$OpenBSD: patch-src_cfexecd_c,v 1.5 2005/10/27 21:47:28 sturm Exp $ --- src/cfexecd.c.orig Wed Aug 10 13:25:08 2005 +++ src/cfexecd.c Fri Oct 21 16:35:55 2005 @@ -147,7 +147,7 @@ Banner("Check options"); NOSPLAY = false; -sprintf(VPREFIX, "cfexecd"); +(void)snprintf(VPREFIX, 40, "cfexecd"); openlog(VPREFIX,LOG_PID|LOG_NOWAIT|LOG_ODELAY,LOG_DAEMON); while ((c=getopt_long(argc,argv,"L:d:vhpqFV1g",CFDOPTIONS,&optindex)) != EOF) @@ -216,15 +216,15 @@ LOGGING = true; /* Do /* XXX Initialize workdir for non privileged users */ -strcpy(CFWORKDIR,WORKDIR); +(void)strlcpy(CFWORKDIR,WORKDIR,sizeof(CFWORKDIR)); if (getuid() > 0) { char *homedir; if ((homedir = getenv("HOME")) != NULL) { - strcpy(CFWORKDIR,homedir); - strcat(CFWORKDIR,"/.cfagent"); + (void)strlcpy(CFWORKDIR,homedir,sizeof(CFWORKDIR)); + (void)strlcat(CFWORKDIR,"/.cfagent",sizeof(CFWORKDIR)); } } @@ -246,7 +246,7 @@ strncpy(VLOGDIR,CFWORKDIR,CF_BUFSIZE-1); VCANONICALFILE = strdup(CanonifyName(VINPUTFILE)); GetNameInfo(); -strcpy(VUQNAME,VSYSNAME.nodename); +(void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE); MAILTO[0] = '\0'; MAILFROM[0] = '\0'; @@ -564,7 +564,7 @@ for (ip = SCHEDULE; ip != NULL; ip = ip- DeleteItemList(VHEAP); VHEAP = NULL; GetNameInfo(); - strcpy(VUQNAME,VSYSNAME.nodename); + (void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE); return true; } } @@ -572,7 +572,7 @@ for (ip = SCHEDULE; ip != NULL; ip = ip- DeleteItemList(VHEAP); VHEAP = NULL; GetNameInfo(); -strcpy(VUQNAME,VSYSNAME.nodename); +(void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE); return false; } @@ -980,7 +980,7 @@ if (!Dialogue(sd,NULL)) goto mail_err; } -sprintf(VBUFF,"HELO %s\r\n",VFQNAME); +(void)snprintf(VBUFF,sizeof(VBUFF),"HELO %s\r\n",VFQNAME); Debug("%s",VBUFF); if (!Dialogue(sd,VBUFF)) @@ -990,7 +990,7 @@ if (!Dialogue(sd,VBUFF)) if (strlen(MAILFROM) > 0) { - sprintf(VBUFF,"MAIL FROM: <%s>\r\n",MAILFROM); + (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: <%s>\r\n",MAILFROM); Debug("%s",VBUFF); } else @@ -1000,12 +1000,12 @@ else if (strlen(domain) > 0) { - sprintf(VBUFF,"MAIL FROM: \r\n",domain); + (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: \r\n",domain); Debug("%s",VBUFF); } else { - sprintf(VBUFF,"MAIL FROM: <%s>\r\n",to); + (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: <%s>\r\n",to); Debug("%s",VBUFF); } } @@ -1015,7 +1015,7 @@ if (!Dialogue(sd,VBUFF)) goto mail_err; } -sprintf(VBUFF,"RCPT TO: <%s>\r\n",to); +(void)snprintf(VBUFF,sizeof(VBUFF),"RCPT TO: <%s>\r\n",to); Debug("%s",VBUFF); if (!Dialogue(sd,VBUFF)) @@ -1030,12 +1030,12 @@ if (!Dialogue(sd,"DATA\r\n")) if (anomaly) { - sprintf(VBUFF,"Subject: **!! (%s/%s)\r\n",VFQNAME,VIPADDRESS); + (void)snprintf(VBUFF,sizeof(VBUFF),"Subject: **!! (%s/%s)\r\n",VFQNAME,VIPADDRESS); Debug("%s",VBUFF); } else { - sprintf(VBUFF,"Subject: (%s/%s)\r\n",VFQNAME,VIPADDRESS); + (void)snprintf(VBUFF,sizeof(VBUFF),"Subject: (%s/%s)\r\n",VFQNAME,VIPADDRESS); Debug("%s",VBUFF); } @@ -1051,18 +1051,18 @@ sent=send(sd,VBUFF,strlen(VBUFF),0); if (strlen(MAILFROM) == 0) { - sprintf(VBUFF,"From: cfengine@%s\r\n",VFQNAME); + (void)snprintf(VBUFF,sizeof(VBUFF),"From: cfengine@%s\r\n",VFQNAME); Debug("%s",VBUFF); } else { - sprintf(VBUFF,"From: %s\r\n",MAILFROM); + (void)snprintf(VBUFF,sizeof(VBUFF),"From: %s\r\n",MAILFROM); Debug("%s",VBUFF); } sent=send(sd,VBUFF,strlen(VBUFF),0); -sprintf(VBUFF,"To: %s\r\n\r\n",to); +(void)snprintf(VBUFF,sizeof(VBUFF),"To: %s\r\n\r\n",to); Debug("%s",VBUFF); sent=send(sd,VBUFF,strlen(VBUFF),0); @@ -1075,14 +1075,14 @@ while(!feof(fp)) if (strlen(VBUFF) > 0) { VBUFF[strlen(VBUFF)-1] = '\r'; - strcat(VBUFF, "\n"); + (void)strlcat(VBUFF, "\n",sizeof(VBUFF)); count++; sent=send(sd,VBUFF,strlen(VBUFF),0); } if ((MAXLINES != INF_LINES) && (count > MAXLINES)) { - sprintf(VBUFF,"\r\n[Mail truncated by cfengine. File is at %s on %s]\r\n",file,VFQNAME); + (void)snprintf(VBUFF,sizeof(VBUFF),"\r\n[Mail truncated by cfengine. File is at %s on %s]\r\n",file,VFQNAME); sent=send(sd,VBUFF,strlen(VBUFF),0); break; } @@ -1104,7 +1104,7 @@ mail_err: fclose(fp); close(sd); -sprintf(VBUFF, "Cannot mail to %s.", to); +(void)snprintf(VBUFF, sizeof(VBUFF), "Cannot mail to %s.", to); CfLog(cflogonly,VBUFF,""); }