets( cookie, sizeof(cookie), stdin ); + if (ptr = strchr(cookie, '\n')) { + *ptr = 0; + } rc = dsgw_delcookie( cookie ); if ( rc == 0 ) { diff --git a/ldap/clients/dsgw/ckdump.c b/ldap/clients/dsgw/ckdump.c index 5975ed5a..7b0cc54d 100644 --- a/ldap/clients/dsgw/ckdump.c +++ b/ldap/clients/dsgw/ckdump.c @@ -44,12 +44,6 @@ main() { - char *p; - time_t expires; - char dn[ 512 ]; - char pw[ 512 ]; - char expsec[ 512 ]; - #ifdef notdef /* this was some testing code... */ { char *ck, *r, *d, *p; diff --git a/ldap/clients/dsgw/ckget.c b/ldap/clients/dsgw/ckget.c index 6a01aabd..df48500e 100644 --- a/ldap/clients/dsgw/ckget.c +++ b/ldap/clients/dsgw/ckget.c @@ -55,9 +55,15 @@ main() printf( "Retrieve an entry from the cookie database\n" ); printf( "cookie: " ); - gets( cookie ); + fgets( cookie, sizeof(cookie), stdin ); + if (p = strchr(cookie, '\n')) { + *p = 0; + } printf( "dn: " ); - gets( dn ); + fgets( dn, sizeof(dn), stdin ); + if (p = strchr(dn, '\n')) { + *p = 0; + } rc = dsgw_ckdn2passwd( cookie, dn, &pw ); if ( rc == 0 ) { diff --git a/ldap/clients/dsgw/ckpurge.c b/ldap/clients/dsgw/ckpurge.c index cc40037c..1f9bc30f 100644 --- a/ldap/clients/dsgw/ckpurge.c +++ b/ldap/clients/dsgw/ckpurge.c @@ -44,11 +44,6 @@ main() { - char *p; - time_t expires; - char dn[ 512 ]; - char pw[ 512 ]; - char expsec[ 512 ]; int np = 0; time_t last; FILE *fp; diff --git a/ldap/clients/dsgw/ckput.c b/ldap/clients/dsgw/ckput.c index ebf5c2cc..42baf85f 100644 --- a/ldap/clients/dsgw/ckput.c +++ b/ldap/clients/dsgw/ckput.c @@ -59,17 +59,18 @@ main( int argc, char **argv) SEC_RNGInit(); SEC_SystemInfoForRNG(); + dn[0] = pw[0] = lifesec[0] = 0; if ( argc > 1 ) { while (( c = getopt( argc, argv, "d:l:p:" )) != EOF ) { switch ( c ) { case 'd': - strcpy( dn, optarg ); + PL_strncpyz( dn, optarg, sizeof(dn) ); break; case 'l': - strcpy( lifesec, optarg ); + PL_strncpyz( lifesec, optarg, sizeof(lifesec) ); break; case 'p': - strcpy( pw, optarg ); + PL_strncpyz( pw, optarg, sizeof(pw) ); break; } } @@ -77,11 +78,20 @@ main( int argc, char **argv) if ( strlen( dn ) == 0 || strlen( pw ) == 0 || strlen( lifesec ) == 0 ) { printf( "dn: " ); - gets( dn ); + fgets( dn, sizeof(dn), stdin ); + if (p = strchr(dn, '\n')) { + *p = 0; + } printf( "passwd: " ); - gets( pw ); + fgets( pw, sizeof(pw), stdin ); + if (p = strchr(pw, '\n')) { + *p = 0; + } printf( "expires in how many seconds? " ); - gets( lifesec ); + fgets( lifesec, sizeof(lifesec), stdin ); + if (p = strchr(lifesec, '\n')) { + *p = 0; + } } lifetime = atol( lifesec ); diff --git a/ldap/clients/dsgw/config.c b/ldap/clients/dsgw/config.c index 3cd0e73d..346f91f9 100644 --- a/ldap/clients/dsgw/config.c +++ b/ldap/clients/dsgw/config.c @@ -298,22 +298,6 @@ dsgw_read_config() read_dsgwconfig( fname, NULL, gc->gc_admserv, 0 ); free( fname ); -#if 0 - /* if necessary, try to set path to certificate database */ -#ifndef DSGW_NO_SSL - if ( gc->gc_ldapssl && gc->gc_securitypath == NULL ) { - if ( gc->gc_admserv ) { - if (( p = get_nsadm_var( "CertFile" )) != NULL ) { - gc->gc_securitypath = dsgw_ch_malloc( strlen( p ) + 4 ); - sprintf( gc->gc_securitypath, "%s.db", p ); - } - } else { - gc->gc_securitypath = DSGW_DEFSECURITYPATH; - } - } -#endif -#endif - if ( browser_ignores_acceptcharset() ) { set_dsgwcharset(); } else { @@ -379,7 +363,7 @@ read_dsgwconfig( char *filename, char *locsuffix, int templatesonly, int binddnf if ( strstr( filename, "dsgw-l10n.conf" ) != NULL ) { return; /* ignore if it's dsgw-l10n.conf */ } - PR_snprintf( buf, MAXPATHLEN + 100, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_cannotOpenConfigFileSN_), filename ); dsgw_error( DSGW_ERR_BADCONFIG, buf, DSGW_ERROPT_EXIT, 0, NULL ); } @@ -978,7 +962,7 @@ app_suffix (char *ldif, char *suffix) return; } - PR_snprintf( tmpldif, 128, "%s.tmp", ldif); + PR_snprintf( tmpldif, sizeof(tmpldif), "%s.tmp", ldif); if ( (newfp = fopen( tmpldif, "w" )) == NULL ) { dsgw_emitf (XP_GetClientStr(DBT_AppSuffixCouldNotOpenTmpFileSN_), ldif); @@ -1199,7 +1183,7 @@ dsgw_update_dbswitch( dsgwconfig *cfgp, char *dbhandle, int erropts ) } /* read old dbswitch.conf contents */ - PR_snprintf( oldfname, MAXPATHLEN, "%s/%s", userdb_path, + PR_snprintf( oldfname, sizeof(oldfname), "%s/%s", userdb_path, DSGW_DBSWITCH_FILE ); if (( rc = dbconf_read_config_file( oldfname, &cip )) != LDAPU_SUCCESS ) { report_ldapu_error( rc, DSGW_ERR_BADCONFIG, erropts ); @@ -1207,10 +1191,10 @@ dsgw_update_dbswitch( dsgwconfig *cfgp, char *dbhandle, int erropts ) } /* write db info to new file, replacing information for "dbhandle" */ - PR_snprintf( newfname, MAXPATHLEN, "%s/%s", userdb_path, + PR_snprintf( newfname, sizeof(newfname), "%s/%s", userdb_path, DSGW_DBSWITCH_TMPFILE ); if (( newfp = fopen( newfname, "w" )) == NULL ) { - PR_snprintf( buf, MAXPATHLEN + 100, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_cannotOpenConfigFileSForWritingN_), newfname ); dsgw_error( DSGW_ERR_UPDATE_DBSWITCH, buf, erropts, 0, NULL ); return( -1 ); @@ -1693,7 +1677,7 @@ fp_parse_line( for ( token = strtok_quote( line, " \t" ); token != NULL; token = strtok_quote( NULL, " \t" ) ) { if ( *argcp == MAXARGS ) { - PR_snprintf( buf, 20, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_maxD_), MAXARGS ); dsgw_error( DSGW_ERR_CONFIGTOOMANYARGS, buf, DSGW_ERROPT_EXIT, 0, NULL ); diff --git a/ldap/clients/dsgw/cookie.c b/ldap/clients/dsgw/cookie.c index 028dd1a9..681d10e2 100644 --- a/ldap/clients/dsgw/cookie.c +++ b/ldap/clients/dsgw/cookie.c @@ -144,8 +144,8 @@ dsgw_mkrndstr() PK11_ConfigurePKCS11(NULL, NULL, tokDes, ptokDes, NULL, NULL, NULL, NULL, 0, 0 ); /*NSS_NoDB_Init(NULL);*/ dsgw_initNSS(); - PK11_GenerateRandom(buf, RNDBUFLEN); - return( buf2str( buf, RNDBUFLEN )); + PK11_GenerateRandom(buf, sizeof(buf)); + return( buf2str( buf, sizeof(buf) )); } @@ -162,7 +162,7 @@ dsgw_opencookiedb() #define F_OK 0 #endif #endif - sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context); + PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context); if ( access( cdb, F_OK ) == 0 ) { fp = fopen( cdb, "r+" ); @@ -253,7 +253,7 @@ dsgw_ckdn2passwd( char *rndstr, char *dn, char **ret_pw ) } for (;;) { - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { dsgw_closecookiedb( fp ); #ifdef DSGW_DEBUG dsgw_log( "dsgw_ckdn2passwd: cookie <%s> not found in db\n", @@ -433,14 +433,14 @@ dsgw_delcookie( char *cookie ) if (( fp = dsgw_opencookiedb()) == NULL ) { return -1; } - fgets( buf, CKBUFSIZ, fp ); + fgets( buf, sizeof(buf), fp ); if ( strncmp( buf, "lastpurge:", 10 )) { dsgw_closecookiedb( fp ); return -1; } rc = DSGW_CKDB_KEY_NOT_PRESENT; for (;;) { - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { break; } if ( strncmp( buf, rndstr, CKLEN )) { @@ -513,7 +513,7 @@ dsgw_getlastpurged( FILE *fp ) pos = ftell( fp ); fseek( fp, 0L, SEEK_SET ); - fgets( buf, CKBUFSIZ, fp ); + fgets( buf, sizeof(buf), fp ); if ( strncmp( buf, "lastpurge:", 10 )) { ret = (time_t) 0L; } else { @@ -553,7 +553,7 @@ dsgw_purgedatabase( char *dn ) size_t csize; /* current size of file */ char cdb[MAXPATHLEN]; /*DSGW_COOKIEDB_FNAME + context*/ - sprintf(cdb, "%s.%s", DSGW_COOKIEDB_FNAME, context); + PR_snprintf(cdb, sizeof(cdb), "%s.%s", DSGW_COOKIEDB_FNAME, context); if (( fp = dsgw_opencookiedb()) == NULL ) { return -1; @@ -576,10 +576,11 @@ dsgw_purgedatabase( char *dn ) char *p; char *dbdn; int nukeit; + size_t maxlen = sizeof(expbuf); nukeit = 0; - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { break; } if ( strncmp( buf, "lastpurge:", 10 ) == 0 ) { @@ -596,8 +597,13 @@ dsgw_purgedatabase( char *dn ) dsgw_closecookiedb( fp ); return -1; } - strncpy( expbuf, exp, p - exp ); - expbuf[ p - exp ] = '\0'; + if ((p - exp) < maxlen) { + maxlen = p - exp; + } else { + maxlen--; /* need a length, not a count */ + } + strncpy( expbuf, exp, maxlen ); + expbuf[ maxlen ] = '\0'; time( &now ); /* Get the entry's DN */ @@ -678,7 +684,7 @@ dsgw_traverse_db() return; } - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { dsgw_closecookiedb( fp ); printf( "Cookie database is empty (no lastpurge line)\n" ); return; @@ -686,8 +692,9 @@ dsgw_traverse_db() puts( buf ); for (;;) { + size_t maxlen = sizeof(expbuf); char *p; - if ( fgets( buf, CKBUFSIZ, fp ) == NULL ) { + if ( fgets( buf, sizeof(buf), fp ) == NULL ) { dsgw_closecookiedb( fp ); printf( "%d entries, %d expired\n", total, expired ); return; @@ -702,8 +709,13 @@ dsgw_traverse_db() return; } printf( "%s", buf ); - strncpy( expbuf, exp, p - exp + 1 ); - expbuf[ p - exp + 1 ] = '\0'; + if ((p - exp + 1) < maxlen) { + maxlen = p - exp + 1; + } else { + maxlen--; /* need a length, not a count */ + } + strncpy( expbuf, exp, maxlen ); + expbuf[ maxlen ] = '\0'; time( &now ); total++; if ( now > atol( expbuf )) { @@ -752,6 +764,7 @@ dsgw_mkcookie( char *dn, char *password, time_t lifetime, int *err ) return NULL; } + /* richm: replace with PR_smprintf */ ckbuf = dsgw_ch_malloc( strlen( DSGW_CKHDR ) + strlen( r ) + strlen( edn ) + strlen( DSGW_AUTHCKNAME ) + 2 + 20 ); ckbuf[ 0 ] = '\0'; @@ -770,26 +783,6 @@ dsgw_mkcookie( char *dn, char *password, time_t lifetime, int *err ) -#if 0 -/* - * Given a time_t, return a GMTString representation of that time. - */ -char * -dsgw_t2gmts( time_t cktime ) -{ - time_t tnl; - struct tm *pt; -#define TBUFSIZE 40 - char tbuf[ TBUFSIZE ]; - - tnl = time( NULL ); - pt = gmtime( &tnl ); - (void)strftime( tbuf, (size_t)TBUFSIZE, "%A, %d-%b-%y %T GMT", pt); - return( dsgw_ch_strdup( tbuf )); -} -#endif - - /* * Password obfuscation, etc. * There is no real security here -- we just encrypt using a hard-coded key. diff --git a/ldap/clients/dsgw/dbtdsgw.h b/ldap/clients/dsgw/dbtdsgw.h index 78546b64..9a7a01ea 100644 --- a/ldap/clients/dsgw/dbtdsgw.h +++ b/ldap/clients/dsgw/dbtdsgw.h @@ -463,5 +463,6 @@ BEGIN_STR(dsgw) ResDef( DBT_missingArgumentForOrgChartURLDirectiv_, 412, "Missing argument for \"url-orgchart-base\" directive\n" )/*extracted from config.c*/ ResDef( DBT_missingArgumentForOrgChartSearchAttr_ , 413, "Missing argument for \"orgchart-attrib-farleft-rdn\" directive\n" )/*extracted from config.c*/ ResDef( DBT_theCharsetIsNotSupported , 414, "The charset is not supported\n" ) + ResDef( DBT_invalidTemplateVarLen, 415, "The string length %d of template variable \"%s\" is too long\n" ) END_STR(dsgw) diff --git a/ldap/clients/dsgw/domodify.c b/ldap/clients/dsgw/domodify.c index 0d935f01..6ff48403 100644 --- a/ldap/clients/dsgw/domodify.c +++ b/ldap/clients/dsgw/domodify.c @@ -153,7 +153,7 @@ post_request() } if ( !quiet ) { - PR_snprintf( buf, 256, + PR_snprintf( buf, sizeof(buf), XP_GetClientStr(DBT_SDirectoryEntry_), changedesc ); dsgw_html_begin( buf, 1 ); } else { @@ -413,7 +413,7 @@ static int entry_modify_or_add( LDAP *ld, char *dn, int add, int *pwdchangedp ) { int lderr, i, j, opoffset, modop, mls, unique, unchanged_count; - char *varname, *varvalue, *retval, *attr, *p, **vals, **unchanged_attrs; + char *varname, *varvalue, *attr, *p, **vals, **unchanged_attrs; char *ntuserid = NULL; LDAPMod **pmods; diff --git a/ldap/clients/dsgw/dsexpldif.c b/ldap/clients/dsgw/dsexpldif.c index 79c0cdf3..66d0b040 100644 --- a/ldap/clients/dsgw/dsexpldif.c +++ b/ldap/clients/dsgw/dsexpldif.c @@ -124,14 +124,14 @@ handle_post() if (gc->gc_localdbconf == NULL) { /* remote */ - PR_snprintf (cmd, BIG_LINE, + PR_snprintf (cmd, sizeof(cmd), "./%s -b \"%s\" -h %s -p %d \"objectclass=*\" > %s 2> %s", DSGW_LDAPSEARCH, gc->gc_ldapsearchbase, gc->gc_ldapserver, gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE); } else { /* local database */ - PR_snprintf (cmd, BIG_LINE, + PR_snprintf (cmd, sizeof(cmd), "./%s -b \"\" -C %s \"objectclass=*\" > %s 2> %s", DSGW_LDAPSEARCH, gc->gc_localdbconf, ldiffile, DSGW_NULL_DEVICE); } diff --git a/ldap/clients/dsgw/dsgw.h b/ldap/clients/dsgw/dsgw.h index a35d2fb7..cbffeec8 100644 --- a/ldap/clients/dsgw/dsgw.h +++ b/ldap/clients/dsgw/dsgw.h @@ -825,7 +825,12 @@ void dsgw_remove_leading_and_trailing_spaces( char **sp ); int dsgw_parse_cookie( char *cookie, char **rndstr, char **dn ); char *dsgw_getvp( int cginum ); #ifdef DSGW_DEBUG -void dsgw_log( char *fmt, ... ); +void dsgw_log( char *fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif void dsgw_logstringarray( char *arrayname, char **strs ); void dsgw_log_out (const char* s, size_t n); #else @@ -875,16 +880,36 @@ void dsgw_html_href( char *urlprefix, char *url, char *label, char *value, void dsgw_strcat_escaped( char *s1, const char *s2 ); char *dsgw_strdup_escaped( const char *s ); void dsgw_substitute_and_output( char *s, char *tag, char *value, int escape ); -void dsgw_form_begin( const char* name, const char* format, ... ); +void dsgw_form_begin( const char* name, const char* format, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif char *dsgw_strdup_with_entities( char *s, int *madecopyp ); void dsgw_HTML_emits( char * ); void dsgw_emit_cgi_var( int argc, char **argv ); -void dsgw_emit_button( int argc, char **argv, const char* format, ... ); +void dsgw_emit_button( int argc, char **argv, const char* format, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif void dsgw_emit_alertForm(); -void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... ); +void dsgw_emit_alert( const char* frame, const char* windowOptions, const char* fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 3, 4))); +#else + ; +#endif void dsgw_emit_confirmForm(); void dsgw_emit_confirm( const char* frame, const char* yes, const char* no, - const char* windowOptions, int enquote, const char* fmt, ... ); + const char* windowOptions, int enquote, const char* fmt, ... ) +#ifdef __GNUC__ + __attribute__ ((format (printf, 6, 7))); +#else + ; +#endif /* * in htmlparse.c: @@ -983,7 +1008,12 @@ void dsgw_emit_auth_dest( char *binddn, char* authdesturl ); * in emitf.c */ int dsgw_emits (const char* s); /* like fputs(s, stdout) */ -int dsgw_emitf (const char* format, ...); /* like printf */ +int dsgw_emitf (const char* format, ...) /* like printf */ +#ifdef __GNUC__ + __attribute__ ((format (printf, 1, 2))); +#else + ; +#endif int dsgw_emitfv (const char* format, va_list argl); char* dsgw_emit_converts_to (char* charset); int is_UTF_8 (const char* charset); @@ -995,7 +1025,12 @@ size_t dsgw_fputn (FILE*, const char* buf, size_t len); void dsgw_quotation_begin (int kind); void dsgw_quotation_end(); int dsgw_quote_emits (int kind, const char* s); -int dsgw_quote_emitf (int kind, const char* format, ...); +int dsgw_quote_emitf (int kind, const char* format, ...) +#ifdef __GNUC__ + __attribute__ ((format (printf, 2, 3))); +#else + ; +#endif /* * in collate.c diff --git a/ldap/clients/dsgw/dsgwutil.c b/ldap/clients/dsgw/dsgwutil.c index afb16f74..a353f041 100644 --- a/ldap/clients/dsgw/dsgwutil.c +++ b/ldap/clients/dsgw/dsgwutil.c @@ -927,7 +927,7 @@ dsgw_get_tmp_log_dir() #endif install_dir = getenv("NETSITE_ROOT"); if (install_dir != NULL) { - sprintf(tmp_log, "%s/tmp/dsgw", install_dir); + PR_snprintf(tmp_log, sizeof(tmp_log), "%s/tmp/dsgw", install_dir); #if defined( XP_WIN32 ) for(ilen=0; ilen < strlen(tmp_log); ilen++) { @@ -937,15 +937,15 @@ dsgw_get_tmp_log_dir() #endif /* XP_WIN32 */ } else { #if defined( XP_WIN32 ) - ilen = strlen(tmp_dir); GetTempPath( ilen+1, tmp_dir ); + ilen = strlen(tmp_dir); /* Remove trailing slash. */ pch = tmp_dir[ilen-1]; if( pch == '\\' || pch == '/' ) tmp_dir[ilen-1] = '\0'; - sprintf(tmp_log, "%s\\DSGW", tmp_dir); + PR_snprintf(tmp_log, sizeof(tmp_log), "%s\\DSGW", tmp_dir); #else - sprintf(tmp_log, "/tmp/dsgw"); + PR_snprintf(tmp_log, sizeof(tmp_log), "/tmp/dsgw"); #endif } return tmp_log; @@ -964,7 +964,7 @@ dsgw_log_out (const char* s, size_t n) #else "%s/%.50s.out"; #endif - PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname ); + PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname ); log_out_fp = fopen( fname, "w" ); } if (log_out_fp != NULL) { @@ -996,14 +996,14 @@ dsgw_log( char *fmt, ... ) #else "%s/%.50s"; #endif - PR_snprintf( fname, 256, format, dsgw_get_tmp_log_dir(), progname ); + PR_snprintf( fname, sizeof(fname), format, dsgw_get_tmp_log_dir(), progname ); if (( logfp = fopen( fname, "a+" )) == NULL ) { return; } } - memcpy( timebuf, ctime( &t ), 19 ); - timebuf[ 19 ] = '\0'; + memcpy( timebuf, ctime( &t ), sizeof(timebuf)-1 ); + timebuf[ sizeof(timebuf)-1 ] = '\0'; fprintf( logfp, "%s %s: ", timebuf, progname ); va_start( ap, fmt ); @@ -1327,7 +1327,7 @@ AcceptLangList(const char* AcceptLanguage, } } for ( i=0 ; i<countLang ; i++ ) { - strcpy(AcceptLanguageList[i],ptrLanguage[i]); + PL_strncpyz(AcceptLanguageList[i],ptrLanguage[i],sizeof(AcceptLanguageList[i])); } } else { @@ -1336,7 +1336,7 @@ AcceptLangList(const char* AcceptLanguage, cPtr = strtok(input,","); while (cPtr) { if (strlen(cPtr)<MAX_ACCEPT_LENGTH) { /* ignore if too long */ - strcpy(AcceptLanguageList[countLang++],cPtr); + PL_strncpyz(AcceptLanguageList[countLang++],cPtr,sizeof(AcceptLanguageList[i])); if (countLang>=MAX_ACCEPT_LANGUAGE) break; /* quit if too many */ } cPtr = strtok(NULL,","); diff --git a/ldap/clients/dsgw/dsimpldif.c b/ldap/clients/dsgw/dsimpldif.c index cceb7083..407fa662 100644 --- a/ldap/clients/dsgw/dsimpldif.c +++ b/ldap/clients/dsgw/dsimpldif.c @@ -148,17 +148,17 @@ handle_post() if (gc->gc_localdbconf == NULL) { /* remote */ - PR_snprintf (cmd, BIG_LINE, "./%s -a %s -h %s -p %d -f %s > %s 2>&1", + PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -h %s -p %d -f %s > %s 2>&1", DSGW_LDAPMODIFY, stop?"":"-c",gc->gc_ldapserver, gc->gc_ldapport, ldiffile, DSGW_NULL_DEVICE); } else { /* local database */ - PR_snprintf (cmd, BIG_LINE, "./%s -a %s -C %s -f %s > %s 2>&1", + PR_snprintf (cmd, sizeof(cmd), "./%s -a %s -C %s -f %s > %s 2>&1", DSGW_LDAPMODIFY, stop?"":"-c", gc->gc_localdbconf, ldiffile, DSGW_NULL_DEVICE); } - PR_snprintf (path, BIG_LINE, "%s%s", userdb_path, DSGW_TOOLSDIR); + PR_snprintf (path, sizeof(path), "%s%s", userdb_path, DSGW_TOOLSDIR); chdir ( path ); fflush (stdout); if (system (cmd) == 0) { diff --git a/ldap/clients/dsgw/emitf.c b/ldap/clients/dsgw/emitf.c index a1f85dde..a6352821 100644 --- a/ldap/clients/dsgw/emitf.c +++ b/ldap/clients/dsgw/emitf.c @@ -188,12 +188,12 @@ dsgw_vxprintf (dsgw_producer produce, void* parm, char deffmt[DEFFMTC]; char* fmt = deffmt; - size_t fmtc = DEFFMTC; + size_t fmtc = sizeof(deffmt); const char* next; const char* f; - char buf [1024]; + char buf [1024] = {0}; int i; i = count_slots (format); @@ -396,33 +396,33 @@ dsgw_vxprintf (dsgw_producer produce, void* parm, } /* produce a single argument */ switch (islot->type) { - case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break; - case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break; - case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break; - case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break; - case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break; - case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break; - case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break; + case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break; + case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break; + case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break; + case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break; + case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break; + case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break; + case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break; case TYPE_WIDTH: case TYPE_PRECISION: switch ((++islot)->type) { - case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break; - case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break; - case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break; - case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break; - case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break; - case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break; - case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break; + case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break; + case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break; + case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break; + case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break; + case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break; + case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break; + case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break; case TYPE_WIDTH: case TYPE_PRECISION: switch ((++islot)->type) { - case TYPE_I: PR_snprintf (buf, 1024, fmt, argv[islot->arg].i); break; - case TYPE_U: PR_snprintf (buf, 1024, fmt, argv[islot->arg].u); break; - case TYPE_F: PR_snprintf (buf, 1024, fmt, argv[islot->arg].f); break; - case TYPE_LI: PR_snprintf (buf, 1024, fmt, argv[islot->arg].li); break; - case TYPE_LU: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lu); break; - case TYPE_LF: PR_snprintf (buf, 1024, fmt, argv[islot->arg].lf); break; - case TYPE_P: PR_snprintf (buf, 1024, fmt, argv[islot->arg].p); break; + case TYPE_I: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].i); break; + case TYPE_U: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].u); break; + case TYPE_F: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].f); break; + case TYPE_LI: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].li); break; + case TYPE_LU: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lu); break; + case TYPE_LF: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].lf); break; + case TYPE_P: PR_snprintf (buf, sizeof(buf), fmt, argv[islot->arg].p); break; case TYPE_WIDTH: case TYPE_PRECISION: goto bail; /* how did this happen? */ case TYPE_PERCENT: @@ -647,7 +647,7 @@ dsgw_emitn (void* parm, const char* s, size_t n) s += slen; /* advance pointer to next unconverted chars */ /* convert as many chars from s as will fit in buf */ result = dsgw_convert(DSGW_FROM_UTF8, emit_converter, - &bufptr, CONVERT_BUFSIZE, &len, + &bufptr, sizeof(buf), &len, s, n, &slen, &err); /* write the converted chars to the output */ n = dsgw_emitq ((FILE*)parm, buf, len); @@ -661,34 +661,6 @@ dsgw_emitn (void* parm, const char* s, size_t n) return parm; } -#if 0 -static void -dsgw_convert (void* parm, const char* s, size_t n) - /* Transform the output, in a visually distinctive way. - This function is intended for testing, only. - */ -{ - while (parm && n > 0) { - const size_t len = LDAP_UTF8LEN(s); - if (len == 1 && *s >= '!' && *s <= '~') { /* ASCII */ - /* output the double-width variant of this character */ - unsigned c = (unsigned)*s - '!' + 0xFF01; - unsigned char buf[3]; - buf[2] = 0x80 | (c & 0x3F); c >>= 6; - buf[1] = 0x80 | (c & 0x3F); c >>= 6; - buf[0] = 0xE0 | (c & 0x0F); - parm = dsgw_emitn (parm, (char*)buf, 3); - } else { - parm = dsgw_emitn (parm, s, len); - } - if (parm) { - n -= len; - s += len; - } - } -} -#endif - int dsgw_emits (const char* s) /* This function works like fputs(s, stdout), except it diff --git a/ldap/clients/dsgw/entrydisplay.c b/ldap/clients/dsgw/entrydisplay.c index 3a1bbb29..506044b5 100644 --- a/ldap/clients/dsgw/entrydisplay.c +++ b/ldap/clients/dsgw/entrydisplay.c @@ -239,7 +239,9 @@ static void dsgw_value_free( void **ldvals, int binary ) ; static char *dsgw_time(time_t secs_since_1970); /* attribute syntax handler routines */ +#if NEEDED_FOR_DEBUGGING static void ntdomain_display( struct dsgw_attrdispinfo *adip ); +#endif static void ntuserid_display( struct dsgw_attrdispinfo *adip ); static void str_display( struct dsgw_attrdispinfo *adip ); static void str_edit( struct dsgw_attrdispinfo *adip ); @@ -1623,10 +1625,10 @@ binvalue_display( struct dsgw_attrdispinfo *adip ) memcpy( &iValue, bin_data.bv_val, sizeof( iValue ) ); if(( adip->adi_opts & DSGW_ATTROPT_DECIMAL ) != 0 ) - PR_snprintf( szFormat, 512, "%%lu" ); + PR_snprintf( szFormat, sizeof(szFormat), "%%lu" ); else - PR_snprintf( szFormat, 512, "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 ); - PR_snprintf( szFlags, 512, szFormat, iValue ); + PR_snprintf( szFormat, sizeof(szFormat), "%%#0%lu.%lux", bin_data.bv_len*2, bin_data.bv_len*2 ); + PR_snprintf( szFlags, sizeof(szFlags), szFormat, iValue ); fputs( szFlags, stdout ); @@ -1639,6 +1641,7 @@ binvalue_display( struct dsgw_attrdispinfo *adip ) } } +#if NEEDED_FOR_DEBUGGING /* * display handler for NT Domain Identifier string */ @@ -1671,7 +1674,7 @@ ntdomain_display( struct dsgw_attrdispinfo *adip ) } } - +#endif /* @@ -3222,7 +3225,7 @@ dsgw_time(time_t secs_since_1970) } /* convert to utf8 */ - u_strToUTF8(obuf, BSIZ, NULL, dstr0, myStrlen, &err); + u_strToUTF8(obuf, sizeof(obuf), NULL, dstr0, myStrlen, &err); if (err != U_ZERO_ERROR) { dsgw_error( DSGW_ERR_LDAPGENERAL, NULL, DSGW_ERROPT_EXIT, err, NULL ); diff --git a/ldap/clients/dsgw/htmlparse.c b/ldap/clients/dsgw/htmlparse.c index 3b0007fc..9aa2567f 100644 --- a/ldap/clients/dsgw/htmlparse.c +++ b/ldap/clients/dsgw/htmlparse.c @@ -202,14 +202,14 @@ void *condarg } else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT && !strcmp(templates[ index ].name + 1, "CONTEXT ")) { char line[ BIG_LINE ]; - PR_snprintf( line, BIG_LINE, templates[ index ].format, context); + PR_snprintf( line, sizeof(line), templates[ index ].format, context); dsgw_emits( line ); } else if ( parse_status != DSGW_PARSE_STATUS_NO_OUTPUT ) { /* I just can't believe there's no easy way to create * a va_list. */ char line[ BIG_LINE ]; - PR_snprintf( line, BIG_LINE, templates[ index ].format, + PR_snprintf( line, sizeof(line), templates[ index ].format, ( *argc > 0 && vars[ 0 ] != NULL ) ? vars[ 0 ]: "", ( *argc > 1 && vars[ 1 ] != NULL ) ? vars[ 1 ]: "", ( *argc > 2 && vars[ 2 ] != NULL ) ? vars[ 2 ]: "", @@ -377,14 +377,14 @@ dsgw_pageheader(int argc, char **argv) dsgw_emits("<center><table border=2 width=100%%>\n"); - util_snprintf(line, BIG_LINE, "<tr>"); + util_snprintf(line, sizeof(line), "<tr>"); dsgw_emits(line); - util_snprintf(line, BIG_LINE, "<td align=center width=100%%>"); + util_snprintf(line, sizeof(line), "<td align=center width=100%%>"); dsgw_emits(line); - util_snprintf(line, BIG_LINE, "<hr size=0 width=0>"); + util_snprintf(line, sizeof(line), "<hr size=0 width=0>"); dsgw_emits(line); - util_snprintf(line, BIG_LINE, "<FONT size=+2><b>%s</b></FONT>" + util_snprintf(line, sizeof(line), "<FONT size=+2><b>%s</b></FONT>" "<hr size=0 width=0>" "</th>", ( argc > 0 ) ? argv[0] : "" ); dsgw_emits(line); @@ -399,7 +399,7 @@ dsgw_title( int argc, char **argv) char line[BIG_LINE]; dsgw_emits("<HTML>"); dsgw_head_begin(); - util_snprintf(line, BIG_LINE, "\n<TITLE>%s</TITLE></HEAD>\n" + util_snprintf(line, sizeof(line), "\n<TITLE>%s</TITLE></HEAD>\n" "<BODY %s>\n", ( argc > 0 ) ? argv[0] : "", dsgw_html_body_colors ); dsgw_emits(line); } @@ -411,10 +411,10 @@ dsgw_body( int argc, char **argv) char line[BIG_LINE]; if ( argc > 0 ) { - util_snprintf(line, BIG_LINE, "<BODY %s %s>\n", dsgw_html_body_colors, + util_snprintf(line, sizeof(line), "<BODY %s %s>\n", dsgw_html_body_colors, ( argc > 0 ) ? argv[0] : "" ); } else { - util_snprintf(line, BIG_LINE, "<BODY %s>\n", dsgw_html_body_colors ); + util_snprintf(line, sizeof(line), "<BODY %s>\n", dsgw_html_body_colors ); } dsgw_emits(line); @@ -451,14 +451,14 @@ dsgw_submit(int verify, char **vars) if(!verify) { char outstr[256]; - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=submit value=\"%s\">" "</td>\n", XP_GetClientStr(DBT_ok_1)); dsgw_emits(outstr); } else { char outstr[256]; - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=button value=\"%s\" " "onclick=\"verify(this.form)\">" "</td>\n", @@ -467,7 +467,7 @@ dsgw_submit(int verify, char **vars) } { char outstr[256]; - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=reset value=\"%s\"></td>\n", XP_GetClientStr(DBT_reset_)); dsgw_emits(outstr); @@ -489,12 +489,12 @@ dsgw_dialogsubmit(void) dsgw_emits("<center><table border=2 width=100%%><tr>"); - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=submit value=\"%s\">" "</td>\n", XP_GetClientStr(DBT_done_)); dsgw_emits(outstr); - PR_snprintf(outstr, 256, "<td width=50%% align=center>" + PR_snprintf(outstr, sizeof(outstr), "<td width=50%% align=center>" "<input type=button value=\"%s\" " "onClick=\"top.close()\"></td>\n", XP_GetClientStr(DBT_cancel_2)); @@ -707,8 +707,19 @@ int *argc } } else { if ( isvar != -1 ) { - isvar += LDAP_UTF8COPY(scratch + isvar, string); - scratch[ isvar ] = '\0'; + /* check for scratch overflow */ + if ((strlen(string) + isvar) < sizeof(scratch)) { + isvar += LDAP_UTF8COPY(scratch + isvar, string); + scratch[ isvar ] = '\0'; + } else { + char msg[BUFSIZ]; + /* error - buffer overflow */ + PR_snprintf(msg, sizeof(msg), XP_GetClientStr(DBT_invalidTemplateVarLen), + strlen(string), string); + template_error(msg); + *argc = 0; + return NULL; + } } else { if ( *string == DIRECTIVE_END ) { break; diff --git a/ldap/clients/dsgw/ldaputil.c b/ldap/clients/dsgw/ldaputil.c index d2a396f0..750fee67 100644 --- a/ldap/clients/dsgw/ldaputil.c +++ b/ldap/clients/dsgw/ldaputil.c @@ -50,6 +50,7 @@ #include <io.h> #include <fcntl.h> #endif +#include "libadminutil/distadm.h" static dsgwtmplinfo *init_listdisplay( char *tmplname, unsigned long options ); static int do_search( dsgwtmplinfo *tip, LDAP *ld, char *base, int scope, @@ -1305,7 +1306,7 @@ uid2dn( LDAP *ld, char *uid, char *base, int *ldaprc, char **lderrtxtp, *errsp = XP_GetClientStr(DBT_invalidUserIdOrNullLdapHandle_); return NULL; } - PR_snprintf( filtbuf, 85, "uid=%s", uid ); + PR_snprintf( filtbuf, sizeof(filtbuf), "uid=%s", uid ); if (( rc = ldap_search_s( ld, base, LDAP_SCOPE_SUBTREE, filtbuf, attrs, 1, &result )) != LDAP_SUCCESS ) { @@ -1423,10 +1424,10 @@ dsgw_emit_location_popup( LDAP *ld, int argc, char **argv, int erropts ) } if ( count > 1 ) { - util_snprintf( line, BIG_LINE, "%s\n<SELECT NAME=\"%s\">\n", + util_snprintf( line, sizeof(line), "%s\n<SELECT NAME=\"%s\">\n", prefix, varname ); } else { - util_snprintf( line, BIG_LINE, "<INPUT TYPE=\"hidden\" NAME=\"%s\" ", + util_snprintf( line, sizeof(line), "<INPUT TYPE=\"hidden\" NAME=\"%s\" ", varname ); } dsgw_emits( line ); @@ -1463,7 +1464,7 @@ dsgw_emit_location_popup( LDAP *ld, int argc, char **argv, int erropts ) } if ( count > 1 ) { - util_snprintf( line, BIG_LINE, "</SELECT>\n%s\n", suffix ); + util_snprintf( line, sizeof(line), "</SELECT>\n%s\n", suffix ); dsgw_emits( line ); } @@ -1500,7 +1501,7 @@ emit_one_loc_dn( char *dn, char *friendlyname, char *rootname, int only_one ) } } - util_snprintf( line, BIG_LINE, " VALUE=\"%s\">%s\n", escapeddn, + util_snprintf( line, sizeof(line), " VALUE=\"%s\">%s\n", escapeddn, only_one ? "" : friendlyname ); free( escapeddn ); if ( rdns != NULL ) { diff --git a/ldap/clients/dsgw/templateindex.c b/ldap/clients/dsgw/templateindex.c index 40df74f7..80c40c4b 100644 --- a/ldap/clients/dsgw/templateindex.c +++ b/ldap/clients/dsgw/templateindex.c @@ -63,11 +63,11 @@ char **ds_get_file_list( char *dir ) if( ( dir == NULL ) || (strlen( dir ) == 0) ) return NULL; - if( ( ret = malloc( sizeof( char * ) ) ) == NULL ) + if( ( ret = malloc( sizeof( char * ) * 2 ) ) == NULL ) return NULL; - strcpy(szWildcardFileSpec, dir); - strcat(szWildcardFileSpec, "/*"); + PL_strncpyz(szWildcardFileSpec, dir, sizeof(szWildcardFileSpec)); + PL_strcatn(szWildcardFileSpec, sizeof(szWildcardFileSpec), "/*"); hFile = _findfirst( szWildcardFileSpec, &fileinfo); if( hFile == -1 ) diff --git a/ldap/clients/dsgw/tutor.c b/ldap/clients/dsgw/tutor.c index 6803e470..11b3a564 100644 --- a/ldap/clients/dsgw/tutor.c +++ b/ldap/clients/dsgw/tutor.c @@ -124,7 +124,7 @@ void _my_return_html_file(char *filename, char *base) { *tmp='\0'; dsgw_emitf("<BASE href=\"%s%s/%s\">\n", surl, sn, base); } - while( fgets(line, BIG_LINE, html)) { + while( fgets(line, sizeof(line), html)) { dsgw_emits( line ); } } @@ -210,7 +210,7 @@ main( map=fopen(man_index, "r"); if(!map) goto ohwell; - while(fgets(line, BIG_LINE, map)) { + while(fgets(line, sizeof(line), map)) { if(line[0]==';') continue; else if(ldap_utf8isspace(line)) diff --git a/ldap/clients/orgchart/wrapper.c b/ldap/clients/orgchart/wrapper.c index 9bd6f398..1ab67b23 100644 --- a/ldap/clients/orgchart/wrapper.c +++ b/ldap/clients/orgchart/wrapper.c @@ -62,7 +62,7 @@ #define PATH_MAX 512 #endif -char *get_perl_file(char *); +char *get_perl_file(char *, size_t); /* @@ -77,7 +77,7 @@ main( int argc, char **argv ) printf("Content-type:text/html;charset=UTF-8\n\n<html>Hi\n"); - get_perl_file(script); + get_perl_file(script, sizeof(script)-1); if (strchr(script, '/') != NULL || strchr(script, '\\') != NULL) { printf("Paths not allowed. Filenames only.\n"); @@ -94,10 +94,11 @@ main( int argc, char **argv ) } char * -get_perl_file(char *script) { +get_perl_file(char *script, size_t scriptsize) { char *qs = getenv("QUERY_STRING"); char *p1 = NULL; char *p2 = NULL; + size_t maxsize; if (qs == NULL || *qs == '\0') { printf("No QUERY_STRING found\n"); @@ -113,6 +114,8 @@ get_perl_file(char *script) { for (p2 = p1; *p2 != '\0' && *p2 != '&'; p2++); - strncpy(script, p1, p2-p1); - script[p2-p1] = '\0'; + maxsize = (scriptsize < (p2-p1)) ? scriptsize : (p2-p1); + + PL_strncpyz(script, p1, maxsize); + script[maxsize] = '\0'; } |