$OpenBSD: patch-src_nameinfo_c,v 1.5 2005/10/27 21:47:28 sturm Exp $ --- src/nameinfo.c.orig Tue Jul 26 08:26:33 2005 +++ src/nameinfo.c Fri Oct 21 16:35:56 2005 @@ -59,6 +59,7 @@ void GetNameInfo() time_t tloc; struct hostent *hp; struct sockaddr_in cin; + size_t buflen; #ifdef AIX char real_version[_SYS_NMLN]; #endif @@ -127,12 +128,13 @@ for (i = 0; CLASSATTRIBUTES[i][0] != '\0 } } -if ((sp = malloc(strlen(VSYSNAME.nodename)+1)) == NULL) +buflen = strlen(VSYSNAME.nodename) + 1; +if ((sp = malloc(buflen)) == NULL) { FatalError("malloc failure in initialize()"); } -strcpy(sp,VSYSNAME.nodename); +(void)strlcpy(sp,VSYSNAME.nodename,buflen); SetDomainName(sp); for (sp2=sp; *sp2 != '\0'; sp2++) /* Add some domain hierarchy classes */ @@ -204,7 +206,7 @@ if (VERBOSE || DEBUG || D2 || D3) } -sprintf(VBUFF,"%d_bit",sizeof(long)*8); +(void)snprintf(VBUFF,sizeof(VBUFF),"%d_bit",sizeof(long)*8); AddClassToHeap(VBUFF); Verbose("Additional hard class defined as: %s\n",CanonifyName(VBUFF)); @@ -285,8 +287,8 @@ if (! found) CfLog(cferror,"Cfengine: I don't understand what architecture this is!",""); } -strcpy(VBUFF,"compiled_on_"); -strcat(VBUFF,CanonifyName(AUTOCONF_SYSNAME)); +(void)strlcpy(VBUFF,"compiled_on_",sizeof(VBUFF)); +(void)strlcat(VBUFF,CanonifyName(AUTOCONF_SYSNAME),sizeof(VBUFF)); AddClassToHeap(CanonifyName(VBUFF)); @@ -303,7 +305,7 @@ else memset(&cin,0,sizeof(cin)); cin.sin_addr.s_addr = ((struct in_addr *)(hp->h_addr))->s_addr; Verbose("Address given by nameserver: %s\n",inet_ntoa(cin.sin_addr)); - strcpy(VIPADDRESS,inet_ntoa(cin.sin_addr)); + (void)strlcpy(VIPADDRESS,inet_ntoa(cin.sin_addr),18); for (i=0; hp->h_aliases[i]!= NULL; i++) { @@ -414,7 +416,7 @@ for (j = 0,len = 0,ifp = list.ifc_req; l } /* Old style compat */ - strcpy(ip,inet_ntoa(sin->sin_addr)); + (void)strlcpy(ip,inet_ntoa(sin->sin_addr),sizeof(ip)); AppendItem(&IPADDRESSES,ip,""); for (sp = ip+strlen(ip)-1; *sp != '.'; sp--) @@ -425,8 +427,8 @@ for (j = 0,len = 0,ifp = list.ifc_req; l /* New style */ - strcpy(ip,"ipv4_"); - strcat(ip,inet_ntoa(sin->sin_addr)); + (void)strlcpy(ip,"ipv4_",sizeof(ip)); + (void)strlcat(ip,inet_ntoa(sin->sin_addr),sizeof(ip)); AddClassToHeap(CanonifyName(ip)); snprintf(name,CF_MAXVARSIZE-1,"ipv4[%s]",CanonifyName(ifp->ifr_name)); AddMacroValue(CONTEXTID,name,inet_ntoa(sin->sin_addr)); @@ -567,9 +569,9 @@ void AddNetworkClass(char *netmask) /* F if ((nm.s_addr = inet_addr(netmask)) != -1 && (ip.s_addr = inet_addr(VIPADDRESS)) != -1) { ip.s_addr &= nm.s_addr; /* Will not work with IPv6 */ - strcpy(ipbuf,inet_ntoa(ip)); + (void)strlcpy(ipbuf,inet_ntoa(ip),sizeof(ipbuf)); - strcpy(nmbuf,inet_ntoa(nm)); + (void)strlcpy(nmbuf,inet_ntoa(nm),sizeof(nmbuf)); while( (sp = strrchr(nmbuf,'.')) && strcmp(sp,".0") == 0 ) { @@ -592,22 +594,22 @@ void SetDomainName(char *sp) / if (gethostname(fqn, sizeof(fqn)) != -1) { - strcpy(VFQNAME,fqn); - strcpy(buffer,VFQNAME); + (void)strlcpy(VFQNAME,fqn,CF_MAXVARSIZE); + (void)strlcpy(buffer,VFQNAME,sizeof(buffer)); AddClassToHeap(CanonifyName(buffer)); AddClassToHeap(CanonifyName(ToLowerStr(buffer))); if (strstr(fqn,".")) { ptr = strchr(fqn, '.'); - strcpy(VDOMAIN, ++ptr); + (void)strlcpy(VDOMAIN, ++ptr, sizeof(VDOMAIN)); } } if (strstr(VFQNAME,".") == 0 && (strcmp(VDOMAIN,CF_START_DOMAIN) != 0)) { - strcat(VFQNAME,"."); - strcat(VFQNAME,VDOMAIN); + (void)strlcat(VFQNAME,".",CF_MAXVARSIZE); + (void)strlcat(VFQNAME,VDOMAIN,CF_MAXVARSIZE); } AddClassToHeap(CanonifyName(VDOMAIN));