$OpenBSD: patch-src_cfexecd_c,v 1.4 2005/07/21 15:16:46 aanriot Exp $ --- src/cfexecd.c.orig Wed May 25 03:52:26 2005 +++ src/cfexecd.c Fri Jul 15 12:24:00 2005 @@ -147,7 +147,7 @@ Banner("Check options"); NOSPLAY = false; -sprintf(VPREFIX, "cfexecd"); +(void)snprintf(VPREFIX, 40, "cfexecd"); openlog(VPREFIX,LOG_PID|LOG_NOWAIT|LOG_ODELAY,LOG_DAEMON); while ((c=getopt_long(argc,argv,"L:d:vhpqFV1g",CFDOPTIONS,&optindex)) != EOF) @@ -216,15 +216,15 @@ LOGGING = true; /* Do /* XXX Initialize workdir for non privileged users */ -strcpy(CFWORKDIR,WORKDIR); +(void)strlcpy(CFWORKDIR,WORKDIR,sizeof(CFWORKDIR)); if (getuid() > 0) { char *homedir; if ((homedir = getenv("HOME")) != NULL) { - strcpy(CFWORKDIR,homedir); - strcat(CFWORKDIR,"/.cfagent"); + (void)strlcpy(CFWORKDIR,homedir,sizeof(CFWORKDIR)); + (void)strlcat(CFWORKDIR,"/.cfagent",sizeof(CFWORKDIR)); } } @@ -246,7 +246,7 @@ strncpy(VLOGDIR,CFWORKDIR,CF_BUFSIZE-1); VCANONICALFILE = strdup(CanonifyName(VINPUTFILE)); GetNameInfo(); -strcpy(VUQNAME,VSYSNAME.nodename); +(void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE); MAILTO[0] = '\0'; MAILFROM[0] = '\0'; @@ -555,7 +555,7 @@ for (ip = SCHEDULE; ip != NULL; ip = ip- DeleteItemList(VHEAP); VHEAP = NULL; GetNameInfo(); - strcpy(VUQNAME,VSYSNAME.nodename); + (void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE); return true; } } @@ -563,7 +563,7 @@ for (ip = SCHEDULE; ip != NULL; ip = ip- DeleteItemList(VHEAP); VHEAP = NULL; GetNameInfo(); -strcpy(VUQNAME,VSYSNAME.nodename); +(void)strlcpy(VUQNAME,VSYSNAME.nodename,CF_MAXVARSIZE); return false; } @@ -971,7 +971,7 @@ if (!Dialogue(sd,NULL)) goto mail_err; } -sprintf(VBUFF,"HELO %s\r\n",VFQNAME); +(void)snprintf(VBUFF,sizeof(VBUFF),"HELO %s\r\n",VFQNAME); Debug("%s",VBUFF); if (!Dialogue(sd,VBUFF)) @@ -981,7 +981,7 @@ if (!Dialogue(sd,VBUFF)) if (strlen(MAILFROM) > 0) { - sprintf(VBUFF,"MAIL FROM: <%s>\r\n",MAILFROM); + (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: <%s>\r\n",MAILFROM); Debug("%s",VBUFF); } else @@ -991,12 +991,12 @@ else if (strlen(domain) > 0) { - sprintf(VBUFF,"MAIL FROM: \r\n",domain); + (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: \r\n",domain); Debug("%s",VBUFF); } else { - sprintf(VBUFF,"MAIL FROM: <%s>\r\n",to); + (void)snprintf(VBUFF,sizeof(VBUFF),"MAIL FROM: <%s>\r\n",to); Debug("%s",VBUFF); } } @@ -1006,7 +1006,7 @@ if (!Dialogue(sd,VBUFF)) goto mail_err; } -sprintf(VBUFF,"RCPT TO: <%s>\r\n",to); +(void)snprintf(VBUFF,sizeof(VBUFF),"RCPT TO: <%s>\r\n",to); Debug("%s",VBUFF); if (!Dialogue(sd,VBUFF)) @@ -1021,12 +1021,12 @@ if (!Dialogue(sd,"DATA\r\n")) if (anomaly) { - sprintf(VBUFF,"Subject: **!! (%s/%s)\r\n",VFQNAME,VIPADDRESS); + (void)snprintf(VBUFF,sizeof(VBUFF),"Subject: **!! (%s/%s)\r\n",VFQNAME,VIPADDRESS); Debug("%s",VBUFF); } else { - sprintf(VBUFF,"Subject: (%s/%s)\r\n",VFQNAME,VIPADDRESS); + (void)snprintf(VBUFF,sizeof(VBUFF),"Subject: (%s/%s)\r\n",VFQNAME,VIPADDRESS); Debug("%s",VBUFF); } @@ -1042,18 +1042,18 @@ sent=send(sd,VBUFF,strlen(VBUFF),0); if (strlen(MAILFROM) == 0) { - sprintf(VBUFF,"From: cfengine@%s\r\n",VFQNAME); + (void)snprintf(VBUFF,sizeof(VBUFF),"From: cfengine@%s\r\n",VFQNAME); Debug("%s",VBUFF); } else { - sprintf(VBUFF,"From: cfengine@%s\r\n",VFQNAME); + (void)snprintf(VBUFF,sizeof(VBUFF),"From: cfengine@%s\r\n",VFQNAME); Debug("%s",VBUFF); } sent=send(sd,VBUFF,strlen(VBUFF),0); -sprintf(VBUFF,"To: %s\r\n\r\n",to); +(void)snprintf(VBUFF,sizeof(VBUFF),"To: %s\r\n\r\n",to); Debug("%s",VBUFF); sent=send(sd,VBUFF,strlen(VBUFF),0); @@ -1066,14 +1066,14 @@ while(!feof(fp)) if (strlen(VBUFF) > 0) { VBUFF[strlen(VBUFF)-1] = '\r'; - strcat(VBUFF, "\n"); + (void)strlcat(VBUFF, "\n",sizeof(VBUFF)); count++; sent=send(sd,VBUFF,strlen(VBUFF),0); } if ((MAXLINES != INF_LINES) && (count > MAXLINES)) { - sprintf(VBUFF,"\r\n[Mail truncated by cfengine. File is at %s on %s]\r\n",file,VFQNAME); + (void)snprintf(VBUFF,sizeof(VBUFF),"\r\n[Mail truncated by cfengine. File is at %s on %s]\r\n",file,VFQNAME); sent=send(sd,VBUFF,strlen(VBUFF),0); break; } @@ -1095,7 +1095,7 @@ mail_err: fclose(fp); close(sd); -sprintf(VBUFF, "Cannot mail to %s.", to); +(void)snprintf(VBUFF, sizeof(VBUFF), "Cannot mail to %s.", to); CfLog(cflogonly,VBUFF,""); }