freebsd-ports/comms/hylafax/files/patch-ad
Ade Lovett e307881cab Fix incorrect use of snprintf() that causes pid of process
trying to lock a serial device in /var/spool/lock to be
incorrectly written into the lock file.

PORTREVISION bumped.

PR:		20141
Submitted by:	Cyrus Rahman <cr@jcmax.com>
2000-09-18 21:58:04 +00:00

261 lines
8.7 KiB
Plaintext

diff -ruN faxd/ClassModem.c++.orig faxd/ClassModem.c++
--- faxd/ClassModem.c++.orig Sun Jun 13 00:41:02 1999
+++ faxd/ClassModem.c++ Mon Jun 12 21:52:37 2000
@@ -169,7 +169,7 @@
{
protoTrace("DIAL %s", number);
char buf[256];
- sprintf(buf, (const char*) conf.dialCmd, number);
+ snprintf(buf, sizeof(buf), (const char*) conf.dialCmd, number);
emsg = "";
CallStatus cs = (atCmd(buf, AT_NOTHING) ? dialResponse(emsg) : FAILURE);
if (cs != OK && emsg == "")
diff -ruN faxd/FaxMachineLog.c++.orig faxd/FaxMachineLog.c++
--- faxd/FaxMachineLog.c++.orig Mon Oct 12 13:47:49 1998
+++ faxd/FaxMachineLog.c++ Mon Jun 12 21:52:37 2000
@@ -75,9 +75,13 @@
int oerrno = errno; // save errno on entry
char buf[16*1024];
timeval tv;
+ int len;
+
(void) gettimeofday(&tv, 0);
strftime(buf, sizeof (buf), "%h %d %T", localtime((time_t*) &tv.tv_sec));
- sprintf(buf+strlen(buf), ".%02u: [%5d]: ", tv.tv_usec / 10000, pid);
+ len = strlen(buf);
+ snprintf(buf+len, sizeof(buf) - len, ".%02u: [%5d]: ",
+ tv.tv_usec / 10000, pid);
/*
* Copy format string into a local buffer so
* that we can substitute for %m, a la syslog.
@@ -96,6 +100,7 @@
fmt.put(fp[0]);
}
fmt.put('\n'); fmt.put('\0');
- vsprintf(buf+strlen(buf), (const char*) fmt, ap);
+ len = strlen(buf);
+ vsnprintf(buf+len, sizeof(buf) - len, (const char*) fmt, ap);
(void) Sys::write(fd, buf, strlen(buf));
}
diff -ruN faxd/FaxRecv.c++.orig faxd/FaxRecv.c++
--- faxd/FaxRecv.c++.orig Sun Jun 13 00:41:03 1999
+++ faxd/FaxRecv.c++ Mon Jun 12 21:52:37 2000
@@ -139,7 +139,7 @@
* number file to reflect the allocation.
*/
(void) flock(ftmp, LOCK_EX|LOCK_NB);
- sprintf(line, "%u", seqnum);
+ snprintf(line, sizeof(line), "%u", seqnum);
(void) lseek(fseqf, 0, SEEK_SET);
if (Sys::write(fseqf, line, strlen(line)) != strlen(line) ||
ftruncate(fseqf,strlen(line))) {
diff -ruN faxd/FaxRequest.c++.orig faxd/FaxRequest.c++
--- faxd/FaxRequest.c++.orig Sun Jun 13 00:41:03 1999
+++ faxd/FaxRequest.c++ Mon Jun 12 21:52:38 2000
@@ -679,7 +679,8 @@
FaxRequest::error(const char* fmt0 ...)
{
char fmt[128];
- sprintf(fmt, "%s: line %u: %s", (const char*) qfile, (u_int) lineno, fmt0);
+ snprintf(fmt, sizeof(fmt), "%s: line %u: %s", (const char*) qfile,
+ (u_int) lineno, fmt0);
va_list ap;
va_start(ap, fmt0);
vlogError(fmt, ap);
diff -ruN faxd/Getty.c++.orig faxd/Getty.c++
--- faxd/Getty.c++.orig Sun Jun 13 00:41:03 1999
+++ faxd/Getty.c++ Mon Jun 12 21:54:22 2000
@@ -218,7 +218,7 @@
// NB: this is executed in the parent
fxStr device = fxStr::format("%s/" | line, _PATH_DEV);
Sys::chown(device, UUCPLock::getUUCPUid(), UUCPLock::getUUCPGid());
- Sys::chmod(device, 0600); // reset protection
+ Sys::chmod(device, 0660); // reset protection
}
extern void vlogError(const char* fmt, va_list ap);
diff -ruN faxd/ModemServer.c++.orig faxd/ModemServer.c++
--- faxd/ModemServer.c++.orig Sun Jun 13 00:41:04 1999
+++ faxd/ModemServer.c++ Mon Jun 12 21:52:38 2000
@@ -324,7 +324,7 @@
if (seteuid(0) >= 0) { // must be done as root
const SchedInfo& si = schedInfo[s];
pcinfo_t pcinfo;
- strcpy(pcinfo.pc_clname, si.clname);
+ strlcpy(pcinfo.pc_clname, si.clname, sizeof(pcinfo.pc_clname));
if (priocntl((idtype_t)0, 0, PC_GETCID, (caddr_t)&pcinfo) >= 0) {
pcparms_t pcparms;
pcparms.pc_cid = pcinfo.pc_cid;
@@ -604,7 +604,7 @@
} while (ftmp < 0 && errno == EEXIST && --ntry >= 0);
umask(omask);
if (ftmp >= 0) {
- sprintf(line, "%u", seqnum);
+ snprintf(line, sizeof(line), "%u", seqnum);
(void) lseek(fseqf, 0, SEEK_SET);
if (Sys::write(fseqf, line, strlen(line)) != strlen(line) ||
ftruncate(fseqf,strlen(line)))
@@ -806,7 +806,7 @@
va_list ap;
va_start(ap, fmt0);
char fmt[256];
- sprintf(fmt, "MODEM %s", fmt0);
+ snprintf(fmt, sizeof(fmt), "MODEM %s", fmt0);
vtraceStatus(FAXTRACE_MODEMOPS, fmt, ap);
va_end(ap);
}
diff -ruN faxd/ServerConfig.c++.orig faxd/ServerConfig.c++
--- faxd/ServerConfig.c++.orig Sun Jun 13 00:41:04 1999
+++ faxd/ServerConfig.c++ Mon Jun 12 21:52:38 2000
@@ -373,9 +373,9 @@
{
char fmt[128];
if (module != NULL)
- sprintf(fmt, "%s: Warning, %s.", module, fmt0);
+ snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0);
else
- sprintf(fmt, "Warning, %s.", fmt0);
+ snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0);
vlogError(fmt, ap);
}
@@ -384,9 +384,9 @@
{
char fmt[128];
if (module != NULL)
- sprintf(fmt, "%s: Warning, %s.", module, fmt0);
+ snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0);
else
- sprintf(fmt, "Warning, %s.", fmt0);
+ snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0);
vlogWarning(fmt, ap);
}
diff -ruN faxd/UUCPLock.c++.orig faxd/UUCPLock.c++
--- faxd/UUCPLock.c++.orig Sun Jun 13 00:41:05 1999
+++ faxd/UUCPLock.c++ Mon Jun 12 21:56:52 2000
@@ -37,6 +37,7 @@
}
#endif
#include <pwd.h>
+#include <grp.h>
/*
* UUCP Device Locking Support.
@@ -148,6 +149,13 @@
UUCPuid = pwd->pw_uid;
UUCPgid = pwd->pw_gid;
endpwent(); // paranoia
+
+
+ const group *grp = getgrnam("dialer");
+ if (!grp)
+ faxApp::fatal("Can not deduce identity of DIALER");
+ UUCPgid = grp->gr_gid;
+ endgrent(); // paranoia
}
}
uid_t UUCPLock::getUUCPUid() { setupIDs(); return UUCPuid; }
diff -ruN faxd/faxApp.c++.orig faxd/faxApp.c++
--- faxd/faxApp.c++.orig Sun Jun 13 00:41:05 1999
+++ faxd/faxApp.c++ Mon Jun 12 21:52:39 2000
@@ -231,7 +231,7 @@
logError("fcntl: %m");
}
char msg[4096];
- vsprintf(msg, fmt, ap);
+ vsnprintf(msg, sizeof(msg), fmt, ap);
u_int len = strlen(msg)+1;
if (Sys::write(faxqfifo, msg, len) != len) {
if (errno == EBADF || errno == EPIPE) // reader expired
@@ -263,7 +263,7 @@
faxApp::sendModemStatus(const char* devid, const char* fmt0 ...)
{
char fmt[2*1024];
- sprintf(fmt, "+%s:%s", devid, fmt0);
+ snprintf(fmt, sizeof(fmt), "+%s:%s", devid, fmt0);
va_list ap;
va_start(ap, fmt0);
bool ok = vsendQueuer(fmt, ap);
@@ -278,7 +278,7 @@
faxApp::sendJobStatus(const char* jobid, const char* fmt0 ...)
{
char fmt[2*1024];
- sprintf(fmt, "*%s:%s", jobid, fmt0);
+ snprintf(fmt, sizeof(fmt), "*%s:%s", jobid, fmt0);
va_list ap;
va_start(ap, fmt0);
bool ok = vsendQueuer(fmt, ap);
@@ -293,7 +293,7 @@
faxApp::sendRecvStatus(const char* devid, const char* fmt0 ...)
{
char fmt[2*1024];
- sprintf(fmt, "@%s:%s", devid, fmt0);
+ snprintf(fmt, sizeof(fmt), "@%s:%s", devid, fmt0);
va_list ap;
va_start(ap, fmt0);
bool ok = vsendQueuer(fmt, ap);
diff -ruN faxd/faxQueueApp.c++.orig faxd/faxQueueApp.c++
--- faxd/faxQueueApp.c++.orig Sat Jul 10 07:23:05 1999
+++ faxd/faxQueueApp.c++ Mon Jun 12 21:52:39 2000
@@ -971,10 +971,10 @@
* -m <maxpages> max pages to generate
* -1|-2 1d or 2d encoding
*/
- char rbuf[20]; sprintf(rbuf, "%u", params.verticalRes());
- char wbuf[20]; sprintf(wbuf, "%u", params.pageWidth());
- char lbuf[20]; sprintf(lbuf, "%d", params.pageLength());
- char mbuf[20]; sprintf(mbuf, "%u", dci.getMaxSendPages());
+ char rbuf[20]; snprintf(rbuf, sizeof(rbuf), "%u", params.verticalRes());
+ char wbuf[20]; snprintf(wbuf, sizeof(wbuf), "%u", params.pageWidth());
+ char lbuf[20]; snprintf(lbuf, sizeof(lbuf), "%d", params.pageLength());
+ char mbuf[20]; snprintf(mbuf, sizeof(mbuf), "%u", dci.getMaxSendPages());
const char* argv[30];
int ac = 0;
switch (req.op) {
@@ -2726,9 +2726,9 @@
{
char fmt[128];
if (module != NULL)
- sprintf(fmt, "%s: Warning, %s.", module, fmt0);
+ snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0);
else
- sprintf(fmt, "Warning, %s.", fmt0);
+ snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0);
vlogError(fmt, ap);
}
@@ -2737,9 +2737,9 @@
{
char fmt[128];
if (module != NULL)
- sprintf(fmt, "%s: Warning, %s.", module, fmt0);
+ snprintf(fmt, sizeof(fmt), "%s: Warning, %s.", module, fmt0);
else
- sprintf(fmt, "Warning, %s.", fmt0);
+ snprintf(fmt, sizeof(fmt), "Warning, %s.", fmt0);
vlogWarning(fmt, ap);
}
diff -ruN faxd/trigtest.c++.orig faxd/trigtest.c++
--- faxd/trigtest.c++.orig Sun Jun 13 00:41:08 1999
+++ faxd/trigtest.c++ Mon Jun 12 21:52:39 2000
@@ -296,7 +296,7 @@
int fd, n;
char msg[256];
- sprintf(fifoName, "client/%u", getpid());
+ snprintf(fifoName, sizeof(fifoname), "client/%u", getpid());
if (Sys::mkfifo(fifoName, 0666) < 0 && errno != EEXIST) {
perror("mkfifo");
exit(-1);
@@ -309,7 +309,7 @@
unlink(fifoName);
exit(-1);
}
- sprintf(msg, "T%s:N%s", fifoName, trigger);
+ snprintf(msg, sizeof(msg), "T%s:N%s", fifoName, trigger);
send(msg, strlen(msg)+1);
for (;;) {
FD_ZERO(&rd);