almost every sscanf in this package is an off-by-one

couldn't find author to submit patches; dead project?
bump PKGNAME
This commit is contained in:
avsm 2003-06-20 13:41:50 +00:00
parent fe34b515d9
commit 367c03fc4b
5 changed files with 133 additions and 2 deletions

View File

@ -1,8 +1,10 @@
# $OpenBSD: Makefile,v 1.16 2002/10/28 01:38:46 naddy Exp $
# $OpenBSD: Makefile,v 1.17 2003/06/20 13:41:50 avsm Exp $
COMMENT= "SLIP/CSLIP emulator for users with shell accounts"
DISTNAME= slirp-1.0c
V= 1.0c
DISTNAME= slirp-${V}
PKGNAME= slirp-${V}p1
CATEGORIES= net
MASTER_SITES= ${MASTER_SITE_BACKUP}

View File

@ -0,0 +1,12 @@
$OpenBSD: patch-main_c,v 1.1 2003/06/20 13:41:50 avsm Exp $
--- main.c.orig Fri Jun 20 14:27:12 2003
+++ main.c Fri Jun 20 14:27:19 2003
@@ -393,7 +393,7 @@ main_init(argc, argv)
if ((f = fopen("/etc/resolv.conf", "r")) != NULL) {
lprint("IP address of your DNS(s): ");
while (fgets(buff, 512, f) != NULL) {
- if (sscanf(buff, "nameserver%*[ \t]%256s", buff2) == 1) {
+ if (sscanf(buff, "nameserver%*[ \t]%255s", buff2) == 1) {
if (!inet_aton(buff2, &tmp_addr))
continue;
if (tmp_addr.s_addr == loopback_addr.s_addr)

View File

@ -0,0 +1,21 @@
$OpenBSD: patch-misc_c,v 1.1 2003/06/20 13:41:50 avsm Exp $
--- misc.c.orig Wed Jan 3 10:02:46 1996
+++ misc.c Fri Jun 20 14:31:49 2003
@@ -650,7 +650,7 @@ add_emu(buff)
struct emu_t *emup;
struct socket *so;
- if (sscanf(buff, "%256s %256s", buff2, buff1) != 2) {
+ if (sscanf(buff, "%255s %255s", buff2, buff1) != 2) {
lprint("Error: Bad arguments\r\n");
return;
}
@@ -665,7 +665,7 @@ add_emu(buff)
if (sscanf(buff2, "%128[^:]:%128s", buff1, buff3) != 2) {
buff3 = 0;
- if (sscanf(buff2, "%256s", buff1) != 1) {
+ if (sscanf(buff2, "%255s", buff1) != 1) {
lprint("Error: Bad second argument\r\n");
return;
}

View File

@ -0,0 +1,57 @@
$OpenBSD: patch-options_c,v 1.1 2003/06/20 13:41:50 avsm Exp $
--- options.c.orig Fri Jan 12 07:09:37 1996
+++ options.c Fri Jun 20 14:32:14 2003
@@ -335,22 +335,22 @@ cfg_redir(buff, inso)
if (proto_tcp == -1)
proto_tcp = 1;
- if (sscanf(buff, "%d%*[to \t]%256[^:]:%256s", &port, str, str2) == 3) {
+ if (sscanf(buff, "%d%*[to \t]%255[^:]:%255s", &port, str, str2) == 3) {
if ((laddr = inet_addr(str)) == -1) {
lprint("Error: Bad address: %s\r\n", buff);
return CFG_ERROR;
}
- } else if (sscanf(buff, "%d%*[to \t]%256s", &port, str2) == 2) {
+ } else if (sscanf(buff, "%d%*[to \t]%255s", &port, str2) == 2) {
if (inso)
laddr = inso->so_laddr.s_addr;
else
laddr = inet_addr(CTL_LOCAL);
- } else if (sscanf(buff, "%256[^:]:%256s", str, str2) == 2) {
+ } else if (sscanf(buff, "%255[^:]:%255s", str, str2) == 2) {
if ((laddr = inet_addr(str)) == -1) {
lprint("Error: Bad address: %s\r\n", buff);
return CFG_ERROR;
}
- } else if (sscanf(buff, "%256s", str2) == 1) {
+ } else if (sscanf(buff, "%255s", str2) == 1) {
if (inso)
laddr = inso->so_laddr.s_addr;
else
@@ -514,7 +514,7 @@ cfg_add_exec(buff, inso)
int x;
u_int32_t laddr;
- if (sscanf(buff, "%256[^:]:%256[^:]:%256s", str, str2, str3) == 3) {
+ if (sscanf(buff, "%255[^:]:%255[^:]:%255s", str, str2, str3) == 3) {
/* XXX should check if address == special address */
x = get_port(str3, 1);
if (x < 0)
@@ -530,7 +530,7 @@ cfg_add_exec(buff, inso)
return CFG_ERROR;
} else
lprint("Adding execution of %s to address %s, port %d\r\n", str, str2, x);
- } else if (sscanf(buff, "%256[^:]:%256s", str, str3) == 2) {
+ } else if (sscanf(buff, "%255[^:]:%255s", str, str3) == 2) {
x = get_port(str3, 1);
if (x < 0)
return CFG_ERROR;
@@ -598,7 +598,7 @@ cfg_shell(buff, inso)
if (exec_shell)
free(exec_shell);
- sscanf(buff, "%256s", str);
+ sscanf(buff, "%255s", str);
exec_shell = (char *)strdup(str);
return CFG_OK;

View File

@ -0,0 +1,39 @@
$OpenBSD: patch-tcp_subr_c,v 1.1 2003/06/20 13:41:50 avsm Exp $
--- tcp_subr.c.orig Fri Jun 20 14:28:51 2003
+++ tcp_subr.c Fri Jun 20 14:29:32 2003
@@ -900,7 +900,7 @@ tcp_emu(so, m)
*(so_rcv->sb_rptr + num) = 0;
if (ctl_password && !ctl_password_ok) {
/* Need a password */
- if (sscanf(so_rcv->sb_rptr, "pass %256s", buff) == 1) {
+ if (sscanf(so_rcv->sb_rptr, "pass %255s", buff) == 1) {
if (strcmp(buff, ctl_password) == 0) {
ctl_password_ok = 1;
n = sprintf(so_snd->sb_wptr,
@@ -1031,7 +1031,7 @@ do_prompt:
return 1;
/* The %256s is for the broken mIRC */
- if (sscanf(bptr, "DCC CHAT %256s %u %u", buff, &laddr, &lport) == 3) {
+ if (sscanf(bptr, "DCC CHAT %255s %u %u", buff, &laddr, &lport) == 3) {
if ((so = solisten(0, htonl(laddr), htons(lport), SS_FACCEPTONCE)) == NULL)
return 1;
@@ -1039,7 +1039,7 @@ do_prompt:
m->m_len += sprintf(bptr, "DCC CHAT chat %lu %u%c\n",
(unsigned long)ntohl(so->so_faddr.s_addr),
ntohs(so->so_fport), 1);
- } else if (sscanf(bptr, "DCC SEND %256s %u %u %u", buff, &laddr, &lport, &n1) == 4) {
+ } else if (sscanf(bptr, "DCC SEND %255s %u %u %u", buff, &laddr, &lport, &n1) == 4) {
if ((so = solisten(0, htonl(laddr), htons(lport), SS_FACCEPTONCE)) == NULL)
return 1;
@@ -1047,7 +1047,7 @@ do_prompt:
m->m_len += sprintf(bptr, "DCC SEND %s %lu %u %u%c\n",
buff, (unsigned long)ntohl(so->so_faddr.s_addr),
ntohs(so->so_fport), n1, 1);
- } else if (sscanf(bptr, "DCC MOVE %256s %u %u %u", buff, &laddr, &lport, &n1) == 4) {
+ } else if (sscanf(bptr, "DCC MOVE %255s %u %u %u", buff, &laddr, &lport, &n1) == 4) {
if ((so = solisten(0, htonl(laddr), htons(lport), SS_FACCEPTONCE)) == NULL)
return 1;