$OpenBSD: patch-src_item_c,v 1.5 2005/10/27 21:47:28 sturm Exp $ --- src/item.c.orig Thu Aug 11 04:22:28 2005 +++ src/item.c Fri Oct 21 16:35:56 2005 @@ -212,6 +212,7 @@ void PrependItem (struct Item **liststar { struct Item *ip; char *sp,*spe = NULL; + size_t splen, spelen = 0; if (!PARSING && (ACTION == editfiles)) { @@ -229,19 +230,24 @@ if ((ip = (struct Item *)malloc(sizeof(s FatalError(""); } -if ((sp = malloc(strlen(itemstring)+2)) == NULL) +splen = strlen(itemstring) + 2; +if ((sp = malloc(splen)) == NULL) { CfLog(cferror,"","malloc"); FatalError(""); } -if ((classes != NULL) && (spe = malloc(strlen(classes)+2)) == NULL) +if (classes != NULL) { - CfLog(cferror,"","malloc"); - FatalError(""); + spelen = strlen(classes) + 2; + if ((spe = malloc(spelen)) == NULL) + { + CfLog(cferror,"","malloc"); + FatalError(""); + } } -strcpy(sp,itemstring); +(void)strlcpy(sp,itemstring,splen); ip->name = sp; ip->next = *liststart; ip->counter = 0; @@ -249,7 +255,7 @@ ip->counter = 0; if (classes != NULL) { - strcpy(spe,classes); + (void)strlcpy(spe,classes,spelen); ip->classes = spe; } else @@ -302,6 +308,7 @@ void AppendItem (struct Item **liststart { struct Item *ip, *lp; char *sp,*spe = NULL; + size_t splen, spelen = 0; if (!PARSING && (ACTION == editfiles)) { @@ -319,7 +326,8 @@ if ((ip = (struct Item *)malloc(sizeof(s FatalError(""); } -if ((sp = malloc(strlen(itemstring)+CF_EXTRASPC)) == NULL) +splen = strlen(itemstring) + CF_EXTRASPC; +if ((sp = malloc(splen)) == NULL) { CfLog(cferror,"","malloc"); FatalError(""); @@ -338,20 +346,24 @@ else lp->next = ip; } -if ((classes != NULL) && (spe = malloc(strlen(classes)+2)) == NULL) +if (classes != NULL) { - CfLog(cferror,"","malloc"); - FatalError(""); + spelen = strlen(classes) + 2; + if ((spe = malloc(spelen)) == NULL) + { + CfLog(cferror,"","malloc"); + FatalError(""); + } } -strcpy(sp,itemstring); +(void)strlcpy(sp,itemstring,splen); ip->name = sp; ip->next = NULL; ip->counter = 0; if (classes != NULL) { - strcpy(spe,classes); + (void)strlcpy(spe,classes,spelen); ip->classes = spe; } else @@ -369,6 +381,7 @@ void InstallItem (struct Item **liststar { struct Item *ip, *lp; char *sp,*spe = NULL; + size_t splen, spelen = 0; if (!PARSING && (ACTION == editfiles)) { @@ -387,7 +400,8 @@ if ((ip = (struct Item *)malloc(sizeof(s FatalError(""); } -if ((sp = malloc(strlen(itemstring)+CF_EXTRASPC)) == NULL) +splen = strlen(itemstring) + CF_EXTRASPC; +if ((sp = malloc(splen)) == NULL) { CfLog(cferror,"","malloc"); FatalError(""); @@ -406,13 +420,17 @@ else lp->next = ip; } -if ((classes!= NULL) && (spe = malloc(strlen(classes)+2)) == NULL) +if (classes!= NULL) { - CfLog(cferror,"","malloc"); - FatalError(""); + spelen = strlen(classes) + 2; + if ((spe = malloc(spelen)) == NULL) + { + CfLog(cferror,"","malloc"); + FatalError(""); + } } -strcpy(sp,itemstring); +(void)strlcpy(sp,itemstring,splen); if (PIFELAPSED != -1) { @@ -437,7 +455,7 @@ ip->next = NULL; if (classes != NULL) { - strcpy(spe,classes); + (void)strlcpy(spe,classes,spelen); ip->classes = spe; } else @@ -1072,7 +1090,7 @@ char *s1, *s2; return 1; } sscanf(sp,"%ld",&cmp); - Debug("SRDEBUG extracted int %d\n",cmp,sp); + Debug("SRDEBUG extracted int %d from %s\n",cmp,sp); /* HvB basename is */ strncpy(host_basename, s2, strlen(s2) - strlen(sp)); @@ -1121,7 +1139,7 @@ struct Item *SplitStringAsItemList(char Debug("SplitStringAsItemList(%s,%c)\n",string,sep); -sprintf(format,"%%255[^%c]",sep); /* set format string to search */ +(void)snprintf(format,sizeof(format),"%%255[^%c]",sep); /* set format string to search */ for (sp = string; *sp != '\0'; sp++) {