2005-04-07 16:23:44 -04:00
|
|
|
--- cattach.c.orig Fri Dec 19 01:32:57 1997
|
|
|
|
+++ cattach.c Sun Mar 13 14:05:19 2005
|
|
|
|
@@ -100,6 +100,7 @@
|
|
|
|
char *dirarg=NULL;
|
|
|
|
char *namearg=NULL;
|
|
|
|
int keycheck=1;
|
|
|
|
+ int l;
|
|
|
|
|
|
|
|
ap.highsec=1;
|
|
|
|
while (--argc) if (**++argv == '-') {
|
|
|
|
@@ -164,17 +165,35 @@
|
|
|
|
fprintf(stderr,"Can't stat current directory\n");
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
- sprintf(dir,"%s/%s",buf,dirarg);
|
|
|
|
- } else
|
|
|
|
- strcpy(dir,dirarg);
|
2004-06-15 14:32:22 -04:00
|
|
|
- sprintf(lname,"%s/..data",dir,1024);
|
|
|
|
- sprintf(kname,"%s/..k",dir,1024);
|
2005-04-07 16:23:44 -04:00
|
|
|
+ l = snprintf(dir, sizeof(dir), "%s/%s", buf, dirarg);
|
|
|
|
+ if (l < 0 || l >= sizeof(dir)) {
|
|
|
|
+ fprintf(stderr, "File name too long\n");
|
|
|
|
+ exit(1);
|
|
|
|
+ }
|
|
|
|
+ } else {
|
|
|
|
+ if (strlcpy(dir, dirarg, sizeof(dir)) >= sizeof(dir)) {
|
|
|
|
+ fprintf(stderr, "File name too long\n");
|
|
|
|
+ exit(1);
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ l = snprintf(lname, sizeof(lname), "%s/..data", dir);
|
|
|
|
+ if (l < 0 || l >= sizeof(lname)) {
|
|
|
|
+ fprintf(stderr, "File name too long\n");
|
|
|
|
+ exit(1);
|
|
|
|
+ }
|
|
|
|
+ (void)snprintf(kname, sizeof(kname), "%s/..k", dir);
|
2004-06-15 14:32:22 -04:00
|
|
|
if (chdir(lname) >= 0)
|
|
|
|
strcpy(dir,lname);
|
|
|
|
else if (chdir(dir)<0) {
|
2005-04-07 16:23:44 -04:00
|
|
|
perror(dirarg);
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
+ l = snprintf(cname, sizeof(cname), "%s/..c", dir);
|
|
|
|
+ if (l < 0 || l >= sizeof(cname)) {
|
|
|
|
+ fprintf(stderr, "File name too long\n");
|
|
|
|
+ exit(1);
|
|
|
|
+ }
|
|
|
|
+ (void)snprintf(sname, sizeof(sname), "%s/..s", dir);
|
|
|
|
#ifdef irix
|
|
|
|
/* or (I hope) more or less any system with the 4 parameter statfs */
|
|
|
|
if ((statfs(".",&sfb,sizeof sfb,0)<0) || (sfb.f_blocks==0)) {
|
|
|
|
@@ -188,7 +207,10 @@
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
ap.dirname=dir;
|
|
|
|
- strcpy(ins,namearg);
|
|
|
|
+ if (strlcpy(ins, namearg, sizeof(ins)) >= sizeof(ins)) {
|
|
|
|
+ fprintf(stderr, "Name too long\n");
|
|
|
|
+ exit(1);
|
|
|
|
+ }
|
|
|
|
*namearg='\0'; /* weak attempt to hide .instance in ps output */
|
|
|
|
ap.name=ins;
|
|
|
|
if (keycheck) {
|
|
|
|
@@ -207,8 +229,6 @@
|
|
|
|
if ((n>0) && (pw[n-1] == '\n'))
|
|
|
|
pw[n-1] = '\0';
|
|
|
|
}
|
|
|
|
- sprintf(cname,"%s/..c",dir);
|
|
|
|
- sprintf(sname,"%s/..s",dir);
|
|
|
|
if ((fp=fopen(cname,"r")) == NULL) {
|
|
|
|
ciph=CFS_STD_DES;
|
|
|
|
} else {
|
|
|
|
@@ -237,7 +257,7 @@
|
|
|
|
ap.expire = timeout;
|
|
|
|
ap.key.cipher=ciph;
|
|
|
|
if (smsize != LARGESMSIZE)
|
|
|
|
- sprintf(pw,"%s%d",pw,smsize);
|
|
|
|
+ (void)snprintf(pw, 256, "%s%d", pw, smsize);
|
|
|
|
|
|
|
|
if (cfmt) {
|
|
|
|
if (new_pwcrunch(pw,&ap.key)!=0) {
|