diff options
| author | Jeremy Allison <jra@samba.org> | 1998-05-12 00:55:32 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 1998-05-12 00:55:32 +0000 |
| commit | f888868f46a5418bac9ab528497136c152895305 (patch) | |
| tree | cf72c864807b19e098a856aaec8daf334189ff84 /source3 | |
| parent | 9141acecdcebd9276107a500435e3d4545020056 (diff) | |
| download | samba-f888868f46a5418bac9ab528497136c152895305.tar.gz samba-f888868f46a5418bac9ab528497136c152895305.tar.bz2 samba-f888868f46a5418bac9ab528497136c152895305.zip | |
This is a security audit change of the main source.
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
Diffstat (limited to 'source3')
68 files changed, 887 insertions, 787 deletions
diff --git a/source3/client/client.c b/source3/client/client.c index c825e8c596..0628314f1e 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -240,7 +240,7 @@ static BOOL chkpath(char *path,BOOL report) pstring inbuf,outbuf; char *p; - strcpy(path2,path); + fstrcpy(path2,path); trim_string(path2,NULL,"\\"); if (!*path2) *path2 = '\\'; @@ -252,7 +252,7 @@ static BOOL chkpath(char *path,BOOL report) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,path2); + fstrcpy(p,path2); #if 0 { @@ -294,10 +294,10 @@ static void send_message(char *inbuf,char *outbuf) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,username); + pstrcpy(p,username); p = skip_string(p,1); *p++ = 4; - strcpy(p,desthost); + pstrcpy(p,desthost); p = skip_string(p,1); set_message(outbuf,0,PTR_DIFF(p,smb_buf(outbuf)),False); @@ -423,24 +423,24 @@ static void do_cd(char *newdir) /* Save the current directory in case the new directory is invalid */ - strcpy(saved_dir, cur_dir); + pstrcpy(saved_dir, cur_dir); if (*p == '\\') - strcpy(cur_dir,p); + pstrcpy(cur_dir,p); else - strcat(cur_dir,p); + pstrcat(cur_dir,p); if (*(cur_dir+strlen(cur_dir)-1) != '\\') { - strcat(cur_dir, "\\"); + pstrcat(cur_dir, "\\"); } dos_clean_name(cur_dir); - strcpy(dname,cur_dir); - strcat(cur_dir,"\\"); + pstrcpy(dname,cur_dir); + pstrcat(cur_dir,"\\"); dos_clean_name(cur_dir); if (!strequal(cur_dir,"\\")) if (!chkpath(dname,True)) - strcpy(cur_dir,saved_dir); + pstrcpy(cur_dir,saved_dir); - strcpy(cd_path,cur_dir); + pstrcpy(cd_path,cur_dir); } /**************************************************************************** @@ -505,7 +505,7 @@ static int do_long_dir(char *inbuf,char *outbuf,char *Mask,int attribute,void (* uint16 setup; pstring param; - strcpy(mask,Mask); + pstrcpy(mask,Mask); while (ff_eos == 0) { @@ -524,7 +524,7 @@ static int do_long_dir(char *inbuf,char *outbuf,char *Mask,int attribute,void (* SSVAL(param,4,8+4+2); /* resume required + close on end + continue */ SSVAL(param,6,info_level); SIVAL(param,8,0); - strcpy(param+12,mask); + pstrcpy(param+12,mask); } else { @@ -534,7 +534,7 @@ static int do_long_dir(char *inbuf,char *outbuf,char *Mask,int attribute,void (* SSVAL(param,4,info_level); SIVAL(param,6,ff_resume_key); /* ff_resume_key */ SSVAL(param,10,8+4+2); /* resume required + close on end + continue */ - strcpy(param+12,mask); + pstrcpy(param+12,mask); DEBUG(5,("hand=0x%X resume=%d ff_lastname=%d mask=%s\n", ff_dir_handle,ff_resume_key,ff_lastname,mask)); @@ -584,16 +584,16 @@ static int do_long_dir(char *inbuf,char *outbuf,char *Mask,int attribute,void (* case 260: ff_resume_key =0; StrnCpy(mask,p+ff_lastname,resp_data_len-ff_lastname); - /* strcpy(mask,p+ff_lastname+94); */ + /* pstrcpy(mask,p+ff_lastname+94); */ break; case 1: - strcpy(mask,p + ff_lastname + 1); + pstrcpy(mask,p + ff_lastname + 1); ff_resume_key = 0; break; } } else - strcpy(mask,""); + pstrcpy(mask,""); /* and add them to the dirlist pool */ dirlist = Realloc(dirlist,dirlist_len + resp_data_len); @@ -667,7 +667,7 @@ static int do_short_dir(char *inbuf,char *outbuf,char *Mask,int attribute,void ( bzero(status,21); - strcpy(mask,Mask); + pstrcpy(mask,Mask); while (1) { @@ -694,9 +694,9 @@ static int do_short_dir(char *inbuf,char *outbuf,char *Mask,int attribute,void ( *p++ = 4; if (first) - strcpy(p,mask); + pstrcpy(p,mask); else - strcpy(p,""); + pstrcpy(p,""); p += strlen(p) + 1; *p++ = 5; @@ -751,7 +751,7 @@ static int do_short_dir(char *inbuf,char *outbuf,char *Mask,int attribute,void ( p = smb_buf(outbuf); *p++ = 4; - strcpy(p,""); + pstrcpy(p,""); p += strlen(p) + 1; *p++ = 5; @@ -859,7 +859,7 @@ static int interpret_short_filename(char *p,file_info *finfo) finfo->ctime = make_unix_date(p+22); finfo->mtime = finfo->atime = finfo->ctime; finfo->size = IVAL(p,26); - strcpy(finfo->name,p+30); + pstrcpy(finfo->name,p+30); return(DIR_STRUCT_SIZE); } @@ -886,7 +886,7 @@ static int interpret_long_filename(int level,char *p,file_info *finfo) finfo->mtime = make_unix_date2(p+12); finfo->size = IVAL(p,16); finfo->mode = CVAL(p,24); - strcpy(finfo->name,p+27); + pstrcpy(finfo->name,p+27); } return(28 + CVAL(p,26)); @@ -899,7 +899,7 @@ static int interpret_long_filename(int level,char *p,file_info *finfo) finfo->mtime = make_unix_date2(p+12); finfo->size = IVAL(p,16); finfo->mode = CVAL(p,24); - strcpy(finfo->name,p+31); + pstrcpy(finfo->name,p+31); } return(32 + CVAL(p,30)); @@ -913,7 +913,7 @@ static int interpret_long_filename(int level,char *p,file_info *finfo) finfo->mtime = make_unix_date2(p+16); finfo->size = IVAL(p,20); finfo->mode = CVAL(p,28); - strcpy(finfo->name,p+33); + pstrcpy(finfo->name,p+33); } return(SVAL(p,4)+4); @@ -926,7 +926,7 @@ static int interpret_long_filename(int level,char *p,file_info *finfo) finfo->mtime = make_unix_date2(p+16); finfo->size = IVAL(p,20); finfo->mode = CVAL(p,28); - strcpy(finfo->name,p+37); + pstrcpy(finfo->name,p+37); } return(SVAL(p,4)+4); @@ -994,22 +994,22 @@ static void dir_action(char *inbuf,char *outbuf,int attribute,file_info *finfo,B fn(finfo); } - strcpy(sav_dir,cur_dir); - strcat(cur_dir,finfo->name); - strcat(cur_dir,"\\"); - strcpy(mask2,cur_dir); + pstrcpy(sav_dir,cur_dir); + pstrcat(cur_dir,finfo->name); + pstrcat(cur_dir,"\\"); + pstrcpy(mask2,cur_dir); if (!fn) DEBUG(0,("\n%s\n",CNV_LANG(cur_dir))); - strcat(mask2,"*"); + pstrcat(mask2,"*"); if (longdir) do_long_dir(inbuf,outbuf,mask2,attribute,fn,True, dirstoo); else do_dir(inbuf,outbuf,mask2,attribute,fn,True, dirstoo); - strcpy(cur_dir,sav_dir); + pstrcpy(cur_dir,sav_dir); } else { @@ -1031,19 +1031,19 @@ static void cmd_dir(char *inbuf,char *outbuf) char *p=buf; dir_total = 0; - strcpy(mask,cur_dir); + pstrcpy(mask,cur_dir); if(mask[strlen(mask)-1]!='\\') - strcat(mask,"\\"); + pstrcat(mask,"\\"); if (next_token(NULL,buf,NULL)) { if (*p == '\\') - strcpy(mask,p); + pstrcpy(mask,p); else - strcat(mask,p); + pstrcat(mask,p); } else { - strcat(mask,"*"); + pstrcat(mask,"*"); } do_dir(inbuf,outbuf,mask,attribute,NULL,recurse,False); @@ -1109,7 +1109,7 @@ static void do_get(char *rname,char *lname,file_info *finfo1) SSVAL(outbuf,smb_vwv12,0xffff); p = smb_buf(outbuf); - strcpy(p,rname); + pstrcpy(p,rname); p = skip_string(p,1); /* do a chained openX with a readX? */ @@ -1162,7 +1162,7 @@ static void do_get(char *rname,char *lname,file_info *finfo1) return; } - strcpy(finfo.name,rname); + pstrcpy(finfo.name,rname); if (!finfo1) { @@ -1423,7 +1423,7 @@ static void do_get(char *rname,char *lname,file_info *finfo1) SIVALS(outbuf,smb_vwv1,0); p = smb_buf(outbuf); *p++ = 4; - strcpy(p,rname); + pstrcpy(p,rname); p += strlen(p)+1; *p++ = 4; *p = 0; @@ -1460,8 +1460,8 @@ static void cmd_get(char *dum_in, char *dum_out) pstring rname; char *p; - strcpy(rname,cur_dir); - strcat(rname,"\\"); + pstrcpy(rname,cur_dir); + pstrcat(rname,"\\"); p = rname + strlen(rname); @@ -1469,7 +1469,7 @@ static void cmd_get(char *dum_in, char *dum_out) DEBUG(0,("get <filename>\n")); return; } - strcpy(lname,p); + pstrcpy(lname,p); dos_clean_name(rname); next_token(NULL,lname,NULL); @@ -1519,10 +1519,10 @@ static void do_mget(file_info *finfo) return; } - strcpy(saved_curdir,cur_dir); + pstrcpy(saved_curdir,cur_dir); - strcat(cur_dir,finfo->name); - strcat(cur_dir,"\\"); + pstrcat(cur_dir,finfo->name); + pstrcat(cur_dir,"\\"); unix_format(finfo->name); { @@ -1533,7 +1533,7 @@ static void do_mget(file_info *finfo) sys_mkdir(finfo->name,0777) != 0) { DEBUG(0,("failed to create directory %s\n",CNV_LANG(finfo->name))); - strcpy(cur_dir,saved_curdir); + pstrcpy(cur_dir,saved_curdir); free(inbuf);free(outbuf); return; } @@ -1541,25 +1541,25 @@ static void do_mget(file_info *finfo) if (sys_chdir(finfo->name) != 0) { DEBUG(0,("failed to chdir to directory %s\n",CNV_LANG(finfo->name))); - strcpy(cur_dir,saved_curdir); + pstrcpy(cur_dir,saved_curdir); free(inbuf);free(outbuf); return; } } - strcpy(mget_mask,cur_dir); - strcat(mget_mask,"*"); + pstrcpy(mget_mask,cur_dir); + pstrcat(mget_mask,"*"); do_dir((char *)inbuf,(char *)outbuf, mget_mask,aSYSTEM | aHIDDEN | aDIR,do_mget,False, False); chdir(".."); - strcpy(cur_dir,saved_curdir); + pstrcpy(cur_dir,saved_curdir); free(inbuf);free(outbuf); } else { - strcpy(rname,cur_dir); - strcat(rname,finfo->name); + pstrcpy(rname,cur_dir); + pstrcat(rname,finfo->name); do_get(rname,finfo->name,finfo); } } @@ -1572,12 +1572,12 @@ static void cmd_more(char *dum_in, char *dum_out) fstring rname,lname,tmpname,pager_cmd; char *pager; - strcpy(rname,cur_dir); - strcat(rname,"\\"); + fstrcpy(rname,cur_dir); + fstrcat(rname,"\\"); slprintf(tmpname, sizeof(fstring)-1, "%s/smbmore.%d",tmpdir(),(int)getpid()); - strcpy(lname,tmpname); + fstrcpy(lname,tmpname); if (!next_token(NULL,rname+strlen(rname),NULL)) { DEBUG(0,("more <filename>\n")); @@ -1616,23 +1616,23 @@ static void cmd_mget(char *inbuf,char *outbuf) while (next_token(NULL,p,NULL)) { - strcpy(mget_mask,cur_dir); + pstrcpy(mget_mask,cur_dir); if(mget_mask[strlen(mget_mask)-1]!='\\') - strcat(mget_mask,"\\"); + pstrcat(mget_mask,"\\"); if (*p == '\\') - strcpy(mget_mask,p); + pstrcpy(mget_mask,p); else - strcat(mget_mask,p); + pstrcat(mget_mask,p); do_dir((char *)inbuf,(char *)outbuf,mget_mask,attribute,do_mget,False,False); } if (! *mget_mask) { - strcpy(mget_mask,cur_dir); + pstrcpy(mget_mask,cur_dir); if(mget_mask[strlen(mget_mask)-1]!='\\') - strcat(mget_mask,"\\"); - strcat(mget_mask,"*"); + pstrcat(mget_mask,"\\"); + pstrcat(mget_mask,"*"); do_dir((char *)inbuf,(char *)outbuf,mget_mask,attribute,do_mget,False,False); } } @@ -1664,7 +1664,7 @@ static BOOL do_mkdir(char *name) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,name); + pstrcpy(p,name); send_smb(Client,outbuf); client_receive_smb(Client,inbuf,CLIENT_TIMEOUT); @@ -1692,7 +1692,7 @@ static void cmd_mkdir(char *inbuf,char *outbuf) fstring buf; char *p=buf; - strcpy(mask,cur_dir); + pstrcpy(mask,cur_dir); if (!next_token(NULL,p,NULL)) { @@ -1700,7 +1700,7 @@ static void cmd_mkdir(char *inbuf,char *outbuf) DEBUG(0,("mkdir <dirname>\n")); return; } - strcat(mask,p); + pstrcat(mask,p); if (recurse) { @@ -1708,17 +1708,17 @@ static void cmd_mkdir(char *inbuf,char *outbuf) pstring ddir2; *ddir2 = 0; - strcpy(ddir,mask); + pstrcpy(ddir,mask); trim_string(ddir,".",NULL); p = strtok(ddir,"/\\"); while (p) { - strcat(ddir2,p); + pstrcat(ddir2,p); if (!chkpath(ddir2,False)) { do_mkdir(ddir2); } - strcat(ddir2,"\\"); + pstrcat(ddir2,"\\"); p = strtok(NULL,"/\\"); } } @@ -1847,7 +1847,7 @@ static void do_put(char *rname,char *lname,file_info *finfo) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,rname); + pstrcpy(p,rname); send_smb(Client,outbuf); client_receive_smb(Client,inbuf,CLIENT_TIMEOUT); @@ -1969,8 +1969,8 @@ static void cmd_put(char *dum_in, char *dum_out) file_info finfo; finfo = def_finfo; - strcpy(rname,cur_dir); - strcat(rname,"\\"); + pstrcpy(rname,cur_dir); + pstrcat(rname,"\\"); if (!next_token(NULL,p,NULL)) @@ -1978,12 +1978,12 @@ static void cmd_put(char *dum_in, char *dum_out) DEBUG(0,("put <filename>\n")); return; } - strcpy(lname,p); + pstrcpy(lname,p); if (next_token(NULL,p,NULL)) - strcat(rname,p); + pstrcat(rname,p); else - strcat(rname,lname); + pstrcat(rname,lname); dos_clean_name(rname); @@ -2012,7 +2012,7 @@ static BOOL seek_list(FILE *f,char *name) trim_string(s,"./",NULL); if (strncmp(s,name,strlen(name)) != 0) { - strcpy(name,s); + pstrcpy(name,s); return(True); } } @@ -2026,7 +2026,7 @@ static BOOL seek_list(FILE *f,char *name) ****************************************************************************/ static void cmd_select(char *dum_in, char *dum_out) { - strcpy(fileselection,""); + pstrcpy(fileselection,""); next_token(NULL,fileselection,NULL); } @@ -2082,16 +2082,16 @@ static void cmd_mput(char *dum_in, char *dum_out) "Put directory %s? ",lname); if (prompt && !yesno(quest)) { - strcat(lname,"/"); + pstrcat(lname,"/"); if (!seek_list(f,lname)) break; goto again1; } - strcpy(rname,cur_dir); - strcat(rname,lname); + pstrcpy(rname,cur_dir); + pstrcat(rname,lname); if (!chkpath(rname,False) && !do_mkdir(rname)) { - strcat(lname,"/"); + pstrcat(lname,"/"); if (!seek_list(f,lname)) break; goto again1; @@ -2105,8 +2105,8 @@ static void cmd_mput(char *dum_in, char *dum_out) "Put file %s? ",lname); if (prompt && !yesno(quest)) continue; - strcpy(rname,cur_dir); - strcat(rname,lname); + pstrcpy(rname,cur_dir); + pstrcat(rname,lname); } dos_format(rname); @@ -2139,9 +2139,9 @@ static void do_cancel(int job) p = param; SSVAL(p,0,81); /* DosPrintJobDel() */ p += 2; - strcpy(p,"W"); + pstrcpy(p,"W"); p = skip_string(p,1); - strcpy(p,""); + pstrcpy(p,""); p = skip_string(p,1); SSVAL(p,0,job); p += 2; @@ -2221,13 +2221,13 @@ static void cmd_print(char *inbuf,char *outbuf ) return; } - strcpy(rname,lname); + pstrcpy(rname,lname); p = strrchr(rname,'/'); if (p) { pstring tname; - strcpy(tname,p+1); - strcpy(rname,tname); + pstrcpy(tname,p+1); + pstrcpy(rname,tname); } if ((int)strlen(rname) > 14) @@ -2236,7 +2236,7 @@ static void cmd_print(char *inbuf,char *outbuf ) if (strequal(lname,"-")) { f = stdin; - strcpy(rname,"stdin"); + pstrcpy(rname,"stdin"); } dos_clean_name(rname); @@ -2253,7 +2253,7 @@ static void cmd_print(char *inbuf,char *outbuf ) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,rname); + pstrcpy(p,rname); send_smb(Client,outbuf); client_receive_smb(Client,inbuf,CLIENT_TIMEOUT); @@ -2391,13 +2391,13 @@ static void cmd_queue(char *inbuf,char *outbuf ) { switch (CVAL(p,4)) { - case 0x01: sprintf(status,"held or stopped"); break; - case 0x02: sprintf(status,"printing"); break; - case 0x03: sprintf(status,"awaiting print"); break; - case 0x04: sprintf(status,"in intercept"); break; - case 0x05: sprintf(status,"file had error"); break; - case 0x06: sprintf(status,"printer error"); break; - default: sprintf(status,"unknown"); break; + case 0x01: safe_strcpy(status,"held or stopped", sizeof(status)-1); break; + case 0x02: safe_strcpy(status,"printing",sizeof(status)-1); break; + case 0x03: safe_strcpy(status,"awaiting print", sizeof(status)-1); break; + case 0x04: safe_strcpy(status,"in intercept",sizeof(status)-1); break; + case 0x05: safe_strcpy(status,"file had error",sizeof(status)-1); break; + case 0x06: safe_strcpy(status,"printer error",sizeof(status)-1); break; + default: safe_strcpy(status,"unknown",sizeof(status)-1); break; } DEBUG(0,("%-6d %-16.16s %-9d %s\n", @@ -2432,16 +2432,16 @@ static void cmd_p_queue_4(char *inbuf,char *outbuf ) p = param; SSVAL(p,0,76); /* API function number 76 (DosPrintJobEnum) */ p += 2; - strcpy(p,"zWrLeh"); /* parameter description? */ + pstrcpy(p,"zWrLeh"); /* parameter description? */ p = skip_string(p,1); - strcpy(p,"WWzWWDDzz"); /* returned data format */ + pstrcpy(p,"WWzWWDDzz"); /* returned data format */ p = skip_string(p,1); - strcpy(p,strrchr(service,'\\')+1); /* name of queue */ + pstrcpy(p,strrchr(service,'\\')+1); /* name of queue */ p = skip_string(p,1); SSVAL(p,0,2); /* API function level 2, PRJINFO_2 data structure */ SSVAL(p,2,1000); /* size of bytes of returned data buffer */ p += 4; - strcpy(p,""); /* subformat */ + pstrcpy(p,""); /* subformat */ p = skip_string(p,1); DEBUG(1,("Calling DosPrintJobEnum()...\n")); @@ -2467,9 +2467,9 @@ static void cmd_p_queue_4(char *inbuf,char *outbuf ) char *JobName; char *JobTimeStr; time_t JobTime; - char PrinterName[20]; + fstring PrinterName; - strcpy(PrinterName,strrchr(service,'\\')+1); /* name of queue */ + fstrcpy(PrinterName,strrchr(service,'\\')+1); /* name of queue */ strlower(PrinterName); /* in lower case */ p = rdata; /* received data */ @@ -2539,16 +2539,16 @@ static void cmd_qinfo(char *inbuf,char *outbuf ) p = param; SSVAL(p,0,70); /* API function number 70 (DosPrintQGetInfo) */ p += 2; - strcpy(p,"zWrLh"); /* parameter description? */ + pstrcpy(p,"zWrLh"); /* parameter description? */ p = skip_string(p,1); - strcpy(p,"zWWWWzzzzWWzzl"); /* returned data format */ + pstrcpy(p,"zWWWWzzzzWWzzl"); /* returned data format */ p = skip_string(p,1); - strcpy(p,strrchr(service,'\\')+1); /* name of queue */ + pstrcpy(p,strrchr(service,'\\')+1); /* name of queue */ p = skip_string(p,1); SSVAL(p,0,3); /* API function level 3, just queue info, no job info */ SSVAL(p,2,1000); /* size of bytes of returned data buffer */ p += 4; - strcpy(p,""); /* subformat */ + pstrcpy(p,""); /* subformat */ p = skip_string(p,1); DEBUG(1,("Calling DosPrintQueueGetInfo()...\n")); @@ -2634,8 +2634,8 @@ static void do_del(file_info *finfo) char *inbuf,*outbuf; pstring mask; - strcpy(mask,cur_dir); - strcat(mask,finfo->name); + pstrcpy(mask,cur_dir); + pstrcat(mask,finfo->name); if (finfo->mode & aDIR) return; @@ -2660,7 +2660,7 @@ static void do_del(file_info *finfo) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,mask); + pstrcpy(p,mask); send_smb(Client,outbuf); client_receive_smb(Client,inbuf,CLIENT_TIMEOUT); @@ -2684,14 +2684,14 @@ static void cmd_del(char *inbuf,char *outbuf ) if (recurse) attribute |= aDIR; - strcpy(mask,cur_dir); + pstrcpy(mask,cur_dir); if (!next_token(NULL,buf,NULL)) { DEBUG(0,("del <filename>\n")); return; } - strcat(mask,buf); + pstrcat(mask,buf); do_dir((char *)inbuf,(char *)outbuf,mask,attribute,do_del,False,False); } @@ -2706,14 +2706,14 @@ static void cmd_rmdir(char *inbuf,char *outbuf ) fstring buf; char *p; - strcpy(mask,cur_dir); + pstrcpy(mask,cur_dir); if (!next_token(NULL,buf,NULL)) { DEBUG(0,("rmdir <dirname>\n")); return; } - strcat(mask,buf); + pstrcat(mask,buf); bzero(outbuf,smb_size); set_message(outbuf,0,2 + strlen(mask),True); @@ -2725,7 +2725,7 @@ static void cmd_rmdir(char *inbuf,char *outbuf ) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,mask); + pstrcpy(p,mask); send_smb(Client,outbuf); client_receive_smb(Client,inbuf,CLIENT_TIMEOUT); @@ -2747,16 +2747,16 @@ static void cmd_rename(char *inbuf,char *outbuf ) fstring buf,buf2; char *p; - strcpy(src,cur_dir); - strcpy(dest,cur_dir); + pstrcpy(src,cur_dir); + pstrcpy(dest,cur_dir); if (!next_token(NULL,buf,NULL) || !next_token(NULL,buf2,NULL)) { DEBUG(0,("rename <src> <dest>\n")); return; } - strcat(src,buf); - strcat(dest,buf2); + pstrcat(src,buf); + pstrcat(dest,buf2); bzero(outbuf,smb_size); set_message(outbuf,1,4 + strlen(src) + strlen(dest),True); @@ -2768,10 +2768,10 @@ static void cmd_rename(char *inbuf,char *outbuf ) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,src); + pstrcpy(p,src); p = skip_string(p,1); *p++ = 4; - strcpy(p,dest); + pstrcpy(p,dest); send_smb(Client,outbuf); client_receive_smb(Client,inbuf,CLIENT_TIMEOUT); @@ -2887,13 +2887,13 @@ static void cmd_printmode(char *dum_in, char *dum_out) switch(printmode) { case 0: - strcpy(mode,"text"); + fstrcpy(mode,"text"); break; case 1: - strcpy(mode,"graphics"); + fstrcpy(mode,"graphics"); break; default: - sprintf(mode,"%d",printmode); + slprintf(mode,sizeof(mode)-1,"%d",printmode); break; } @@ -2938,9 +2938,9 @@ static BOOL browse_host(BOOL sort) p = param; SSVAL(p,0,0); /* api number */ p += 2; - strcpy(p,"WrLeh"); + pstrcpy(p,"WrLeh"); p = skip_string(p,1); - strcpy(p,"B13BWz"); + pstrcpy(p,"B13BWz"); p = skip_string(p,1); SSVAL(p,0,1); SSVAL(p,2,BUFFER_SIZE); @@ -2982,13 +2982,13 @@ static BOOL browse_host(BOOL sort) switch (type) { case STYPE_DISKTREE: - strcpy(typestr,"Disk"); break; + fstrcpy(typestr,"Disk"); break; case STYPE_PRINTQ: - strcpy(typestr,"Printer"); break; + fstrcpy(typestr,"Printer"); break; case STYPE_DEVICE: - strcpy(typestr,"Device"); break; + fstrcpy(typestr,"Device"); break; case STYPE_IPC: - strcpy(typestr,"IPC"); break; + fstrcpy(typestr,"IPC"); break; } printf("\t%-15.15s%-10.10s%s\n", @@ -3030,9 +3030,9 @@ static void server_info(void) p = param; SSVAL(p,0,63); /* NetServerGetInfo()? */ p += 2; - strcpy(p,"WrLh"); + pstrcpy(p,"WrLh"); p = skip_string(p,1); - strcpy(p,"zzzBBzz"); + pstrcpy(p,"zzzBBzz"); p = skip_string(p,1); SSVAL(p,0,10); /* level 10 */ SSVAL(p,2,1000); @@ -3092,10 +3092,10 @@ static BOOL list_servers(char *wk_grp) SSVAL(p,0,0x68); /* api number */ p += 2; - strcpy(p,generic_request?"WrLehDO":"WrLehDz"); + pstrcpy(p,generic_request?"WrLehDO":"WrLehDz"); p = skip_string(p,1); - strcpy(p,"B16BBDz"); + pstrcpy(p,"B16BBDz"); p = skip_string(p,1); SSVAL(p,0,uLevel); @@ -3106,7 +3106,7 @@ static BOOL list_servers(char *wk_grp) p += 4; if (!generic_request) { - strcpy(p, wk_grp); + pstrcpy(p, wk_grp); p = skip_string(p,1); } @@ -3551,7 +3551,7 @@ static void usage(char *pname) int save_debuglevel = -1; #ifdef KANJI - strcpy(term_code, KANJI); + pstrcpy(term_code, KANJI); #else /* KANJI */ *term_code = 0; #endif /* KANJI */ @@ -3577,7 +3577,7 @@ static void usage(char *pname) if (getenv("USER")) { - strcpy(username,getenv("USER")); + pstrcpy(username,getenv("USER")); /* modification to support userid%passwd syntax in the USER var 25.Aug.97, jdblair@uab.edu */ @@ -3585,7 +3585,7 @@ static void usage(char *pname) if ((p=strchr(username,'%'))) { *p = 0; - strcpy(password,p+1); + pstrcpy(password,p+1); got_pass = True; memset(strchr(getenv("USER"),'%')+1,'X',strlen(password)); } @@ -3596,11 +3596,11 @@ static void usage(char *pname) 25.Aug.97, jdblair@uab.edu */ if (getenv("PASSWD")) - strcpy(password,getenv("PASSWD")); + pstrcpy(password,getenv("PASSWD")); if (*username == 0 && getenv("LOGNAME")) { - strcpy(username,getenv("LOGNAME")); + pstrcpy(username,getenv("LOGNAME")); strupper(username); } @@ -3613,7 +3613,7 @@ static void usage(char *pname) if (*argv[1] != '-') { - strcpy(service,argv[1]); + pstrcpy(service,argv[1]); /* Convert any '/' characters in the service name to '\' characters */ string_replace( service, '/','\\'); argc--; @@ -3638,7 +3638,7 @@ static void usage(char *pname) if (argc > 1 && (*argv[1] != '-')) { got_pass = True; - strcpy(password,argv[1]); + pstrcpy(password,argv[1]); memset(argv[1],'X',strlen(argv[1])); argc--; argv++; @@ -3653,19 +3653,19 @@ static void usage(char *pname) max_protocol = interpret_protocol(optarg,max_protocol); break; case 'O': - strcpy(user_socket_options,optarg); + pstrcpy(user_socket_options,optarg); break; case 'R': pstrcpy(new_name_resolve_order, optarg); break; case 'S': - strcpy(desthost,optarg); + pstrcpy(desthost,optarg); strupper(desthost); nt_domain_logon = True; break; case 'M': name_type = 0x03; /* messages are sent to NetBIOS name type 0x3 */ - strcpy(desthost,optarg); + pstrcpy(desthost,optarg); strupper(desthost); message = True; break; @@ -3673,7 +3673,7 @@ static void usage(char *pname) iface_set_default(NULL,optarg,NULL); break; case 'D': - strcpy(base_directory,optarg); + pstrcpy(base_directory,optarg); break; case 'T': if (!tar_parseargs(argc, argv, optarg, optind)) { @@ -3682,20 +3682,20 @@ static void usage(char *pname) } break; case 'i': - strcpy(scope,optarg); + pstrcpy(scope,optarg); break; case 'L': got_pass = True; - strcpy(query_host,optarg); + pstrcpy(query_host,optarg); break; case 'U': { char *lp; - strcpy(username,optarg); + pstrcpy(username,optarg); if ((lp=strchr(username,'%'))) { *lp = 0; - strcpy(password,lp+1); + pstrcpy(password,lp+1); got_pass = True; memset(strchr(optarg,'%')+1,'X',strlen(password)); } @@ -3703,7 +3703,7 @@ static void usage(char *pname) break; case 'W': - strcpy(workgroup,optarg); + pstrcpy(workgroup,optarg); break; case 'E': dbf = stderr; @@ -3716,7 +3716,7 @@ static void usage(char *pname) } break; case 'n': - strcpy(global_myname,optarg); + pstrcpy(global_myname,optarg); break; case 'N': got_pass = True; @@ -3746,10 +3746,10 @@ static void usage(char *pname) exit(0); break; case 's': - strcpy(servicesf, optarg); + pstrcpy(servicesf, optarg); break; case 't': - strcpy(term_code, optarg); + pstrcpy(term_code, optarg); break; default: usage(pname); @@ -3787,7 +3787,7 @@ static void usage(char *pname) interpret_coding_system(term_code); if (*workgroup == 0) - strcpy(workgroup,lp_workgroup()); + pstrcpy(workgroup,lp_workgroup()); load_interfaces(); get_myname((*global_myname)?NULL:global_myname,NULL); diff --git a/source3/client/clientutil.c b/source3/client/clientutil.c index ab1b37c72d..a09832a68b 100644 --- a/source3/client/clientutil.c +++ b/source3/client/clientutil.c @@ -320,7 +320,7 @@ BOOL cli_send_session_request(char *inbuf,char *outbuf) int len = 4; /* send a session request (RFC 8002) */ - strcpy(dest,desthost); + fstrcpy(dest,desthost); p = strchr(dest,'.'); if (p) *p = 0; @@ -454,11 +454,11 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, if (strstr(service,"IPC$")) connect_as_ipc = True; #endif - strcpy(dev,"A:"); + pstrcpy(dev,"A:"); if (connect_as_printer) - strcpy(dev,"LPT1:"); + pstrcpy(dev,"LPT1:"); if (connect_as_ipc) - strcpy(dev,"IPC"); + pstrcpy(dev,"IPC"); if (start_session && !cli_send_session_request(inbuf,outbuf)) @@ -490,7 +490,7 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, numprots++) { *p++ = 2; - strcpy(p,prots[numprots].name); + pstrcpy(p,prots[numprots].name); p += strlen(p) + 1; } } @@ -593,7 +593,7 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, { fstring pword; int passlen = strlen(pass)+1; - strcpy(pword,pass); + fstrcpy(pword,pass); if (doencrypt && *pass) { DEBUG(3,("Using encrypted passwords\n")); @@ -602,7 +602,7 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, } /* if in share level security then don't send a password now */ - if (!(opt.sec_mode & 1)) {strcpy(pword, "");passlen=1;} + if (!(opt.sec_mode & 1)) {fstrcpy(pword, "");passlen=1;} /* send a session setup command */ bzero(outbuf,smb_size); @@ -621,7 +621,7 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, p = smb_buf(outbuf); memcpy(p,pword,passlen); p += passlen; - strcpy(p,username); + pstrcpy(p,username); } else { if (!doencrypt) passlen--; /* for Win95 */ @@ -638,10 +638,10 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, SSVAL(outbuf,smb_vwv8,0); p = smb_buf(outbuf); memcpy(p,pword,passlen); p += SVAL(outbuf,smb_vwv7); - strcpy(p,username);p = skip_string(p,1); - strcpy(p,workgroup);p = skip_string(p,1); - strcpy(p,"Unix");p = skip_string(p,1); - strcpy(p,"Samba");p = skip_string(p,1); + pstrcpy(p,username);p = skip_string(p,1); + pstrcpy(p,workgroup);p = skip_string(p,1); + pstrcpy(p,"Unix");p = skip_string(p,1); + pstrcpy(p,"Samba");p = skip_string(p,1); set_message(outbuf,13,PTR_DIFF(p,smb_buf(outbuf)),False); } @@ -717,7 +717,7 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, { int passlen = strlen(pass)+1; fstring pword; - strcpy(pword,pass); + fstrcpy(pword,pass); if (doencrypt && *pass) { passlen=24; @@ -726,7 +726,7 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, /* if in user level security then don't send a password now */ if ((opt.sec_mode & 1)) { - strcpy(pword, ""); passlen=1; + fstrcpy(pword, ""); passlen=1; } if (Protocol <= PROTOCOL_COREPLUS) { @@ -736,13 +736,13 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, p = smb_buf(outbuf); *p++ = 0x04; - strcpy(p, service); + pstrcpy(p, service); p = skip_string(p,1); *p++ = 0x04; memcpy(p,pword,passlen); p += passlen; *p++ = 0x04; - strcpy(p, dev); + pstrcpy(p, dev); } else { set_message(outbuf,4,2 + strlen(service) + passlen + strlen(dev),True); @@ -755,9 +755,9 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, p = smb_buf(outbuf); memcpy(p,pword,passlen); p += passlen; - strcpy(p,service); + pstrcpy(p,service); p = skip_string(p,1); - strcpy(p,dev); + pstrcpy(p,dev); } } @@ -771,7 +771,7 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup, Protocol >= PROTOCOL_LANMAN1) { DEBUG(2,("first SMBtconX failed, trying again. %s\n",smb_errstr(inbuf))); - strcpy(pass,""); + pstrcpy(pass,""); goto again2; } @@ -873,13 +873,13 @@ BOOL cli_open_sockets(int port ) } else { - strcpy(service2,service); + pstrcpy(service2,service); host = strtok(service2,"\\/"); if (!host) { DEBUG(0,("Badly formed host name\n")); return(False); } - strcpy(desthost,host); + pstrcpy(desthost,host); } if (!(*global_myname)) { diff --git a/source3/client/clitar.c b/source3/client/clitar.c index 69a8c9823b..04d435eca7 100644 --- a/source3/client/clitar.c +++ b/source3/client/clitar.c @@ -248,7 +248,7 @@ static void writetarheader(int f, char *aname, int size, time_t mtime, /* write out a "standard" tar format header */ hb.dbuf.name[NAMSIZ-1]='\0'; - strcpy(hb.dbuf.mode, amode); + fstrcpy(hb.dbuf.mode, amode); oct_it(0L, 8, hb.dbuf.uid); oct_it(0L, 8, hb.dbuf.gid); oct_it((long) size, 13, hb.dbuf.size); @@ -309,7 +309,7 @@ static long readtarheader(union hblock *hb, file_info2 *finfo, char *prefix) } - strcpy(finfo->name, prefix); + pstrcpy(finfo->name, prefix); /* use l + 1 to do the null too; do prefix - prefcnt to zap leading slash */ unfixtarname(finfo->name + strlen(prefix), hb->dbuf.name, @@ -574,9 +574,9 @@ static int do_setrtime(char *fname, int mtime) } - strcpy(name, fname); - strcpy(fname, "\\"); - strcat(fname, name); + pstrcpy(name, fname); + pstrcpy(fname, "\\"); + pstrcat(fname, name); inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN); outbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN); @@ -599,7 +599,7 @@ static int do_setrtime(char *fname, int mtime) p = smb_buf(outbuf); *p++ = 4; - strcpy(p, fname); + pstrcpy(p, fname); p+= (strlen(fname)+1); *p++ = 4; @@ -634,9 +634,9 @@ static int do_setrattr(char *fname, int attr, int setit) pstring name; int fattr; - strcpy(name,fname); - strcpy(fname,"\\"); - strcat(fname,name); + pstrcpy(name,fname); + pstrcpy(fname,"\\"); + pstrcat(fname,name); inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN); outbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN); @@ -657,7 +657,7 @@ static int do_setrattr(char *fname, int attr, int setit) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,fname); + pstrcpy(p,fname); p += (strlen(fname)+1); *p++ = 4; @@ -695,7 +695,7 @@ static int do_setrattr(char *fname, int attr, int setit) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,fname); + pstrcpy(p,fname); p += (strlen(fname)+1); *p++ = 4; @@ -736,7 +736,7 @@ static BOOL smbcreat(file_info2 finfo, int *fnum, char *inbuf, char *outbuf) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,finfo.name); + pstrcpy(p,finfo.name); send_smb(Client,outbuf); client_receive_smb(Client,inbuf,CLIENT_TIMEOUT); @@ -844,7 +844,7 @@ static BOOL smbchkpath(char *fname, char *inbuf, char *outbuf) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,fname); + pstrcpy(p,fname); send_smb(Client,outbuf); client_receive_smb(Client,inbuf,CLIENT_TIMEOUT); @@ -871,7 +871,7 @@ static BOOL smbmkdir(char *fname, char *inbuf, char *outbuf) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,fname); + pstrcpy(p,fname); send_smb(Client,outbuf); client_receive_smb(Client,inbuf,CLIENT_TIMEOUT); @@ -913,7 +913,7 @@ static BOOL ensurepath(char *fname, char *inbuf, char *outbuf) /* fname copied to ffname so can strtok */ - strcpy(ffname, fname); + pstrcpy(ffname, fname); /* do a `basename' on ffname, so don't try and make file name directory */ if ((basehack=strrchr(ffname, '\\')) == NULL) @@ -925,7 +925,7 @@ static BOOL ensurepath(char *fname, char *inbuf, char *outbuf) while (p) { - strcat(partpath, p); + pstrcat(partpath, p); if (!smbchkpath(partpath, inbuf, outbuf)) { if (!smbmkdir(partpath, inbuf, outbuf)) @@ -938,7 +938,7 @@ static BOOL ensurepath(char *fname, char *inbuf, char *outbuf) } - strcat(partpath, "\\"); + pstrcat(partpath, "\\"); p = strtok(NULL,"/\\"); } @@ -1014,7 +1014,7 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) SSVAL(outbuf,smb_vwv8,1); p = smb_buf(outbuf); - strcpy(p,rname); + pstrcpy(p,rname); p = skip_string(p,1); dos_clean_name(rname); @@ -1052,7 +1052,7 @@ static void do_atar(char *rname,char *lname,file_info *finfo1) return; } - strcpy(finfo.name,rname); + pstrcpy(finfo.name,rname); if (!finfo1) { finfo.mode = SVAL(inbuf,smb_vwv3); @@ -1388,11 +1388,11 @@ static void do_tar(file_info *finfo) if (!tar_excl && clipn) { pstring exclaim; - strcpy(exclaim, cur_dir); + pstrcpy(exclaim, cur_dir); *(exclaim+strlen(exclaim)-1)='\0'; - strcat(exclaim, "\\"); - strcat(exclaim, finfo->name); + pstrcat(exclaim, "\\"); + pstrcat(exclaim, finfo->name); DEBUG(5, ("...tar_re_search: %d\n", tar_re_search)); @@ -1422,10 +1422,10 @@ static void do_tar(file_info *finfo) return; } - strcpy(saved_curdir,cur_dir); + pstrcpy(saved_curdir,cur_dir); - strcat(cur_dir,finfo->name); - strcat(cur_dir,"\\"); + pstrcat(cur_dir,finfo->name); + pstrcat(cur_dir,"\\"); DEBUG(5, ("Writing a dir, Name = %s\n", cur_dir)); @@ -1433,16 +1433,16 @@ static void do_tar(file_info *finfo) * 40755 */ writetarheader(tarhandle, cur_dir, 0, finfo->mtime, "040755 \0", '5'); ntarf++; /* Make sure we have a file on there */ - strcpy(mtar_mask,cur_dir); - strcat(mtar_mask,"*"); + pstrcpy(mtar_mask,cur_dir); + pstrcat(mtar_mask,"*"); /* do_dir((char *)inbuf,(char *)outbuf,mtar_mask,attribute,do_tar,recurse,True); */ - strcpy(cur_dir,saved_curdir); + pstrcpy(cur_dir,saved_curdir); free(inbuf);free(outbuf); } else { - strcpy(rname,cur_dir); - strcat(rname,finfo->name); + pstrcpy(rname,cur_dir); + pstrcat(rname,finfo->name); do_atar(rname,finfo->name,finfo); } } @@ -2060,8 +2060,8 @@ void cmd_setmode(char *dum_in, char *dum_out) return; } - strcpy(fname, cur_dir); - strcat(fname, buf); + pstrcpy(fname, cur_dir); + pstrcat(fname, buf); while (next_token(NULL,buf,NULL)) { q=buf; @@ -2153,29 +2153,29 @@ int process_tar(char *inbuf, char *outbuf) if (strrchr(cliplist[i], '\\')) { pstring saved_dir; - strcpy(saved_dir, cur_dir); + pstrcpy(saved_dir, cur_dir); if (*cliplist[i]=='\\') { - strcpy(tarmac, cliplist[i]); + pstrcpy(tarmac, cliplist[i]); } else { - strcpy(tarmac, cur_dir); - strcat(tarmac, cliplist[i]); + pstrcpy(tarmac, cur_dir); + pstrcat(tarmac, cliplist[i]); } - strcpy(cur_dir, tarmac); + pstrcpy(cur_dir, tarmac); *(strrchr(cur_dir, '\\')+1)='\0'; do_dir((char *)inbuf,(char *)outbuf,tarmac,attribute,do_tar,recurse, True); - strcpy(cur_dir,saved_dir); + pstrcpy(cur_dir,saved_dir); } else { - strcpy(tarmac, cur_dir); - strcat(tarmac, cliplist[i]); + pstrcpy(tarmac, cur_dir); + pstrcat(tarmac, cliplist[i]); do_dir((char *)inbuf,(char *)outbuf,tarmac,attribute,do_tar,recurse, True); } } } else { pstring mask; - strcpy(mask,cur_dir); - strcat(mask,"\\*"); + pstrcpy(mask,cur_dir); + pstrcat(mask,"\\*"); do_dir((char *)inbuf,(char *)outbuf,mask,attribute,do_tar,recurse, True); } diff --git a/source3/client/ntclient.c b/source3/client/ntclient.c index bd0d0ccd5a..92d74e1d49 100644 --- a/source3/client/ntclient.c +++ b/source3/client/ntclient.c @@ -217,7 +217,7 @@ BOOL client_do_nt_login(char *desthost, char *myhostname, strlower(mach_pwd); fstrcpy(mach_pwd , myhostname); - strcat(mach_acct, "$"); + fstrcat(mach_acct, "$"); SIVAL(clnt_chal.data, 0, 0x11111111); SIVAL(clnt_chal.data, 4, 0x22222222); diff --git a/source3/client/smbmount.c b/source3/client/smbmount.c index 51c1ee6310..1610a8986b 100644 --- a/source3/client/smbmount.c +++ b/source3/client/smbmount.c @@ -148,7 +148,7 @@ static BOOL chkpath(char *path,BOOL report) pstring inbuf,outbuf; char *p; - strcpy(path2,path); + fstrcpy(path2,path); trim_string(path2,NULL,"\\"); if (!*path2) *path2 = '\\'; @@ -160,7 +160,7 @@ static BOOL chkpath(char *path,BOOL report) p = smb_buf(outbuf); *p++ = 4; - strcpy(p,path2); + fstrcpy(p,path2); #if 0 { @@ -346,7 +346,7 @@ static void cmd_mount(char *inbuf,char *outbuf) * Build the service name to report on the Unix side, * converting '\' to '/' and ' ' to '_'. */ - strcpy(share_name, service); + pstrcpy(share_name, service); string_replace(share_name, '\\', '/'); string_replace(share_name, ' ', '_'); @@ -354,8 +354,8 @@ static void cmd_mount(char *inbuf,char *outbuf) while(next_token(NULL, buf, NULL)) { - strcat(mount_command, " "); - strcat(mount_command, buf); + pstrcat(mount_command, " "); + pstrcat(mount_command, buf); } DEBUG(3, ("mount command: %s\n", mount_command)); @@ -683,7 +683,7 @@ static void usage(char *pname) char *p; #ifdef KANJI - strcpy(term_code, KANJI); + pstrcpy(term_code, KANJI); #else /* KANJI */ *term_code = 0; #endif /* KANJI */ @@ -707,7 +707,7 @@ static void usage(char *pname) if (getenv("USER")) { - strcpy(username,getenv("USER")); + pstrcpy(username,getenv("USER")); /* modification to support userid%passwd syntax in the USER var 25.Aug.97, jdblair@uab.edu */ @@ -715,7 +715,7 @@ static void usage(char *pname) if ((p=strchr(username,'%'))) { *p = 0; - strcpy(password,p+1); + pstrcpy(password,p+1); got_pass = True; memset(strchr(getenv("USER"),'%')+1,'X',strlen(password)); } @@ -726,11 +726,11 @@ static void usage(char *pname) 25.Aug.97, jdblair@uab.edu */ if (getenv("PASSWD")) - strcpy(password,getenv("PASSWD")); + pstrcpy(password,getenv("PASSWD")); if (*username == 0 && getenv("LOGNAME")) { - strcpy(username,getenv("LOGNAME")); + pstrcpy(username,getenv("LOGNAME")); strupper(username); } @@ -743,7 +743,7 @@ static void usage(char *pname) if (*argv[1] != '-') { - strcpy(service, argv[1]); + pstrcpy(service, argv[1]); /* Convert any '/' characters in the service name to '\' characters */ string_replace( service, '/','\\'); argc--; @@ -759,7 +759,7 @@ static void usage(char *pname) if (argc > 1 && (*argv[1] != '-')) { got_pass = True; - strcpy(password,argv[1]); + pstrcpy(password,argv[1]); memset(argv[1],'X',strlen(argv[1])); argc--; argv++; @@ -774,10 +774,10 @@ static void usage(char *pname) max_protocol = interpret_protocol(optarg,max_protocol); break; case 'O': - strcpy(user_socket_options,optarg); + pstrcpy(user_socket_options,optarg); break; case 'S': - strcpy(desthost,optarg); + pstrcpy(desthost,optarg); strupper(desthost); nt_domain_logon = True; break; @@ -785,19 +785,19 @@ static void usage(char *pname) iface_set_default(NULL,optarg,NULL); break; case 'D': - strcpy(base_directory,optarg); + pstrcpy(base_directory,optarg); break; case 'i': - strcpy(scope,optarg); + pstrcpy(scope,optarg); break; case 'U': { char *lp; - strcpy(username,optarg); + pstrcpy(username,optarg); if ((lp=strchr(username,'%'))) { *lp = 0; - strcpy(password,lp+1); + pstrcpy(password,lp+1); got_pass = True; memset(strchr(optarg,'%')+1,'X',strlen(password)); } @@ -805,7 +805,7 @@ static void usage(char *pname) break; case 'W': - strcpy(workgroup,optarg); + pstrcpy(workgroup,optarg); break; case 'E': dbf = stderr; @@ -818,7 +818,7 @@ static void usage(char *pname) } break; case 'n': - strcpy(global_myname,optarg); + pstrcpy(global_myname,optarg); break; case 'N': got_pass = True; @@ -844,10 +844,10 @@ static void usage(char *pname) exit(0); break; case 's': - strcpy(servicesf, optarg); + pstrcpy(servicesf, optarg); break; case 't': - strcpy(term_code, optarg); + pstrcpy(term_code, optarg); break; default: usage(pname); @@ -877,7 +877,7 @@ static void usage(char *pname) interpret_coding_system(term_code); if (*workgroup == 0) - strcpy(workgroup,lp_workgroup()); + pstrcpy(workgroup,lp_workgroup()); load_interfaces(); get_myname((*global_myname)?NULL:global_myname,NULL); diff --git a/source3/client/smbumount.c b/source3/client/smbumount.c index 8d76aefc5f..91b41d4206 100644 --- a/source3/client/smbumount.c +++ b/source3/client/smbumount.c @@ -92,7 +92,7 @@ canonicalize (const char *path) if (realpath (path, canonical)) return canonical; - strcpy (canonical, path); + pstrcpy (canonical, path); return canonical; } diff --git a/source3/include/includes.h b/source3/include/includes.h index d741e07c28..d345ea38de 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -332,6 +332,10 @@ extern int innetgr (const char *, const char *, const char *, const char *); #define REPLACE_GETPASS #endif /* REPLACE_GETPASS */ #define USE_SIGPROCMASK +#ifndef QSORT_CAST +#define QSORT_CAST (int (*)(const void *, const void *)) +#endif /* QSORT_CAST */ +#define HAVE_VSNPRINTF #endif @@ -547,6 +551,7 @@ char *mktemp(char *); /* No standard include */ #define HAVE_GETTIMEOFDAY #define HAVE_PATHCONF #define HAVE_GETGRNAM 1 +#define HAVE_VSNPRINTF #define QSORT_CAST (int (*)(const void *, const void *)) #if !defined(O_SYNC) #if defined(O_FSYNC) @@ -624,6 +629,7 @@ char *mktemp(char *); /* No standard include */ #define USE_SETRES #define USE_SYSV_IPC #define NO_SEMUN +#define HAVE_VALLOC #define DEFAULT_PRINTING PRINT_HPUX /* Ken Weiss <krweiss@ucdavis.edu> tells us that SIGCLD_IGNORE is not good for HPUX */ @@ -1353,12 +1359,29 @@ extern int errno; #define strncasecmp(s1,s2,n) StrnCaseCmp(s1,s2,n) #endif -#ifndef strcpy -#define strcpy(dest,src) StrCpy(dest,src) -#endif +#ifdef strcpy +#undef strcpy +#endif /* strcpy */ +#define strcpy(dest,src) __ERROR__XX__NEVER_USE_STRCPY___; + +#ifdef strcat +#undef strcat +#endif /* strcat */ +#define strcat(dest,src) __ERROR__XX__NEVER_USE_STRCAT___; + +#ifdef sprintf +#undef sprintf +#endif /* sprintf */ +#define sprintf __ERROR__XX__NEVER_USE_SPRINTF__>; + +#define pstrcpy(d,s) safe_strcpy((d),(s),sizeof(pstring)-1) +#define pstrcat(d,s) safe_strcat((d),(s),sizeof(pstring)-1) +#define fstrcpy(d,s) safe_strcpy((d),(s),sizeof(fstring)-1) +#define fstrcat(d,s) safe_strcat((d),(s),sizeof(fstring)-1) #if MEM_MAN #include "mem_man/mem_man.h" -#endif +#endif /* MEM_MAN */ + #endif diff --git a/source3/include/proto.h b/source3/include/proto.h index 79712d3c87..2285f36aa9 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1170,7 +1170,7 @@ BOOL is_8_3( char *fname, BOOL check_case ); int str_checksum( char *s ); void reset_mangled_cache( void ); BOOL check_mangled_cache( char *s ); -void mangle_name_83( char *s ); +void mangle_name_83( char *s, int s_len ); BOOL name_map_mangle( char *OutName, BOOL need83, int snum ); /*The following definitions come from md4.c */ @@ -2054,7 +2054,9 @@ char *unistr(char *buf); int unistrncpy(char *dst, char *src, int len); int unistrcpy(char *dst, char *src); void fstrcpy(char *dest, char *src); -void pstrcpy(char *dest, char *src); +void fstrcat(char *dest, char *src); +char *safe_strcpy(char *dest, char *src, int maxlength); +char *safe_strcat(char *dest, char *src, int maxlength); char *align4(char *q, char *base); char *align2(char *q, char *base); char *align_offset(char *q, char *base, int align_offset_len); diff --git a/source3/include/smb.h b/source3/include/smb.h index d8fe5a84f7..714d3b2eb4 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -237,7 +237,7 @@ implemented */ typedef char pstring[1024]; typedef char fstring[128]; -typedef fstring string; +/* typedef fstring string; */ /* pipe strings */ diff --git a/source3/lib/charset.c b/source3/lib/charset.c index d8ce38f396..db331af115 100644 --- a/source3/lib/charset.c +++ b/source3/lib/charset.c @@ -200,9 +200,9 @@ static codepage_p load_client_codepage( int client_codepage ) return NULL; } - strcpy(codepage_file_name, CODEPAGEDIR); - strcat(codepage_file_name, "/"); - strcat(codepage_file_name, "codepage."); + pstrcpy(codepage_file_name, CODEPAGEDIR); + pstrcat(codepage_file_name, "/"); + pstrcat(codepage_file_name, "codepage."); slprintf(&codepage_file_name[strlen(codepage_file_name)], sizeof(pstring)-(strlen(codepage_file_name)+1), "%03d", diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index b09f683e62..5e87275ce8 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -84,7 +84,7 @@ static void do_dirrand(char *name, unsigned char *buf, int buf_len) struct stat st; if(strlen(p) <= len_left) - strcpy(pos, p); + pstrcpy(pos, p); if(sys_stat(fullname,&st) == 0) { SIVAL(buf, ((counter * 4)%(buf_len-4)), diff --git a/source3/lib/kanji.c b/source3/lib/kanji.c index 401e91e534..afe255d36a 100644 --- a/source3/lib/kanji.c +++ b/source3/lib/kanji.c @@ -419,7 +419,7 @@ static char *sj_to_euc(char *from, BOOL overwrite) } *out = 0; if (overwrite) { - strcpy((char *) save, (char *) cvtbuf); + pstrcpy((char *) save, (char *) cvtbuf); return (char *) save; } else { return cvtbuf; @@ -451,7 +451,7 @@ static char *euc_to_sj(char *from, BOOL overwrite) } *out = 0; if (overwrite) { - strcpy(save, (char *) cvtbuf); + pstrcpy(save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -522,7 +522,7 @@ static char *jis8_to_sj(char *from, BOOL overwrite) } *out = 0; if (overwrite) { - strcpy (save, (char *) cvtbuf); + pstrcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -578,7 +578,7 @@ static char *sj_to_jis8(char *from, BOOL overwrite) } *out = 0; if (overwrite) { - strcpy (save, (char *) cvtbuf); + pstrcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -637,7 +637,7 @@ static char *jis7_to_sj(char *from, BOOL overwrite) } *out = 0; if (overwrite) { - strcpy (save, (char *) cvtbuf); + pstrcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -713,7 +713,7 @@ static char *sj_to_jis7(char *from, BOOL overwrite) } *out = 0; if (overwrite) { - strcpy (save, (char *) cvtbuf); + pstrcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -769,7 +769,7 @@ static char *junet_to_sj(char *from, BOOL overwrite) } *out = 0; if (overwrite) { - strcpy (save, (char *) cvtbuf); + pstrcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -838,7 +838,7 @@ static char *sj_to_junet(char *from, BOOL overwrite) } *out = 0; if (overwrite) { - strcpy (save, (char *) cvtbuf); + pstrcpy (save, (char *) cvtbuf); return save; } else { return cvtbuf; @@ -864,7 +864,7 @@ static char *hex_to_sj(char *from, BOOL overwrite) } *dp = '\0'; if (overwrite) { - strcpy ((char *) from, (char *) cvtbuf); + pstrcpy ((char *) from, (char *) cvtbuf); return (char *) from; } else { return cvtbuf; @@ -900,7 +900,7 @@ static char *sj_to_hex(char *from, BOOL overwrite) } *dp = '\0'; if (overwrite) { - strcpy ((char *) from, (char *) cvtbuf); + pstrcpy ((char *) from, (char *) cvtbuf); return (char *) from; } else { return cvtbuf; @@ -932,7 +932,7 @@ static char *cap_to_sj(char *from, BOOL overwrite) } *dp = '\0'; if (overwrite) { - strcpy ((char *) from, (char *) cvtbuf); + pstrcpy ((char *) from, (char *) cvtbuf); return (char *) from; } else { return cvtbuf; @@ -960,7 +960,7 @@ static char *sj_to_cap(char *from, BOOL overwrite) } *dp = '\0'; if (overwrite) { - strcpy ((char *) from, (char *) cvtbuf); + pstrcpy ((char *) from, (char *) cvtbuf); return (char *) from; } else { return cvtbuf; @@ -973,7 +973,7 @@ static char *sj_to_cap(char *from, BOOL overwrite) static char *sj_to_sj(char *from, BOOL overwrite) { if (!overwrite) { - strcpy (cvtbuf, (char *) from); + pstrcpy (cvtbuf, (char *) from); return cvtbuf; } else { return (char *) from; diff --git a/source3/lib/pidfile.c b/source3/lib/pidfile.c index 46d6a9d5b8..9cb3f5afef 100644 --- a/source3/lib/pidfile.c +++ b/source3/lib/pidfile.c @@ -58,7 +58,7 @@ void pidfile_create(char *name) } memset(buf, 0, sizeof(buf)); - sprintf(buf, "%u\n", (unsigned int) getpid()); + slprintf(buf, sizeof(buf) - 1, "%u\n", (unsigned int) getpid()); if (write(fd, buf, sizeof(buf)) != sizeof(buf)) { DEBUG(0,("ERROR: can't write to %s: %s\n", pidFile, strerror(errno))); diff --git a/source3/lib/slprintf.c b/source3/lib/slprintf.c index e2dc0e1235..9a00585ca8 100644 --- a/source3/lib/slprintf.c +++ b/source3/lib/slprintf.c @@ -41,7 +41,15 @@ int vslprintf(char *str, int n, char *format, va_list ap) /* note: we don't free the old memory (if any) as we don't want a malloc lib to reuse the memory as it will have the wrong permissions */ +#ifdef HAVE_MEMALIGN buf = memalign(pagesize, len); +#else /* HAVE_MEMALIGN */ +#ifdef HAVE_VALLOC + buf = valloc(len); +#else /* HAVE_VALLOC */ + buf = malloc(len); +#endif /* HAVE_VALLOC */ +#endif /* HAVE_MEMALIGN */ if (buf) { if (mprotect(buf+(len-pagesize), pagesize, PROT_READ) != 0) { exit(1); diff --git a/source3/lib/time.c b/source3/lib/time.c index 716f5d62cc..f5c40f0ba0 100644 --- a/source3/lib/time.c +++ b/source3/lib/time.c @@ -486,7 +486,7 @@ char *timestring(void ) int zone = TimeDiff(t); int absZoneMinutes = (zone<0 ? -zone : zone) / 60; size_t len = strftime(TimeBuf,sizeof(TimeBuf)-6,"%Y/%m/%d %T",tm); - sprintf(TimeBuf+len," %c%02d%02d", + slprintf(TimeBuf+len, sizeof(fstring) - len - 1, " %c%02d%02d", zone<0?'+':'-',absZoneMinutes/60,absZoneMinutes%60); } #else diff --git a/source3/lib/util.c b/source3/lib/util.c index d2600512e2..f1ea1931c5 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -178,14 +178,14 @@ void reopen_logs(void) if (DEBUGLEVEL > 0) { - strcpy(fname,debugf); + pstrcpy(fname,debugf); if (lp_loaded() && (*lp_logfile())) - strcpy(fname,lp_logfile()); + pstrcpy(fname,lp_logfile()); if (!strcsequal(fname,debugf) || !dbf || !file_exist(debugf,NULL)) { int oldumask = umask(022); - strcpy(debugf,fname); + pstrcpy(debugf,fname); if (dbf) fclose(dbf); if (append_log) dbf = fopen(debugf,"a"); @@ -581,7 +581,7 @@ set user socket options ****************************************************************************/ void set_socket_options(int fd, char *options) { - string tok; + fstring tok; while (next_token(&options,tok," \t,")) { @@ -767,7 +767,7 @@ int name_mangle( char *In, char *Out, char name_type ) if( '*' == In[0] ) buf[0] = '*'; else - (void)sprintf( buf, "%-15.15s%c", In, name_type ); + (void)slprintf( buf, sizeof(buf) - 1, "%-15.15s%c", In, name_type ); /* Place the length of the first field into the output buffer. */ p[0] = 32; @@ -869,16 +869,16 @@ return a string representing an attribute for a file ********************************************************************/ char *attrib_string(int mode) { - static char attrstr[10]; + static fstring attrstr; attrstr[0] = 0; - if (mode & aVOLID) strcat(attrstr,"V"); - if (mode & aDIR) strcat(attrstr,"D"); - if (mode & aARCH) strcat(attrstr,"A"); - if (mode & aHIDDEN) strcat(attrstr,"H"); - if (mode & aSYSTEM) strcat(attrstr,"S"); - if (mode & aRONLY) strcat(attrstr,"R"); + if (mode & aVOLID) fstrcat(attrstr,"V"); + if (mode & aDIR) fstrcat(attrstr,"D"); + if (mode & aARCH) fstrcat(attrstr,"A"); + if (mode & aHIDDEN) fstrcat(attrstr,"H"); + if (mode & aSYSTEM) fstrcat(attrstr,"S"); + if (mode & aRONLY) fstrcat(attrstr,"R"); return(attrstr); } @@ -1244,8 +1244,8 @@ void unix_format(char *fname) if (*fname == '/') { pstrcpy(namecopy,fname); - strcpy(fname,"."); - strcat(fname,namecopy); + pstrcpy(fname,"."); + pstrcat(fname,namecopy); } } @@ -1447,7 +1447,7 @@ void dos_clean_name(char *s) *p = 0; else *s = 0; - strcat(s,s1); + pstrcat(s,s1); } trim_string(s,NULL,"\\.."); @@ -1471,7 +1471,7 @@ void unix_clean_name(char *s) if(strncmp(s, "./", 2) == 0) { trim_string(s, "./", NULL); if(*s == 0) - strcpy(s,"./"); + pstrcpy(s,"./"); } while ((p = strstr(s,"/../")) != NULL) @@ -1485,7 +1485,7 @@ void unix_clean_name(char *s) *p = 0; else *s = 0; - strcat(s,s1); + pstrcat(s,s1); } trim_string(s,NULL,"/.."); @@ -1578,7 +1578,7 @@ char *GetWd(char *str) st.st_dev == st2.st_dev && (st2.st_mode & S_IFMT) == S_IFDIR) { - strcpy (str, ino_list[i].text); + pstrcpy (str, ino_list[i].text); /* promote it for future use */ array_promote((char *)&ino_list[0],sizeof(ino_list[0]),i); @@ -1605,7 +1605,7 @@ char *GetWd(char *str) return (NULL); } - strcpy(str,s); + pstrcpy(str,s); DEBUG(5,("GetWd %s, inode %d, dev %x\n",s,(int)st.st_ino,(int)st.st_dev)); @@ -1656,7 +1656,7 @@ BOOL reduce_name(char *s,char *dir,BOOL widelinks) } if (strlen(s) == 0) - strcpy(s,"./"); + pstrcpy(s,"./"); return(True); } @@ -1717,8 +1717,8 @@ BOOL reduce_name(char *s,char *dir,BOOL widelinks) if (p && (p != base_name)) { - strcat(newname,"/"); - strcat(newname,p+1); + pstrcat(newname,"/"); + pstrcat(newname,p+1); } { @@ -1747,7 +1747,7 @@ BOOL reduce_name(char *s,char *dir,BOOL widelinks) ChDir(wd); if (strlen(s) == 0) - strcpy(s,"./"); + pstrcpy(s,"./"); DEBUG(3,("reduced to %s\n",s)); return(True); @@ -1802,7 +1802,7 @@ void expand_mask(char *Mask,BOOL doext) } else { - strcpy(mext,""); + pstrcpy(mext,""); if (strlen(mbeg) > 8) { pstrcpy(mext,mbeg + 8); @@ -1811,12 +1811,12 @@ void expand_mask(char *Mask,BOOL doext) } if (*mbeg == 0) - strcpy(mbeg,"????????"); + pstrcpy(mbeg,"????????"); if ((*mext == 0) && doext && !hasdot) - strcpy(mext,"???"); + pstrcpy(mext,"???"); if (strequal(mbeg,"*") && *mext==0) - strcpy(mext,"*"); + pstrcpy(mext,"*"); /* expand *'s */ expand_one(mbeg,8); @@ -1824,10 +1824,10 @@ void expand_mask(char *Mask,BOOL doext) expand_one(mext,3); pstrcpy(Mask,dirpart); - if (*dirpart || absolute) strcat(Mask,"\\"); - strcat(Mask,mbeg); - strcat(Mask,"."); - strcat(Mask,mext); + if (*dirpart || absolute) pstrcat(Mask,"\\"); + pstrcat(Mask,mbeg); + pstrcat(Mask,"."); + pstrcat(Mask,mext); DEBUG(6,("Mask expanded to [%s]\n",Mask)); } @@ -2769,7 +2769,7 @@ int name_extract(char *buf,int ofs,char *name) { char *p = name_ptr(buf,ofs); int d = PTR_DIFF(p,buf+ofs); - strcpy(name,""); + pstrcpy(name,""); if (d < -50 || d > 50) return(0); return(name_interpret(p,name)); } @@ -2913,7 +2913,7 @@ BOOL string_init(char **dest,char *src) return False; } - strcpy(*dest,src); + pstrcpy(*dest,src); } return(True); } @@ -3057,12 +3057,12 @@ BOOL mask_match(char *str, char *regexp, int case_sig,BOOL trans2) StrnCpy(p2,str,sizeof(pstring)-1); if (!strchr(p2,'.')) { - strcat(p2,"."); + pstrcat(p2,"."); } /* if (!strchr(p1,'.')) { - strcat(p1,"."); + pstrcat(p1,"."); } */ @@ -3077,7 +3077,7 @@ BOOL mask_match(char *str, char *regexp, int case_sig,BOOL trans2) /* Remove any *? and ** as they are meaningless */ for(p = p1; *p; p++) while( *p == '*' && (p[1] == '?' ||p[1] == '*')) - (void)strcpy( &p[1], &p[2]); + (void)pstrcpy( &p[1], &p[2]); if (strequal(p1,"*")) return(True); @@ -3310,11 +3310,11 @@ char *dirname_dos(char *path,char *buf) char *p = strrchr(path,'\\'); if (!p) - strcpy(buf,path); + pstrcpy(buf,path); else { *p = 0; - strcpy(buf,path); + pstrcpy(buf,path); *p = '\\'; } @@ -3330,9 +3330,9 @@ static char *filename_dos(char *path,char *buf) char *p = strrchr(path,'\\'); if (!p) - strcpy(buf,path); + pstrcpy(buf,path); else - strcpy(buf,p+1); + pstrcpy(buf,p+1); return(buf); } @@ -3373,7 +3373,7 @@ duplicate a string if (!s) return(NULL); ret = (char *)malloc(strlen(s)+1); if (!ret) return(NULL); - strcpy(ret,s); + pstrcpy(ret,s); return(ret); } #endif @@ -3748,7 +3748,7 @@ char *client_name(int fd) last_fd = fd; global_client_name_done = False; - strcpy(name_buf,"UNKNOWN"); + pstrcpy(name_buf,"UNKNOWN"); if (fd == -1) { return name_buf; @@ -3769,7 +3769,7 @@ char *client_name(int fd) StrnCpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1); if (!matchname(name_buf, sockin->sin_addr)) { DEBUG(0,("Matchname failed on %s %s\n",name_buf,client_addr(fd))); - strcpy(name_buf,"UNKNOWN"); + pstrcpy(name_buf,"UNKNOWN"); } } global_client_name_done = True; @@ -3793,7 +3793,7 @@ char *client_addr(int fd) last_fd = fd; global_client_addr_done = False; - strcpy(addr_buf,"0.0.0.0"); + fstrcpy(addr_buf,"0.0.0.0"); if (fd == -1) { return addr_buf; @@ -3980,7 +3980,7 @@ char *automount_path(char *user_name) { DEBUG(5, ("NIS lookup succeeded. Home path is: %s\n", home_path_start?(home_path_start+1):"")); - strcpy(server_path, home_path_start+1); + pstrcpy(server_path, home_path_start+1); } } #endif @@ -4029,7 +4029,7 @@ void standard_sub_basic(char *str) case 'a' : string_sub(p,"%a", remote_arch); break; case 'd' : { - sprintf(pidstr,"%d",(int)getpid()); + slprintf(pidstr,sizeof(pidstr) - 1, "%d",(int)getpid()); string_sub(p,"%d", pidstr); break; } @@ -4184,7 +4184,7 @@ char *uidtoname(int uid) static char name[40]; struct passwd *pass = getpwuid(uid); if (pass) return(pass->pw_name); - sprintf(name,"%d",uid); + slprintf(name, sizeof(name) - 1, "%d",uid); return(name); } @@ -4196,7 +4196,7 @@ char *gidtoname(int gid) static char name[40]; struct group *grp = getgrgid(gid); if (grp) return(grp->gr_name); - sprintf(name,"%d",gid); + slprintf(name,sizeof(name) - 1, "%d",gid); return(name); } @@ -4600,23 +4600,23 @@ void set_remote_arch(enum remote_arch_types type) switch( type ) { case RA_WFWG: - strcpy(remote_arch, "WfWg"); + fstrcpy(remote_arch, "WfWg"); return; case RA_OS2: - strcpy(remote_arch, "OS2"); + fstrcpy(remote_arch, "OS2"); return; case RA_WIN95: - strcpy(remote_arch, "Win95"); + fstrcpy(remote_arch, "Win95"); return; case RA_WINNT: - strcpy(remote_arch, "WinNT"); + fstrcpy(remote_arch, "WinNT"); return; case RA_SAMBA: - strcpy(remote_arch,"Samba"); + fstrcpy(remote_arch,"Samba"); return; default: ra_type = RA_UNKNOWN; - strcpy(remote_arch, "UNKNOWN"); + fstrcpy(remote_arch, "UNKNOWN"); break; } } @@ -4793,7 +4793,7 @@ int unistrcpy(char *dst, char *src) return num_wchars; } - +#if 0 /******************************************************************* safe string copy into a fstring ********************************************************************/ @@ -4824,34 +4824,94 @@ void fstrcpy(char *dest, char *src) } /******************************************************************* -safe string copy into a pstring +safe string cat into a fstring ********************************************************************/ -void pstrcpy(char *dest, char *src) +void fstrcat(char *dest, char *src) { - int maxlength = sizeof(pstring) - 1; - int len; + int maxlength = sizeof(fstring) - 1; + int src_len, dest_len; if (!dest) { - DEBUG(0,("ERROR: NULL dest in pstrcpy\n")); + DEBUG(0,("ERROR: NULL dest in fstrcat\n")); return; } if (!src) { - *dest = 0; return; } + src_len = strlen(src); + dest_len = strlen(dest); + + if (src_len + dest_len > maxlength) { + DEBUG(0,("ERROR: string overflow by %d in fstrcat [%.50s]\n", + src_len + dest_len - maxlength, src)); + src_len = maxlength - dest_len; + } + + memcpy(&dest[dest_len], src, src_len); + dest[dest_len + src_len] = 0; +} +#endif + +/******************************************************************* +safe string copy into a known length string +********************************************************************/ +char *safe_strcpy(char *dest, char *src, int maxlength) +{ + int len; + + if (!dest) { + DEBUG(0,("ERROR: NULL dest in safe_strcpy\n")); + return NULL; + } + + if (!src) { + *dest = 0; + return dest; + } + len = strlen(src); if (len > maxlength) { - DEBUG(0,("ERROR: string overflow by %d in pstrcpy [%.50s]\n", + DEBUG(0,("ERROR: string overflow by %d in safe_strcpy [%.50s]\n", len-maxlength, src)); len = maxlength; } memcpy(dest, src, len); dest[len] = 0; + return dest; } +/******************************************************************* +safe string cat into a string +********************************************************************/ +char *safe_strcat(char *dest, char *src, int maxlength) +{ + int src_len, dest_len; + + if (!dest) { + DEBUG(0,("ERROR: NULL dest in safe_strcat\n")); + return NULL; + } + + if (!src) { + return dest; + } + + src_len = strlen(src); + dest_len = strlen(dest); + + if (src_len + dest_len > maxlength) { + DEBUG(0,("ERROR: string overflow by %d in safe_strcat [%.50s]\n", + src_len + dest_len - maxlength, src)); + src_len = maxlength - dest_len; + } + + memcpy(&dest[dest_len], src, src_len); + dest[dest_len + src_len] = 0; + return dest; +} /******************************************************************* align a pointer to a multiple of 4 bytes @@ -4954,12 +5014,12 @@ char *dom_sid_to_string(DOM_SID *sid) (sid->id_auth[3] << 16) + (sid->id_auth[2] << 24); - sprintf(sidstr, "S-%d-%d", sid->sid_rev_num, ia); + slprintf(sidstr, sizeof(sidstr) - 1, "S-%d-%d", sid->sid_rev_num, ia); for (i = 0; i < sid->num_auths; i++) { - sprintf(subauth, "-%d", sid->sub_auths[i]); - strcat(sidstr, subauth); + slprintf(subauth, sizeof(subauth)-1, "-%d", sid->sub_auths[i]); + pstrcat(sidstr, subauth); } DEBUG(7,("dom_sid_to_string returning %s\n", sidstr)); diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 8b4001827c..9dfd482da3 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -89,7 +89,7 @@ char *cli_errstr(struct cli_state *cli) char *nt_msg = get_nt_error_msg(cli->nt_error); if(nt_msg == NULL) - sprintf(error_message, "NT code %d", cli->nt_error); + slprintf(error_message, sizeof(fstring) - 1, "NT code %d", cli->nt_error); else fstrcpy(error_message, nt_msg); @@ -100,7 +100,7 @@ char *cli_errstr(struct cli_state *cli) * Must have been a rap error. */ - sprintf(error_message, "code %d", cli->rap_error); + slprintf(error_message, sizeof(error_message) - 1, "code %d", cli->rap_error); for(i = 0; rap_errmap[i].message != NULL; i++) { if (rap_errmap[i].err == cli->rap_error) { @@ -387,16 +387,16 @@ BOOL cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation) p = param; SSVAL(p,0,132); /* api number */ p += 2; - strcpy(p,"OOWb54WrLh"); + pstrcpy(p,"OOWb54WrLh"); p = skip_string(p,1); - strcpy(p,"WB21BWDWWDDDDDDDzzzD"); + pstrcpy(p,"WB21BWDWWDDDDDDDzzzD"); p = skip_string(p,1); SSVAL(p,0,1); p += 2; - strcpy(p,user); + pstrcpy(p,user); strupper(p); p += 21; p++; p += 15; p++; - strcpy(p, workstation); + pstrcpy(p, workstation); strupper(p); p += 16; SSVAL(p, 0, BUFFER_SIZE); @@ -443,9 +443,9 @@ BOOL cli_RNetShareEnum(struct cli_state *cli, void (*fn)(char *, uint32, char *) p = param; SSVAL(p,0,0); /* api number */ p += 2; - strcpy(p,"WrLeh"); + pstrcpy(p,"WrLeh"); p = skip_string(p,1); - strcpy(p,"B13BWz"); + pstrcpy(p,"B13BWz"); p = skip_string(p,1); SSVAL(p,0,1); SSVAL(p,2,BUFFER_SIZE); @@ -505,10 +505,10 @@ BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype, p = param; SSVAL(p,0,0x68); /* api number */ p += 2; - strcpy(p,"WrLehDz"); + pstrcpy(p,"WrLehDz"); p = skip_string(p,1); - strcpy(p,"B16BBDz"); + pstrcpy(p,"B16BBDz"); p = skip_string(p,1); SSVAL(p,0,uLevel); @@ -625,7 +625,7 @@ BOOL cli_session_setup(struct cli_state *cli, p = smb_buf(cli->outbuf); memcpy(p,pword,passlen); p += passlen; - strcpy(p,user); + pstrcpy(p,user); strupper(p); } else { set_message(cli->outbuf,13,0,True); @@ -644,14 +644,14 @@ BOOL cli_session_setup(struct cli_state *cli, p += SVAL(cli->outbuf,smb_vwv7); memcpy(p,ntpass,ntpasslen); p += SVAL(cli->outbuf,smb_vwv8); - strcpy(p,user); + pstrcpy(p,user); strupper(p); p = skip_string(p,1); - strcpy(p,workgroup); + pstrcpy(p,workgroup); strupper(p); p = skip_string(p,1); - strcpy(p,"Unix");p = skip_string(p,1); - strcpy(p,"Samba");p = skip_string(p,1); + pstrcpy(p,"Unix");p = skip_string(p,1); + pstrcpy(p,"Samba");p = skip_string(p,1); set_message(cli->outbuf,13,PTR_DIFF(p,smb_buf(cli->outbuf)),False); } @@ -728,9 +728,9 @@ BOOL cli_send_tconX(struct cli_state *cli, p = smb_buf(cli->outbuf); memcpy(p,pword,passlen); p += passlen; - strcpy(p,fullshare); + fstrcpy(p,fullshare); p = skip_string(p,1); - strcpy(p,dev); + pstrcpy(p,dev); SCVAL(cli->inbuf,smb_rcls, 1); @@ -785,10 +785,10 @@ BOOL cli_mv(struct cli_state *cli, char *fname_src, char *fname_dst) p = smb_buf(cli->outbuf); *p++ = 4; - strcpy(p,fname_src); + pstrcpy(p,fname_src); p = skip_string(p,1); *p++ = 4; - strcpy(p,fname_dst); + pstrcpy(p,fname_dst); send_smb(cli->fd,cli->outbuf); if (!client_receive_smb(cli->fd,cli->inbuf,cli->timeout)) { @@ -822,7 +822,7 @@ BOOL cli_unlink(struct cli_state *cli, char *fname) p = smb_buf(cli->outbuf); *p++ = 4; - strcpy(p,fname); + pstrcpy(p,fname); send_smb(cli->fd,cli->outbuf); if (!client_receive_smb(cli->fd,cli->inbuf,cli->timeout)) { @@ -855,7 +855,7 @@ BOOL cli_mkdir(struct cli_state *cli, char *dname) p = smb_buf(cli->outbuf); *p++ = 4; - strcpy(p,dname); + pstrcpy(p,dname); send_smb(cli->fd,cli->outbuf); if (!client_receive_smb(cli->fd,cli->inbuf,cli->timeout)) { @@ -887,7 +887,7 @@ BOOL cli_rmdir(struct cli_state *cli, char *dname) p = smb_buf(cli->outbuf); *p++ = 4; - strcpy(p,dname); + pstrcpy(p,dname); send_smb(cli->fd,cli->outbuf); if (!client_receive_smb(cli->fd,cli->inbuf,cli->timeout)) { @@ -952,7 +952,7 @@ int cli_open(struct cli_state *cli, char *fname, int flags, int share_mode) SSVAL(cli->outbuf,smb_vwv8,openfn); p = smb_buf(cli->outbuf); - strcpy(p,fname); + pstrcpy(p,fname); p = skip_string(p,1); send_smb(cli->fd,cli->outbuf); @@ -1179,7 +1179,7 @@ BOOL cli_getatr(struct cli_state *cli, char *fname, p = smb_buf(cli->outbuf); *p = 4; - strcpy(p+1, fname); + pstrcpy(p+1, fname); send_smb(cli->fd,cli->outbuf); if (!client_receive_smb(cli->fd,cli->inbuf,cli->timeout)) { @@ -1228,7 +1228,7 @@ BOOL cli_setatr(struct cli_state *cli, char *fname, int attr, time_t t) p = smb_buf(cli->outbuf); *p = 4; - strcpy(p+1, fname); + pstrcpy(p+1, fname); p = skip_string(p,1); *p = 4; @@ -1450,11 +1450,11 @@ BOOL cli_oem_change_password(struct cli_state *cli, char *user, char *new_passwo SSVAL(p,0,214); /* SamOEMChangePassword command. */ p += 2; - strcpy(p, "zsT"); + pstrcpy(p, "zsT"); p = skip_string(p,1); - strcpy(p, "B516B16"); + pstrcpy(p, "B516B16"); p = skip_string(p,1); - fstrcpy(p,user); + pstrcpy(p,user); p = skip_string(p,1); SSVAL(p,0,532); p += 2; @@ -1546,7 +1546,7 @@ BOOL cli_negprot(struct cli_state *cli) prots[numprots].name && prots[numprots].prot<=cli->protocol; numprots++) { *p++ = 2; - strcpy(p,prots[numprots].name); + pstrcpy(p,prots[numprots].name); p += strlen(p) + 1; } diff --git a/source3/libsmb/credentials.c b/source3/libsmb/credentials.c index 9f5c70e5e4..c9f7ee429b 100644 --- a/source3/libsmb/credentials.c +++ b/source3/libsmb/credentials.c @@ -31,7 +31,7 @@ represent a credential as a string char *credstr(uchar *cred) { static fstring buf; - sprintf(buf,"%02X%02X%02X%02X%02X%02X%02X%02X", + slprintf(buf, sizeof(buf) - 1, "%02X%02X%02X%02X%02X%02X%02X%02X", cred[0], cred[1], cred[2], cred[3], cred[4], cred[5], cred[6], cred[7]); return buf; diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index 4de10f10ce..7f3d012c30 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -51,15 +51,15 @@ static void _interpret_node_status(char *p, char *master,char *rname) type = CVAL(p,15); p += 16; - strcat(flags, (p[0] & 0x80) ? "<GROUP> " : " "); - if ((p[0] & 0x60) == 0x00) strcat(flags,"B "); - if ((p[0] & 0x60) == 0x20) strcat(flags,"P "); - if ((p[0] & 0x60) == 0x40) strcat(flags,"M "); - if ((p[0] & 0x60) == 0x60) strcat(flags,"H "); - if (p[0] & 0x10) strcat(flags,"<DEREGISTERING> "); - if (p[0] & 0x08) strcat(flags,"<CONFLICT> "); - if (p[0] & 0x04) strcat(flags,"<ACTIVE> "); - if (p[0] & 0x02) strcat(flags,"<PERMANENT> "); + fstrcat(flags, (p[0] & 0x80) ? "<GROUP> " : " "); + if ((p[0] & 0x60) == 0x00) fstrcat(flags,"B "); + if ((p[0] & 0x60) == 0x20) fstrcat(flags,"P "); + if ((p[0] & 0x60) == 0x40) fstrcat(flags,"M "); + if ((p[0] & 0x60) == 0x60) fstrcat(flags,"H "); + if (p[0] & 0x10) fstrcat(flags,"<DEREGISTERING> "); + if (p[0] & 0x08) fstrcat(flags,"<CONFLICT> "); + if (p[0] & 0x04) fstrcat(flags,"<ACTIVE> "); + if (p[0] & 0x02) fstrcat(flags,"<PERMANENT> "); if (master && !*master && type == 0x1d) { StrnCpy(master,qname,15); @@ -341,9 +341,9 @@ BOOL getlmhostsent( FILE *fp, char *name, int *name_type, struct in_addr *ipaddr if (*line == '#') continue; - strcpy(ip,""); - strcpy(name,""); - strcpy(flags,""); + pstrcpy(ip,""); + pstrcpy(name,""); + pstrcpy(flags,""); ptr = line; diff --git a/source3/libsmb/nmblib.c b/source3/libsmb/nmblib.c index 5a8a037ce5..6c178758c6 100644 --- a/source3/libsmb/nmblib.c +++ b/source3/libsmb/nmblib.c @@ -252,7 +252,7 @@ static int put_nmb_name(char *buf,int offset,struct nmb_name *name) buf1[0] = '*'; buf1[15] = name->name_type; } else { - sprintf(buf1,"%-15.15s%c",name->name,name->name_type); + slprintf(buf1, sizeof(buf1) - 1,"%-15.15s%c",name->name,name->name_type); } buf[offset] = 0x20; @@ -270,7 +270,7 @@ static int put_nmb_name(char *buf,int offset,struct nmb_name *name) if (name->scope[0]) { /* XXXX this scope handling needs testing */ ret += strlen(name->scope) + 1; - strcpy(&buf[offset+1],name->scope); + pstrcpy(&buf[offset+1],name->scope); p = &buf[offset+1]; while ((p = strchr(p,'.'))) { diff --git a/source3/libsmb/nterr.c b/source3/libsmb/nterr.c index 0788ae1b60..d2f9335000 100644 --- a/source3/libsmb/nterr.c +++ b/source3/libsmb/nterr.c @@ -525,7 +525,7 @@ char *get_nt_error_msg(uint32 nt_code) static pstring msg; int idx = 0; - strcpy(msg, "Unknown NT error"); + pstrcpy(msg, "Unknown NT error"); nt_code &= 0xFFFF; @@ -533,7 +533,7 @@ char *get_nt_error_msg(uint32 nt_code) { if (nt_errs[idx].nt_errcode == nt_code) { - strcpy(msg, nt_errs[idx].nt_errstr); + pstrcpy(msg, nt_errs[idx].nt_errstr); return msg; } idx++; diff --git a/source3/libsmb/smberr.c b/source3/libsmb/smberr.c index e8c4544394..c284d18ba6 100644 --- a/source3/libsmb/smberr.c +++ b/source3/libsmb/smberr.c @@ -165,18 +165,18 @@ char *smb_errstr(char *inbuf) if (num == err[j].code) { if (DEBUGLEVEL > 0) - sprintf(ret,"%s - %s (%s)",err_classes[i].class, + slprintf(ret, sizeof(ret) - 1, "%s - %s (%s)",err_classes[i].class, err[j].name,err[j].message); else - sprintf(ret,"%s - %s",err_classes[i].class,err[j].name); + slprintf(ret, sizeof(ret) - 1, "%s - %s",err_classes[i].class,err[j].name); return ret; } } - sprintf(ret,"%s - %d",err_classes[i].class,num); + slprintf(ret, sizeof(ret) - 1, "%s - %d",err_classes[i].class,num); return ret; } - sprintf(ret,"Error: Unknown error (%d,%d)",class,num); + slprintf(ret, sizeof(ret) - 1, "Error: Unknown error (%d,%d)",class,num); return(ret); } diff --git a/source3/locking/locking_shm.c b/source3/locking/locking_shm.c index e3c65ce286..afca567033 100644 --- a/source3/locking/locking_shm.c +++ b/source3/locking/locking_shm.c @@ -436,7 +436,7 @@ static BOOL shm_set_share_mode(int token, int fnum, uint16 port, uint16 op_type) new_mode_p->st_ino = inode; new_mode_p->num_share_mode_entries = 0; new_mode_p->share_mode_entries = 0; - strcpy(new_mode_p->file_name, fs_p->name); + pstrcpy(new_mode_p->file_name, fs_p->name); /* Chain onto the start of the hash chain (in the hope we will be used first). */ new_mode_p->next_offset = mode_array[hash_entry]; diff --git a/source3/locking/locking_slow.c b/source3/locking/locking_slow.c index d6ac6efac1..635cd08e9a 100644 --- a/source3/locking/locking_slow.c +++ b/source3/locking/locking_slow.c @@ -81,12 +81,14 @@ static BOOL slow_stop_share_mode_mgmt(void) ******************************************************************/ static BOOL share_name(int cnum, uint32 dev, uint32 inode, char *name) { - strcpy(name,lp_lockdir()); + int len; + pstrcpy(name,lp_lockdir()); trim_string(name,"","/"); if (!*name) return(False); + len = strlen(name); name += strlen(name); - sprintf(name,"/share.%u.%u",dev,inode); + slprintf(name, sizeof(pstring) - len - 1, "/share.%u.%u",dev,inode); return(True); } @@ -784,7 +786,7 @@ deleting it.\n", fname)); SIVAL(buf,SMF_VERSION_OFFSET,LOCKING_VERSION); SIVAL(buf,SMF_NUM_ENTRIES_OFFSET,0); SSVAL(buf,SMF_FILENAME_LEN_OFFSET,strlen(fs_p->name) + 1); - strcpy(buf + SMF_HEADER_LENGTH, fs_p->name); + pstrcpy(buf + SMF_HEADER_LENGTH, fs_p->name); } num_entries = IVAL(buf,SMF_NUM_ENTRIES_OFFSET); @@ -1001,10 +1003,10 @@ static int slow_share_forall(void (*fn)(share_mode_entry *, char *)) if (sscanf(s,"share.%u.%u",&dev,&inode)!=2) continue; - strcpy(lname,lp_lockdir()); + pstrcpy(lname,lp_lockdir()); trim_string(lname,NULL,"/"); - strcat(lname,"/"); - strcat(lname,s); + pstrcat(lname,"/"); + pstrcat(lname,s); fd = open(lname,read_only?O_RDONLY:O_RDWR,0); if (fd < 0) { @@ -1022,7 +1024,7 @@ static int slow_share_forall(void (*fn)(share_mode_entry *, char *)) close(fd); continue; } - strcpy( fname, &buf[10]); + pstrcpy( fname, &buf[10]); close(fd); base = buf + SMF_HEADER_LENGTH + diff --git a/source3/locking/shmem.c b/source3/locking/shmem.c index 9f24076171..21aaa9e24f 100644 --- a/source3/locking/shmem.c +++ b/source3/locking/shmem.c @@ -758,7 +758,7 @@ struct shmem_ops *smb_shm_open(int ronly) } trim_string(file_name,"","/"); if (!*file_name) return(False); - strcat(file_name, "/SHARE_MEM_FILE"); + pstrcat(file_name, "/SHARE_MEM_FILE"); DEBUG(5,("smb_shm_open : using shmem file %s to be of size %d\n",file_name,size)); @@ -799,8 +799,8 @@ struct shmem_ops *smb_shm_open(int ronly) */ /* construct processreg file name */ - strcpy(smb_shm_processreg_name, file_name); - strcat(smb_shm_processreg_name, ".processes"); + pstrcpy(smb_shm_processreg_name, file_name); + pstrcat(smb_shm_processreg_name, ".processes"); if (!read_only && !smb_shm_register_process(smb_shm_processreg_name, getpid(), &other_processes)) diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c index f9519bea18..39f5087497 100644 --- a/source3/nmbd/nmbd.c +++ b/source3/nmbd/nmbd.c @@ -133,7 +133,7 @@ static BOOL dump_core(void) pstrcpy( dname, debugf ); if ((p=strrchr(dname,'/'))) *p=0; - strcat( dname, "/corefiles" ); + pstrcat( dname, "/corefiles" ); mkdir( dname, 0700 ); sys_chown( dname, getuid(), getgid() ); chmod( dname, 0700 ); @@ -209,7 +209,7 @@ BOOL reload_services(BOOL test) BOOL ret; extern fstring remote_machine; - strcpy( remote_machine, "nmb" ); + fstrcpy( remote_machine, "nmb" ); if ( lp_loaded() ) { @@ -560,14 +560,14 @@ int main(int argc,char *argv[]) TimeInit(); - strcpy( debugf, NMBLOGFILE ); + pstrcpy( debugf, NMBLOGFILE ); setup_logging( argv[0], False ); charset_initialise(); #ifdef LMHOSTSFILE - strcpy( host_file, LMHOSTSFILE ); + pstrcpy( host_file, LMHOSTSFILE ); #endif /* this is for people who can't start the program correctly */ diff --git a/source3/nmbd/nmbd_become_lmb.c b/source3/nmbd/nmbd_become_lmb.c index c602789fb8..ffa3b38cba 100644 --- a/source3/nmbd/nmbd_become_lmb.c +++ b/source3/nmbd/nmbd_become_lmb.c @@ -276,7 +276,7 @@ in workgroup %s on subnet %s\n", userdata->copy_fn = NULL; userdata->free_fn = NULL; userdata->userdata_len = strlen(work->work_group)+1; - strcpy(userdata->data, work->work_group); + pstrcpy(userdata->data, work->work_group); /* Deregister any browser names we may have. */ make_nmb_name(&nmbname, MSBROWSE, 0x1, scope); @@ -528,7 +528,7 @@ in workgroup %s on subnet %s\n", userdata->copy_fn = NULL; userdata->free_fn = NULL; userdata->userdata_len = strlen(work->work_group)+1; - strcpy(userdata->data, work->work_group); + pstrcpy(userdata->data, work->work_group); /* Register the special browser group name. */ register_name(subrec, MSBROWSE, 0x01, samba_nb_type|NB_GROUP, diff --git a/source3/nmbd/nmbd_browsesync.c b/source3/nmbd/nmbd_browsesync.c index c78fdfc514..c1f6aa5a6c 100644 --- a/source3/nmbd/nmbd_browsesync.c +++ b/source3/nmbd/nmbd_browsesync.c @@ -420,7 +420,7 @@ workgroup %s\n", q_name->name )); userdata->copy_fn = NULL; userdata->free_fn = NULL; userdata->userdata_len = strlen(work->work_group)+1; - strcpy(userdata->data, work->work_group); + pstrcpy(userdata->data, work->work_group); node_status( subrec, &nmbname, answer_ip, domain_master_node_status_success, diff --git a/source3/nmbd/nmbd_incomingrequests.c b/source3/nmbd/nmbd_incomingrequests.c index e1c56f591f..02b511a363 100644 --- a/source3/nmbd/nmbd_incomingrequests.c +++ b/source3/nmbd/nmbd_incomingrequests.c @@ -362,7 +362,7 @@ subnet %s - name not found.\n", namestr(&nmb->question.question_name), { /* Start with the name. */ bzero(buf,18); - sprintf(buf,"%-15.15s",namerec->name.name); + slprintf(buf, 17, "%-15.15s",namerec->name.name); strupper(buf); /* Put the name type and netbios flags in the buffer. */ diff --git a/source3/nmbd/nmbd_namelistdb.c b/source3/nmbd/nmbd_namelistdb.c index b37cac10dc..07d026e051 100644 --- a/source3/nmbd/nmbd_namelistdb.c +++ b/source3/nmbd/nmbd_namelistdb.c @@ -553,14 +553,14 @@ static void dump_subnet_namelist( struct subnet_record *subrec, FILE *fp) void dump_all_namelists(void) { - fstring fname; + pstring fname; FILE *fp; struct subnet_record *subrec; pstrcpy(fname,lp_lockdir()); trim_string(fname,NULL,"/"); - strcat(fname,"/"); - strcat(fname,"namelist.debug"); + pstrcat(fname,"/"); + pstrcat(fname,"namelist.debug"); fp = fopen(fname,"w"); diff --git a/source3/nmbd/nmbd_packets.c b/source3/nmbd/nmbd_packets.c index 54f4f3a2cb..b62f0aff62 100644 --- a/source3/nmbd/nmbd_packets.c +++ b/source3/nmbd/nmbd_packets.c @@ -335,9 +335,9 @@ static BOOL initiate_multihomed_name_register_packet( struct packet_struct *pack uint16 nb_flags, struct in_addr *register_ip) { struct nmb_packet *nmb = &packet->packet.nmb; - char second_ip_buf[25]; + fstring second_ip_buf; - strcpy(second_ip_buf, inet_ntoa(packet->ip)); + fstrcpy(second_ip_buf, inet_ntoa(packet->ip)); nmb->header.opcode = NMB_NAME_MULTIHOMED_REG_OPCODE; nmb->header.arcount = 1; @@ -1914,7 +1914,7 @@ BOOL send_mailslot(BOOL unique, char *mailslot,char *buf,int len, SSVAL(ptr,smb_vwv15,1); SSVAL(ptr,smb_vwv16,2); p2 = smb_buf(ptr); - strcpy(p2,mailslot); + pstrcpy(p2,mailslot); p2 = skip_string(p2,1); memcpy(p2,buf,len); diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c index 50b6052c67..631b8ff01f 100644 --- a/source3/nmbd/nmbd_processlogon.c +++ b/source3/nmbd/nmbd_processlogon.c @@ -68,7 +68,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); return; } - strcpy(my_name, global_myname); + pstrcpy(my_name, global_myname); strupper(my_name); code = SVAL(buf,0); @@ -89,7 +89,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); token = SVAL(q,3); reply_code = 0x6; - strcpy(reply_name,my_name); + fstrcpy(reply_name,my_name); add_slashes = True; DEBUG(3,("process_logon_packet: Domain login request from %s at IP %s user=%s token=%x\n", @@ -98,9 +98,9 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); q = outbuf; SSVAL(q, 0, 6); q += 2; - strcpy(reply_name, "\\\\"); - strcat(reply_name, my_name); - strcpy(q, reply_name); q = skip_string(q, 1); /* PDC name */ + fstrcpy(reply_name, "\\\\"); + fstrcat(reply_name, my_name); + fstrcpy(q, reply_name); q = skip_string(q, 1); /* PDC name */ SSVAL(q, 0, token); q += 2; @@ -137,8 +137,8 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); q = outbuf; SSVAL(q, 0, QUERYFORPDC_R); q += 2; - strcpy(reply_name,my_name); - strcpy(q, reply_name); q = skip_string(q, 1); /* PDC name */ + fstrcpy(reply_name,my_name); + fstrcpy(q, reply_name); q = skip_string(q, 1); /* PDC name */ if (strcmp(mailslot, NT_LOGON_MAILSLOT)==0) { q = align2(q, buf); @@ -198,8 +198,8 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", pstrcpy(ascuser, unistr(uniuser)); DEBUG(3,("process_logon_packet: SAMLOGON user %s\n", ascuser)); - strcpy(reply_name,"\\\\"); /* Here it wants \\LOGONSERVER. */ - strcpy(reply_name+2,my_name); + fstrcpy(reply_name,"\\\\"); /* Here it wants \\LOGONSERVER. */ + fstrcpy(reply_name+2,my_name); smb_pass = getsampwnam(ascuser); diff --git a/source3/nmbd/nmbd_serverlistdb.c b/source3/nmbd/nmbd_serverlistdb.c index 64ca49cdbc..6ff6ad5c5d 100644 --- a/source3/nmbd/nmbd_serverlistdb.c +++ b/source3/nmbd/nmbd_serverlistdb.c @@ -338,10 +338,10 @@ void write_browse_list(time_t t, BOOL force_write) pstrcpy(fname,lp_lockdir()); trim_string(fname,NULL,"/"); - strcat(fname,"/"); - strcat(fname,SERVER_LIST); + pstrcat(fname,"/"); + pstrcat(fname,SERVER_LIST); pstrcpy(fnamenew,fname); - strcat(fnamenew,"."); + pstrcat(fnamenew,"."); fp = fopen(fnamenew,"w"); diff --git a/source3/nmbd/nmbd_winsserver.c b/source3/nmbd/nmbd_winsserver.c index d089686917..acab815926 100644 --- a/source3/nmbd/nmbd_winsserver.c +++ b/source3/nmbd/nmbd_winsserver.c @@ -116,7 +116,7 @@ Load or create the WINS database. BOOL initialise_wins(void) { - fstring fname; + pstring fname; time_t time_now = time(NULL); FILE *fp; pstring line; @@ -131,10 +131,10 @@ BOOL initialise_wins(void) start_async_dns(); #endif - fstrcpy(fname,lp_lockdir()); + pstrcpy(fname,lp_lockdir()); trim_string(fname,NULL,"/"); - strcat(fname,"/"); - strcat(fname,WINS_LIST); + pstrcat(fname,"/"); + pstrcat(fname,WINS_LIST); if((fp = fopen(fname,"r")) == NULL) { @@ -1515,7 +1515,7 @@ void initiate_wins_processing(time_t t) void wins_write_database(void) { struct name_record *namerec; - fstring fname, fnamenew; + pstring fname, fnamenew; FILE *fp; @@ -1524,10 +1524,10 @@ void wins_write_database(void) fstrcpy(fname,lp_lockdir()); trim_string(fname,NULL,"/"); - strcat(fname,"/"); - strcat(fname,WINS_LIST); - fstrcpy(fnamenew,fname); - strcat(fnamenew,"."); + pstrcat(fname,"/"); + pstrcat(fname,WINS_LIST); + pstrcpy(fnamenew,fname); + pstrcat(fnamenew,"."); if((fp = fopen(fnamenew,"w")) == NULL) { diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 95c2d09ede..a73b9536c8 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -720,9 +720,10 @@ static void init_globals(void) string_set(&Globals.szRootdir, "/"); string_set(&Globals.szSmbrun, SMBRUN); string_set(&Globals.szSocketAddress, "0.0.0.0"); - sprintf(s,"Samba %s",VERSION); + pstrcpy(s, "Samba "); + pstrcat(s, VERSION); string_set(&Globals.szServerString,s); - sprintf(s,"%d.%d", DEFAULT_MAJOR_VERSION, DEFAULT_MINOR_VERSION); + slprintf(s,sizeof(s)-1, "%d.%d", DEFAULT_MAJOR_VERSION, DEFAULT_MINOR_VERSION); string_set(&Globals.szAnnounceVersion,s); string_set(&Globals.szLogonDrive, ""); @@ -1829,11 +1830,11 @@ BOOL lp_do_parameter(int snum, char *pszParmName, char *pszParmValue) break; case P_GSTRING: - strcpy((char *)parm_ptr,pszParmValue); + pstrcpy((char *)parm_ptr,pszParmValue); break; case P_UGSTRING: - strcpy((char *)parm_ptr,pszParmValue); + pstrcpy((char *)parm_ptr,pszParmValue); strupper((char *)parm_ptr); break; diff --git a/source3/passdb/ldap.c b/source3/passdb/ldap.c index 7af8a1b9f1..0c9847becf 100644 --- a/source3/passdb/ldap.c +++ b/source3/passdb/ldap.c @@ -114,7 +114,7 @@ BOOL ldap_search_one_user_by_name(LDAP *ldap_struct, char *user, LDAPMessage **r in the filter expression, replace %u with the real name so in ldap filter, %u MUST exist :-) */ - strcpy(filter,lp_ldap_filter()); + pstrcpy(filter,lp_ldap_filter()); string_sub(filter,"%u",user); if ( !ldap_search_one_user(ldap_struct, filter, result) ) @@ -152,7 +152,7 @@ void get_single_attribute(LDAP *ldap_struct, LDAPMessage *entry, char *attribute if ( (valeurs=ldap_get_values(ldap_struct, entry, attribute)) != NULL) { - strcpy(value, valeurs[0]); + pstrcpy(value, valeurs[0]); ldap_value_free(valeurs); DEBUG(3,("get_single_attribute: [%s]=[%s]\n", attribute, value)); } @@ -451,7 +451,7 @@ void *startldappwent(BOOL update) int scope = LDAP_SCOPE_ONELEVEL; int rc; - char filter[256]; + pstring filter; if (!ldap_open_connection(&ldap_ent.ldap_struct)) /* open a connection to the server */ return NULL; @@ -464,17 +464,17 @@ void *startldappwent(BOOL update) { case 1: { - strcpy(filter, "objectclass=sambaAccount"); + pstrcpy(filter, "objectclass=sambaAccount"); break; } case 2: { - strcpy(filter, "objectclass=sambaMachine"); + pstrcpy(filter, "objectclass=sambaMachine"); break; } default: { - strcpy(filter, "(|(objectclass=sambaMachine)(objectclass=sambaAccount))"); + pstrcpy(filter, "(|(objectclass=sambaMachine)(objectclass=sambaAccount))"); break; } } diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c index 9c0b276074..aaa4db16ee 100644 --- a/source3/passdb/smbpass.c +++ b/source3/passdb/smbpass.c @@ -534,7 +534,7 @@ BOOL add_smbpwd_entry(struct smb_passwd *newpwd) int fd; int new_entry_length; - char *new_entry; + unsigned char *new_entry; long offpos; unsigned char *p; @@ -583,19 +583,19 @@ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); return False; } - sprintf(new_entry, "%s:%u:", newpwd->smb_name, (unsigned)newpwd->smb_userid); + slprintf(new_entry, new_entry_length - 1, "%s:%u:", newpwd->smb_name, (unsigned)newpwd->smb_userid); p = (unsigned char *)&new_entry[strlen(new_entry)]; if(newpwd->smb_passwd != NULL) { for( i = 0; i < 16; i++) { - sprintf((char *)&p[i*2], "%02X", newpwd->smb_passwd[i]); + slprintf((char *)&p[i*2], new_entry_length - (p - new_entry) - 1, "%02X", newpwd->smb_passwd[i]); } } else { i=0; if(newpwd->acct_ctrl & ACB_PWNOTREQ) - sprintf((char *)p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX"); + safe_strcpy((char *)p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", new_entry_length - 1 - (p - new_entry)); else - sprintf((char *)p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); + safe_strcpy((char *)p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", new_entry_length - 1 - (p - new_entry)); } p += 32; @@ -604,13 +604,13 @@ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); if(newpwd->smb_nt_passwd != NULL) { for( i = 0; i < 16; i++) { - sprintf((char *)&p[i*2], "%02X", newpwd->smb_nt_passwd[i]); + slprintf((char *)&p[i*2], new_entry_length - 1 - (p - new_entry), "%02X", newpwd->smb_nt_passwd[i]); } } else { if(newpwd->acct_ctrl & ACB_PWNOTREQ) - sprintf((char *)p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX"); + safe_strcpy((char *)p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", new_entry_length - 1 - (p - new_entry)); else - sprintf((char *)p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); + safe_strcpy((char *)p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", new_entry_length - 1 - (p - new_entry)); } p += 32; @@ -618,7 +618,8 @@ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); *p++ = ':'; /* Add the account encoding and the last change time. */ - sprintf((char *)p, "%s:LCT-%08X:\n", encode_acct_ctrl(newpwd->acct_ctrl), + slprintf((char *)p, new_entry_length - 1 - (p - new_entry), "%s:LCT-%08X:\n", + encode_acct_ctrl(newpwd->acct_ctrl), (uint32)time(NULL)); #ifdef DEBUG_PASSWORD @@ -945,13 +946,13 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) /* Create the 32 byte representation of the new p16 */ if(pwd->smb_passwd != NULL) { for (i = 0; i < 16; i++) { - sprintf(&ascii_p16[i*2], "%02X", (uchar) pwd->smb_passwd[i]); + slprintf(&ascii_p16[i*2], sizeof(fstring) - 1, "%02X", (uchar) pwd->smb_passwd[i]); } } else { if(pwd->acct_ctrl & ACB_PWNOTREQ) - sprintf(ascii_p16, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX"); + fstrcpy(ascii_p16, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX"); else - sprintf(ascii_p16, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); + fstrcpy(ascii_p16, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); } /* Add on the NT md4 hash */ @@ -959,13 +960,13 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) wr_len = 65; if (pwd->smb_nt_passwd != NULL) { for (i = 0; i < 16; i++) { - sprintf(&ascii_p16[(i*2)+33], "%02X", (uchar) pwd->smb_nt_passwd[i]); + slprintf(&ascii_p16[(i*2)+33], sizeof(fstring) - 1, "%02X", (uchar) pwd->smb_nt_passwd[i]); } } else { if(pwd->acct_ctrl & ACB_PWNOTREQ) - sprintf(&ascii_p16[33], "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX"); + fstrcpy(&ascii_p16[33], "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX"); else - sprintf(&ascii_p16[33], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); + fstrcpy(&ascii_p16[33], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); } /* Add on the account info bits and the time of last @@ -1024,10 +1025,10 @@ static void get_trust_account_file_name( char *domain, char *name, char *mac_fil return; } - strcat(mac_file, domain); - strcat(mac_file, "."); - strcat(mac_file, name); - strcat(mac_file, ".mac"); + pstrcat(mac_file, domain); + pstrcat(mac_file, "."); + pstrcat(mac_file, name); + pstrcat(mac_file, ".mac"); } /************************************************************************ @@ -1191,9 +1192,9 @@ BOOL set_trust_account_password( unsigned char *md4_new_pwd) } for (i = 0; i < 16; i++) - sprintf(&linebuf[(i*2)], "%02X", md4_new_pwd[i]); + slprintf(&linebuf[(i*2)], sizeof(linebuf) - (i*2) - 1, "%02X", md4_new_pwd[i]); - sprintf(&linebuf[32], ":TLC-%08X\n", (unsigned)time(NULL)); + slprintf(&linebuf[32], 32, ":TLC-%08X\n", (unsigned)time(NULL)); if(fwrite( linebuf, 1, 45, mach_passwd_fp)!= 45) { DEBUG(0,("set_trust_account_password: Failed to write file. Warning - the trust \ diff --git a/source3/printing/pcap.c b/source3/printing/pcap.c index 0b3ad2b136..f26f81207d 100644 --- a/source3/printing/pcap.c +++ b/source3/printing/pcap.c @@ -123,7 +123,7 @@ static void ScanQconfig_fn(char *psz,void (*fn)()) p = strtok(line,":"); if (strcmp(p,"bsh")!=0) { - strcpy(name,p); + pstrcpy(name,p); iEtat = 1; continue; } @@ -182,7 +182,7 @@ static BOOL ScanQconfig(char *psz,char *pszPrintername) free(pName); return(False); } - sprintf(pName,"%s:",pszPrintername); + slprintf(pName, iLg + 9, "%s:",pszPrintername); iLg = strlen(pName); /*DEBUG(3,( " Looking for entry %s\n",pName));*/ iEtat = 0; @@ -295,7 +295,7 @@ BOOL pcap_printername_ok(char *pszPrintername, char *pszPrintcapname) if (strequal(p,pszPrintername)) { /* normalise the case */ - strcpy(pszPrintername,p); + pstrcpy(pszPrintername,p); free(line); fclose(pfile); return(True); diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 278c54933d..1ffe9d00a9 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -81,8 +81,8 @@ static char *build_print_command(int cnum, char *command, char *syscmd, char *fi if (iOffset==0 || syscmd[iOffset-1] != '/') { StrnCpy(filename,Connections[cnum].connectpath,sizeof(filename)-1); trim_string(filename,"","/"); - strcat(filename,"/"); - strcat(filename,filename1); + pstrcat(filename,"/"); + pstrcat(filename,filename1); } else pstrcpy(filename,filename1); @@ -146,7 +146,7 @@ static char *Months[13] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun", /******************************************************************* process time fields ********************************************************************/ -static time_t EntryTime(string tok[], int ptr, int count, int minimum) +static time_t EntryTime(fstring tok[], int ptr, int count, int minimum) { time_t jobtime,jobtime1; @@ -223,7 +223,7 @@ static BOOL parse_lpq_bsd(char *line,print_queue_struct *buf,BOOL first) #define NTOK 5 #endif /* OSF1 */ - string tok[NTOK]; + fstring tok[NTOK]; int count=0; #ifdef OSF1 @@ -249,15 +249,15 @@ static BOOL parse_lpq_bsd(char *line,print_queue_struct *buf,BOOL first) /* if the fname contains a space then use STDIN */ if (strchr(tok[FILETOK],' ')) - strcpy(tok[FILETOK],"STDIN"); + fstrcpy(tok[FILETOK],"STDIN"); /* only take the last part of the filename */ { - string tmp; + fstring tmp; char *p = strrchr(tok[FILETOK],'/'); if (p) { - strcpy(tmp,p+1); + fstrcpy(tmp,p+1); fstrcpy(tok[FILETOK],tmp); } } @@ -282,7 +282,7 @@ static BOOL parse_lpq_bsd(char *line,print_queue_struct *buf,BOOL first) LPRng_time modifies the current date by inserting the hour and minute from the lpq output. The lpq time looks like "23:15:07" */ -static time_t LPRng_time(string tok[],int pos) +static time_t LPRng_time(fstring tok[],int pos) { time_t jobtime; struct tm *t; @@ -381,7 +381,7 @@ LPRng source changes. This is from version 2.3.0. Magnus */ #define JOBSIZE_POS FILE_POS+FILE_W - string tok[LPRNG_NTOK]; + fstring tok[LPRNG_NTOK]; int count=0; #ifdef OLD_LPRNG @@ -420,11 +420,11 @@ A long spool-path will just waste significant chars of the file name. /* if the fname contains a space then use STDIN */ /* I do not understand how this would be possible. Magnus. */ if (strchr(tok[LPRNG_FILETOK],' ')) - strcpy(tok[LPRNG_FILETOK],"STDIN"); + fstrcpy(tok[LPRNG_FILETOK],"STDIN"); /* only take the last part of the filename */ { - string tmp; + fstring tmp; char *p = strrchr(tok[LPRNG_FILETOK],'/'); if (p) { @@ -473,7 +473,7 @@ lazer lazer RUNNING 537 6297doc.A kvintus@IE 0 10 2445 1 1 ********************************************************************/ static BOOL parse_lpq_aix(char *line,print_queue_struct *buf,BOOL first) { - string tok[11]; + fstring tok[11]; int count=0; /* handle the case of "(standard input)" as a filename */ @@ -493,11 +493,11 @@ static BOOL parse_lpq_aix(char *line,print_queue_struct *buf,BOOL first) buf->size = atoi(tok[4]) * 1024; /* if the fname contains a space then use STDIN */ if (strchr(tok[2],' ')) - strcpy(tok[2],"STDIN"); + fstrcpy(tok[2],"STDIN"); /* only take the last part of the filename */ { - string tmp; + fstring tmp; char *p = strrchr(tok[2],'/'); if (p) { @@ -527,11 +527,11 @@ static BOOL parse_lpq_aix(char *line,print_queue_struct *buf,BOOL first) buf->size = atoi(tok[8]) * 1024; /* if the fname contains a space then use STDIN */ if (strchr(tok[4],' ')) - strcpy(tok[4],"STDIN"); + fstrcpy(tok[4],"STDIN"); /* only take the last part of the filename */ { - string tmp; + fstring tmp; char *p = strrchr(tok[4],'/'); if (p) { @@ -568,7 +568,7 @@ static BOOL parse_lpq_hpux(char * line, print_queue_struct *buf, BOOL first) { /* must read two lines to process, therefore keep some values static */ static BOOL header_line_ok=False, base_prio_reset=False; - static string jobuser; + static fstring jobuser; static int jobid; static int jobprio; static time_t jobtime; @@ -579,7 +579,7 @@ static BOOL parse_lpq_hpux(char * line, print_queue_struct *buf, BOOL first) int count; char TAB = '\011'; - string tok[12]; + fstring tok[12]; /* If a line begins with a horizontal TAB, it is a subline type */ @@ -604,7 +604,7 @@ static BOOL parse_lpq_hpux(char * line, print_queue_struct *buf, BOOL first) /* if the fname contains a space then use STDIN */ if (strchr(tok[0],' ')) - strcpy(tok[0],"STDIN"); + fstrcpy(tok[0],"STDIN"); buf->size = atoi(tok[1]); StrnCpy(buf->file,tok[0],sizeof(buf->file)-1); @@ -674,7 +674,7 @@ dcslw-897 tridge 4712 Dec 20 10:30:30 being held ****************************************************************************/ static BOOL parse_lpq_sysv(char *line,print_queue_struct *buf,BOOL first) { - string tok[9]; + fstring tok[9]; int count=0; char *p; @@ -694,7 +694,7 @@ static BOOL parse_lpq_sysv(char *line,print_queue_struct *buf,BOOL first) /* if the user contains a ! then trim the first part of it */ if ((p=strchr(tok[2],'!'))) { - string tmp; + fstring tmp; fstrcpy(tmp,p+1); fstrcpy(tok[2],tmp); } @@ -727,7 +727,7 @@ Printer: txt (ready) ****************************************************************************/ static BOOL parse_lpq_qnx(char *line,print_queue_struct *buf,BOOL first) { - string tok[7]; + fstring tok[7]; int count=0; DEBUG(0,("antes [%s]\n", line)); @@ -756,7 +756,7 @@ static BOOL parse_lpq_qnx(char *line,print_queue_struct *buf,BOOL first) /* only take the last part of the filename */ { - string tmp; + fstring tmp; char *p = strrchr(tok[6],'/'); if (p) { @@ -792,7 +792,7 @@ Local Printer 'lp2' (fjall): ****************************************************************************/ static BOOL parse_lpq_plp(char *line,print_queue_struct *buf,BOOL first) { - string tok[11]; + fstring tok[11]; int count=0; /* handle the case of "(standard input)" as a filename */ @@ -816,11 +816,11 @@ static BOOL parse_lpq_plp(char *line,print_queue_struct *buf,BOOL first) /* if the fname contains a space then use STDIN */ if (strchr(tok[6],' ')) - strcpy(tok[6],"STDIN"); + fstrcpy(tok[6],"STDIN"); /* only take the last part of the filename */ { - string tmp; + fstring tmp; char *p = strrchr(tok[6],'/'); if (p) { @@ -862,7 +862,7 @@ Total: 21268 bytes in queue ****************************************************************************/ static BOOL parse_lpq_softq(char *line,print_queue_struct *buf,BOOL first) { - string tok[10]; + fstring tok[10]; int count=0; /* mung all the ":"s to spaces*/ @@ -1081,7 +1081,7 @@ int get_printqueue(int snum,int cnum,print_queue_struct **queue, } if (status) { - strcpy(status->message,""); + fstrcpy(status->message,""); status->status = LPSTAT_OK; } @@ -1142,7 +1142,7 @@ void del_printqueue(int cnum,int snum,int jobid) return; } - sprintf(jobstr,"%d",jobid); + slprintf(jobstr,sizeof(jobstr)-1,"%d",jobid); pstrcpy(syscmd,lprm_command); string_sub(syscmd,"%p",printername); @@ -1180,7 +1180,7 @@ void status_printjob(int cnum,int snum,int jobid,int status) return; } - sprintf(jobstr,"%d",jobid); + slprintf(jobstr,sizeof(jobstr)-1,"%d",jobid); pstrcpy(syscmd,lpstatus_command); string_sub(syscmd,"%p",printername); diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index c458aa102a..899c0437e6 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -675,13 +675,16 @@ Error was %s\n", pipe_name, cli->desthost, cli_errstr(cli))); * Setup the remote server name prefixed by \ and the machine account name. */ - sprintf(cli->srv_name_slash, "\\\\%s", cli->desthost); + fstrcpy(cli->srv_name_slash, "\\\\"); + fstrcat(cli->srv_name_slash, cli->desthost); strupper(cli->srv_name_slash); - sprintf(cli->clnt_name_slash, "\\\\%s", global_myname); + fstrcpy(cli->clnt_name_slash, "\\\\"); + fstrcat(cli->clnt_name_slash, global_myname); strupper(cli->clnt_name_slash); - sprintf(cli->mach_acct, "%s$", global_myname); + fstrcpy(cli->mach_acct, global_myname); + fstrcat(cli->mach_acct, "$"); strupper(cli->mach_acct); return True; diff --git a/source3/rpc_client/ntclienttrust.c b/source3/rpc_client/ntclienttrust.c index 38cbedae78..0486017181 100644 --- a/source3/rpc_client/ntclienttrust.c +++ b/source3/rpc_client/ntclienttrust.c @@ -56,7 +56,7 @@ BOOL trust_account_check(struct in_addr dest_ip, char *dest_host, fstrcpy(mach_pwd, myhostname); strlower(mach_pwd); - sprintf(tmp, "Enter Workstation Trust Account password for [%s].\nDefault is [%s].\nPassword:", + slprintf(tmp, sizeof(tmp) - 1,"Enter Workstation Trust Account password for [%s].\nDefault is [%s].\nPassword:", mach_acct, mach_pwd); start_mach_pwd = (char*)getpass(tmp); @@ -66,7 +66,7 @@ BOOL trust_account_check(struct in_addr dest_ip, char *dest_host, fstrcpy(mach_pwd, start_mach_pwd); } - sprintf(tmp, "Enter new Workstation Trust Account password for [%s]\nPress Return to leave at old value.\nNew Password:", + slprintf(tmp, sizeof(tmp)-1, "Enter new Workstation Trust Account password for [%s]\nPress Return to leave at old value.\nNew Password:", mach_acct); change_mach_pwd = (char*)getpass(tmp); diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index 0a49fb7b4d..202c3b6da3 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -416,14 +416,14 @@ void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int depth) for (i = 0; i < sen->num_entries; i++) { fstring temp; - sprintf(temp, "ptr_sid[%d]", i); + slprintf(temp, sizeof(temp) - 1, "ptr_sid[%d]", i); prs_uint32(temp, ps, depth, &(sen->ptr_sid[i])); /* domain SID pointers to be looked up. */ } for (i = 0; i < sen->num_entries; i++) { fstring temp; - sprintf(temp, "sid[%d]", i); + slprintf(temp, sizeof(temp) - 1, "sid[%d]", i); smb_io_dom_sid2(temp, &(sen->sid[i]), ps, depth); /* domain SIDs to be looked up. */ } } @@ -470,7 +470,7 @@ void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, prs_struct *ps, in for (i = 0; i < trn->num_entries; i++) { fstring temp; - sprintf(temp, "ptr_name[%d] ", i); + slprintf(temp, sizeof(temp) - 1, "ptr_name[%d] ", i); prs_uint32(temp, ps, depth, &(trn->ptr_name[i])); /* pointer to translated name */ } @@ -479,7 +479,7 @@ void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, prs_struct *ps, in if (trn->ptr_name[i] != 0) { fstring temp; - sprintf(temp, "name[%d] ", i); + slprintf(temp, sizeof(temp) - 1, "name[%d] ", i); lsa_io_trans_name(temp, &(trn->name[i2]), ps, depth); /* translated name */ i2++; } diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index 0343dea484..b46bcd9f89 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -190,7 +190,7 @@ void smb_io_dom_sid(char *desc, DOM_SID *sid, prs_struct *ps, int depth) for (i = 0; i < 6; i++) { fstring tmp; - sprintf(tmp, "id_auth[%d] ", i); + slprintf(tmp, sizeof(tmp) - 1, "id_auth[%d] ", i); prs_uint8 (tmp, ps, depth, &(sid->id_auth[i])); } diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c index a72769d9c0..b0138ac97d 100644 --- a/source3/rpc_parse/parse_samr.c +++ b/source3/rpc_parse/parse_samr.c @@ -1492,7 +1492,7 @@ void samr_io_q_lookup_ids(char *desc, SAMR_Q_LOOKUP_IDS *q_u, prs_struct *ps, i for (i = 0; i < q_u->num_sids2; i++) { - sprintf(tmp, "ptr[%02d]", i); + slprintf(tmp, sizeof(tmp) - 1, "ptr[%02d]", i); prs_uint32(tmp, ps, depth, &(q_u->ptr_sid[i])); } @@ -1500,7 +1500,7 @@ void samr_io_q_lookup_ids(char *desc, SAMR_Q_LOOKUP_IDS *q_u, prs_struct *ps, i { if (q_u->ptr_sid[i] != 0) { - sprintf(tmp, "sid[%02d]", i); + slprintf(tmp, sizeof(tmp)-1, "sid[%02d]", i); smb_io_dom_sid2(tmp, &(q_u->sid[i]), ps, depth); } } @@ -1564,7 +1564,7 @@ void samr_io_r_lookup_ids(char *desc, SAMR_R_LOOKUP_IDS *r_u, prs_struct *ps, i for (i = 0; i < r_u->num_entries2; i++) { - sprintf(tmp, "rid[%02d]", i); + slprintf(tmp, sizeof(tmp)-1, "rid[%02d]", i); prs_uint32(tmp, ps, depth, &(r_u->rid[i])); } } @@ -1723,7 +1723,7 @@ void samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, i for (i = 0; i < q_u->num_gids2; i++) { - sprintf(tmp, "gid[%02d] ", i); + slprintf(tmp, sizeof(tmp) - 1, "gid[%02d] ", i); prs_uint32(tmp, ps, depth, &(q_u->gid[i])); } @@ -1797,12 +1797,12 @@ void samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, i { for (i = 0; i < r_u->num_aliases2; i++) { - sprintf(tmp, "als_hdr[%02d] ", i); + slprintf(tmp, sizeof(tmp) - 1, "als_hdr[%02d] ", i); smb_io_unihdr ("", &(r_u->hdr_als_name[i]), ps, depth); } for (i = 0; i < r_u->num_aliases2; i++) { - sprintf(tmp, "als_str[%02d] ", i); + slprintf(tmp, sizeof(tmp) - 1, "als_str[%02d] ", i); smb_io_unistr2("", &(r_u->uni_als_name[i]), r_u->hdr_als_name[i].buffer, ps, depth); } } @@ -1817,7 +1817,7 @@ void samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, i { for (i = 0; i < r_u->num_als_usrs2; i++) { - sprintf(tmp, "als_usrs[%02d] ", i); + slprintf(tmp, sizeof(tmp) - 1, "als_usrs[%02d] ", i); prs_uint32(tmp, ps, depth, &(r_u->num_als_usrs[i])); } } diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 28c44a57b7..958f0bf14d 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -279,7 +279,7 @@ static void api_net_req_chal( int uid, fstrcpy(mach_name, mach_acct); strlower(mach_name); - strcat(mach_acct, "$"); + fstrcat(mach_acct, "$"); if (get_md4pw((char *)vuser->dc.md4pw, mach_name, mach_acct)) { diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index 20cdc30bab..6f834e454a 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -231,9 +231,9 @@ static void samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u, if (status == 0x0) { - strcpy(user_sid, lp_domain_sid()); - sprintf(user_rid, "-%x", rid); - strcat(user_sid, user_rid); + fstrcpy(user_sid, lp_domain_sid()); + slprintf(user_rid, sizeof(user_rid) - 1, "-%x", rid); + fstrcat(user_sid, user_rid); /* maybe need another 1 or 2 (S-1-5-20-0x220 and S-1-5-20-0x224) */ /* these two are DOMAIN_ADMIN and DOMAIN_ACCT_OP group RIDs */ diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 210a3f55e2..e842e3b9f9 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -297,22 +297,22 @@ void get_domain_user_groups(char *domain_groups, char *user) /* can only be a user or a guest. cannot be guest _and_ admin */ if (user_in_list(user, lp_domain_guest_users())) { - sprintf(tmp, " %ld/7 ", DOMAIN_GROUP_RID_GUESTS); - strcat(domain_groups, tmp); + slprintf(tmp, sizeof(tmp) - 1, " %ld/7 ", DOMAIN_GROUP_RID_GUESTS); + pstrcat(domain_groups, tmp); DEBUG(3,("domain guest access %s granted\n", tmp)); } else { - sprintf(tmp, " %ld/7 ", DOMAIN_GROUP_RID_USERS); - strcat(domain_groups, tmp); + slprintf(tmp, sizeof(tmp) -1, " %ld/7 ", DOMAIN_GROUP_RID_USERS); + pstrcat(domain_groups, tmp); DEBUG(3,("domain user access %s granted\n", tmp)); if (user_in_list(user, lp_domain_admin_users())) { - sprintf(tmp, " %ld/7 ", DOMAIN_GROUP_RID_ADMINS); - strcat(domain_groups, tmp); + slprintf(tmp, sizeof(tmp) - 1, " %ld/7 ", DOMAIN_GROUP_RID_ADMINS); + pstrcat(domain_groups, tmp); DEBUG(3,("domain admin access %s granted\n", tmp)); } diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index e466455aeb..d900b54c1f 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -62,7 +62,7 @@ static int findpty(char **slave) #if defined(SVR4) || defined(SUNOS5) extern char *ptsname(); #else /* defined(SVR4) || defined(SUNOS5) */ - static char line[12]; + static fstring line; void *dirp; char *dpname; #endif /* defined(SVR4) || defined(SUNOS5) */ @@ -75,7 +75,7 @@ static int findpty(char **slave) return (master); } #else /* defined(SVR4) || defined(SUNOS5) */ - strcpy( line, "/dev/ptyXX" ); + fstrcpy( line, "/dev/ptyXX" ); dirp = OpenDir(-1, "/dev", True); if (!dirp) return(-1); diff --git a/source3/smbd/connection.c b/source3/smbd/connection.c index 5cf8b800f2..64b3f153cf 100644 --- a/source3/smbd/connection.c +++ b/source3/smbd/connection.c @@ -48,9 +48,9 @@ BOOL yield_connection(int cnum,char *name,int max_connections) pstrcpy(fname,lp_lockdir()); trim_string(fname,"","/"); - strcat(fname,"/"); - strcat(fname,name); - strcat(fname,".LCK"); + pstrcat(fname,"/"); + pstrcat(fname,name); + pstrcat(fname,".LCK"); fd = open(fname,O_RDWR); if (fd == -1) { @@ -133,9 +133,9 @@ BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear) if (!directory_exist(fname,NULL)) mkdir(fname,0755); - strcat(fname,"/"); - strcat(fname,name); - strcat(fname,".LCK"); + pstrcat(fname,"/"); + pstrcat(fname,name); + pstrcat(fname,".LCK"); if (!file_exist(fname,NULL)) { fd = open(fname,O_RDWR|O_CREAT|O_EXCL, 0644); diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index a34406cc65..37fcd05743 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -469,10 +469,10 @@ BOOL get_dir_entry(int cnum,char *mask,int dirtype,char *fname,int *size,int *mo *path = 0; pstrcpy(path,Connections[cnum].dirpath); if(needslash) - strcat(path,"/"); + pstrcat(path,"/"); pstrcpy(pathreal,path); - strcat(path,fname); - strcat(pathreal,dname); + pstrcat(path,fname); + pstrcat(pathreal,dname); if (sys_stat(pathreal,&sbuf) != 0) { DEBUG(5,("Couldn't stat 1 [%s]\n",path)); @@ -552,7 +552,7 @@ void *OpenDir(int cnum, char *name, BOOL use_veto) dirp->mallocsize = s; dirp->current = dirp->data; } - strcpy(dirp->data+used,n); + pstrcpy(dirp->data+used,n); used += l; dirp->numentries++; } @@ -671,9 +671,9 @@ void DirCacheAdd( char *path, char *name, char *dname, int snum ) return; /* so just return as if nothing happened. */ /* Set pointers correctly and load values. */ - entry->path = strcpy( (char *)&entry[1], path); - entry->name = strcpy( &(entry->path[pathlen]), name); - entry->dname = strcpy( &(entry->name[namelen]), dname); + entry->path = pstrcpy( (char *)&entry[1], path); + entry->name = pstrcpy( &(entry->path[pathlen]), name); + entry->dname = pstrcpy( &(entry->name[namelen]), dname); entry->snum = snum; /* Add the new entry to the linked list. */ diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 8be9c10a13..7b82894c7f 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -491,7 +491,7 @@ static void PackDriverData(struct pack_desc* desc) SIVAL(drivdata,0,sizeof drivdata); /* cb */ SIVAL(drivdata,4,1000); /* lVersion */ memset(drivdata+8,0,32); /* szDeviceName */ - strcpy(drivdata+8,"NULL"); + pstrcpy(drivdata+8,"NULL"); PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */ } @@ -650,7 +650,7 @@ static void fill_printq_info(int cnum, int snum, int uLevel, FILE *f; pstring fname; - strcpy(fname,lp_driverfile()); + pstrcpy(fname,lp_driverfile()); f=fopen(fname,"r"); if (!f) { DEBUG(3,("fill_printq_info: Can't open %s - %s\n",fname,strerror(errno))); @@ -748,7 +748,7 @@ int get_printerdrivernumber(int snum) FILE *f; pstring fname; - strcpy(fname,lp_driverfile()); + pstrcpy(fname,lp_driverfile()); DEBUG(4,("In get_printerdrivernumber: %s\n",fname)); f=fopen(fname,"r"); @@ -993,8 +993,8 @@ static int get_server_info(uint32 servertype, pstrcpy(fname,lp_lockdir()); trim_string(fname,NULL,"/"); - strcat(fname,"/"); - strcat(fname,SERVER_LIST); + pstrcat(fname,"/"); + pstrcat(fname,SERVER_LIST); f = fopen(fname,"r"); @@ -1036,7 +1036,7 @@ static int get_server_info(uint32 servertype, if (!next_token(&ptr,s->comment, NULL)) continue; if (!next_token(&ptr,s->domain , NULL)) { /* this allows us to cope with an old nmbd */ - strcpy(s->domain,global_myworkgroup); + pstrcpy(s->domain,global_myworkgroup); } if (sscanf(stype,"%X",&s->type) != 1) { @@ -2115,18 +2115,18 @@ static BOOL api_NetWkstaGetInfo(int cnum,uint16 vuid, char *param,char *data, SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */ - strcpy(p2,local_machine); + pstrcpy(p2,local_machine); strupper(p2); p2 = skip_string(p2,1); p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); - strcpy(p2,sesssetup_user); + pstrcpy(p2,sesssetup_user); p2 = skip_string(p2,1); p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */ - strcpy(p2,global_myworkgroup); + pstrcpy(p2,global_myworkgroup); strupper(p2); p2 = skip_string(p2,1); p += 4; @@ -2136,12 +2136,12 @@ static BOOL api_NetWkstaGetInfo(int cnum,uint16 vuid, char *param,char *data, p += 2; SIVAL(p,0,PTR_DIFF(p2,*rdata)); - strcpy(p2,global_myworkgroup); /* don't know. login domain?? */ + pstrcpy(p2,global_myworkgroup); /* don't know. login domain?? */ p2 = skip_string(p2,1); p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */ - strcpy(p2,""); + pstrcpy(p2,""); p2 = skip_string(p2,1); p += 4; @@ -2378,16 +2378,16 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data, if (uLevel >= 10) { SIVAL(p,usri11_comment,PTR_DIFF(p2,p)); /* comment */ - strcpy(p2,"Comment"); + pstrcpy(p2,"Comment"); p2 = skip_string(p2,1); SIVAL(p,usri11_usr_comment,PTR_DIFF(p2,p)); /* user_comment */ - strcpy(p2,"UserComment"); + pstrcpy(p2,"UserComment"); p2 = skip_string(p2,1); /* EEK! the cifsrap.txt doesn't have this in!!!! */ SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ - strcpy(p2,((vuser != NULL) ? vuser->real_name : UserName)); + pstrcpy(p2,((vuser != NULL) ? vuser->real_name : UserName)); p2 = skip_string(p2,1); } @@ -2397,22 +2397,22 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data, SIVAL(p,usri11_auth_flags,AF_OP_PRINT); /* auth flags */ SIVALS(p,usri11_password_age,-1); /* password age */ SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */ - strcpy(p2, lp_logon_path()); + pstrcpy(p2, lp_logon_path()); p2 = skip_string(p2,1); SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */ - strcpy(p2,""); + pstrcpy(p2,""); p2 = skip_string(p2,1); SIVAL(p,usri11_last_logon,0); /* last logon */ SIVAL(p,usri11_last_logoff,0); /* last logoff */ SSVALS(p,usri11_bad_pw_count,-1); /* bad pw counts */ SSVALS(p,usri11_num_logons,-1); /* num logons */ SIVAL(p,usri11_logon_server,PTR_DIFF(p2,p)); /* logon server */ - strcpy(p2,"\\\\*"); + pstrcpy(p2,"\\\\*"); p2 = skip_string(p2,1); SSVAL(p,usri11_country_code,0); /* country code */ SIVAL(p,usri11_workstations,PTR_DIFF(p2,p)); /* workstations */ - strcpy(p2,""); + pstrcpy(p2,""); p2 = skip_string(p2,1); SIVALS(p,usri11_max_storage,-1); /* max storage */ @@ -2433,7 +2433,7 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data, SSVAL(p,42, Connections[cnum].admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ - strcpy(p2,lp_logon_path()); + pstrcpy(p2,lp_logon_path()); p2 = skip_string(p2,1); SIVAL(p,48,PTR_DIFF(p2,*rdata)); /* comment */ *p2++ = 0; @@ -2443,11 +2443,11 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data, { SIVAL(p,60,0); /* auth_flags */ SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ - strcpy(p2,((vuser != NULL) ? vuser->real_name : UserName)); + pstrcpy(p2,((vuser != NULL) ? vuser->real_name : UserName)); p2 = skip_string(p2,1); SIVAL(p,68,0); /* urs_comment */ SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */ - strcpy(p2,""); + pstrcpy(p2,""); p2 = skip_string(p2,1); SIVAL(p,76,0); /* workstations */ SIVAL(p,80,0); /* last_logon */ @@ -2461,7 +2461,7 @@ static BOOL api_RNetUserGetInfo(int cnum,uint16 vuid, char *param,char *data, SSVALS(p,102,-1); /* bad_pw_count */ SSVALS(p,104,-1); /* num_logons */ SIVAL(p,106,PTR_DIFF(p2,*rdata)); /* logon_server */ - strcpy(p2,"\\\\%L"); + pstrcpy(p2,"\\\\%L"); standard_sub_basic(p2); p2 = skip_string(p2,1); SSVAL(p,110,49); /* country_code */ @@ -2512,10 +2512,10 @@ static BOOL api_NetUserGetGroups(int cnum,uint16 vuid, char *param,char *data, p = *rdata; /* XXXX we need a real SAM database some day */ - strcpy(p,"Users"); p += 21; count++; - strcpy(p,"Domain Users"); p += 21; count++; - strcpy(p,"Guests"); p += 21; count++; - strcpy(p,"Domain Guests"); p += 21; count++; + pstrcpy(p,"Users"); p += 21; count++; + pstrcpy(p,"Domain Users"); p += 21; count++; + pstrcpy(p,"Guests"); p += 21; count++; + pstrcpy(p,"Domain Guests"); p += 21; count++; *rdata_len = PTR_DIFF(p,*rdata); @@ -2574,8 +2574,8 @@ static BOOL api_WWkstaUserLogon(int cnum,uint16 vuid, char *param,char *data, PACKI(&desc,"D",-1); /* password must change */ { fstring mypath; - strcpy(mypath,"\\\\"); - strcat(mypath,local_machine); + fstrcpy(mypath,"\\\\"); + fstrcat(mypath,local_machine); strupper(mypath); PACKS(&desc,"z",mypath); /* computer */ } @@ -3129,8 +3129,8 @@ static BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *pd) } /* name has to be \PIPE\xxxxx */ - strcpy(ack_pipe_name, "\\PIPE\\"); - strcat(ack_pipe_name, p->pipe_srv_name); + fstrcpy(ack_pipe_name, "\\PIPE\\"); + fstrcat(ack_pipe_name, p->pipe_srv_name); DEBUG(5,("api_pipe_bind_req: make response. %d\n", __LINE__)); diff --git a/source3/smbd/mangle.c b/source3/smbd/mangle.c index eb267faab3..e822894600 100644 --- a/source3/smbd/mangle.c +++ b/source3/smbd/mangle.c @@ -648,9 +648,9 @@ BOOL check_mangled_cache( char *s ) DEBUG( 3, ("Found %s on mangled stack ", s) ); - (void)strcpy( s, found_name ); + (void)pstrcpy( s, found_name ); if( ext_start ) - (void)strcat( s, ext_start ); + (void)pstrcat( s, ext_start ); DEBUG( 3, ("as %s\n", s) ); @@ -830,7 +830,7 @@ static void do_fwd_mangled_map(char *s, char *MangledMap) * * ************************************************************************** ** */ -void mangle_name_83( char *s ) +void mangle_name_83( char *s, int s_len ) { int csum = str_checksum(s); char *p; @@ -863,7 +863,7 @@ void mangle_name_83( char *s ) if( p ) { if( p == s ) - strcpy( extension, "___" ); + safe_strcpy( extension, "___", 3 ); else { *p++ = 0; @@ -933,13 +933,13 @@ void mangle_name_83( char *s ) csum = csum % (36*36); - (void)sprintf( s, "%s%c%c%c", + (void)slprintf( s, s_len - 1, "%s%c%c%c", base, magic_char, base36( csum/36 ), base36( csum ) ); if( *extension ) { - (void)strcat( s, "." ); - (void)strcat( s, extension ); + (void)pstrcat( s, "." ); + (void)pstrcat( s, extension ); } DEBUG( 5, ( "%s\n", s ) ); @@ -996,7 +996,7 @@ BOOL name_map_mangle( char *OutName, BOOL need83, int snum ) /* mangle it into 8.3 */ tmp = strdup( OutName ); - mangle_name_83( OutName ); + mangle_name_83( OutName, strlen(tmp) ); if( tmp ) { cache_mangled_name( OutName, tmp ); diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 327bfba371..3040775e03 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -349,8 +349,8 @@ void add_session_user(char *user) DEBUG(1,("Too many session users??\n")); else { - strcat(session_users," "); - strcat(session_users,suser); + pstrcat(session_users," "); + pstrcat(session_users,suser); } } } @@ -364,7 +364,7 @@ static struct spwd *getspnam(char *username) /* fake shadow password routine */ { FILE *f; char line[1024]; - static char pw[20]; + static fstring pw; static struct spwd static_spwd; static_spwd.sp_pwdp=0; @@ -380,7 +380,7 @@ static struct spwd *getspnam(char *username) /* fake shadow password routine */ *q=0; if (q-p+1>20) break; - strcpy(pw, p); + fstrcpy(pw, p); static_spwd.sp_pwdp=pw; } break; @@ -415,7 +415,7 @@ static char *osf1_bigcrypt(char *password,char *salt1) for (i=0; i<parts;i++) { p1 = crypt(p2,salt); - strcat(result,p1+2); + strncat(result,p1+2,AUTH_MAX_PASSWD_LENGTH-strlen(p1+2)-1); StrnCpy(salt,&result[2+i*AUTH_CIPHERTEXT_SEG_CHARS],2); p2 += AUTH_CLEARTEXT_SEG_CHARS; } @@ -809,9 +809,9 @@ static BOOL krb4_auth(char *this_user,char *password) char tkfile[MAXPATHLEN]; if (krb_get_lrealm(realm, 1) != KSUCCESS) - (void) strncpy(realm, KRB_REALM, sizeof (realm)); + (void) safe_strcpy(realm, KRB_REALM, sizeof (realm) - 1); - (void) sprintf(tkfile, "/tmp/samba_tkt_%d", getpid()); + (void) slprintf(tkfile, sizeof(tkfile) - 1, "/tmp/samba_tkt_%d", getpid()); krb_set_tkt_string(tkfile); if (krb_verify_user(this_user, "", realm, @@ -1217,8 +1217,8 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) mypasswd = getprpwnam (user); if ( mypasswd ) { - strcpy(pass->pw_name,mypasswd->ufld.fd_name); - strcpy(pass->pw_passwd,mypasswd->ufld.fd_encrypt); + fstrcpy(pass->pw_name,mypasswd->ufld.fd_name); + fstrcpy(pass->pw_passwd,mypasswd->ufld.fd_encrypt); } else { @@ -1233,20 +1233,20 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) AUTHORIZATION *ap = getauthuid( pass->pw_uid ); if (ap) { - strcpy( pass->pw_passwd, ap->a_password ); + fstrcpy( pass->pw_passwd, ap->a_password ); endauthent(); } } #endif /* extract relevant info */ - strcpy(this_user,pass->pw_name); - strcpy(this_salt,pass->pw_passwd); + fstrcpy(this_user,pass->pw_name); + fstrcpy(this_salt,pass->pw_passwd); #ifdef HPUX /* The crypt on HPUX won't work with more than 2 salt characters. */ this_salt[2] = 0; #endif /* HPUX */ - strcpy(this_crypted,pass->pw_passwd); + fstrcpy(this_crypted,pass->pw_passwd); if (!*this_crypted) { if (!lp_null_passwords()) { @@ -1295,7 +1295,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) update_protected_database(user,False); /* restore it */ - strcpy(password,pass2); + fstrcpy(password,pass2); return(False); } @@ -1314,7 +1314,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) update_protected_database(user,False); /* restore it */ - strcpy(password,pass2); + fstrcpy(password,pass2); return(False); } @@ -1384,7 +1384,7 @@ static char *validate_group(char *group,char *password,int pwlen,int snum) while (member && *member) { static fstring name; - strcpy(name,*member); + fstrcpy(name,*member); if (user_ok(name,snum) && password_ok(name,password,pwlen,NULL)) return(&name[0]); @@ -1400,7 +1400,7 @@ static char *validate_group(char *group,char *password,int pwlen,int snum) if (*(pwd->pw_passwd) && pwd->pw_gid == gptr->gr_gid) { /* This Entry have PASSWORD and same GID then check pwd */ if (password_ok(NULL, password, pwlen, pwd)) { - strcpy(tm, pwd->pw_name); + fstrcpy(tm, pwd->pw_name); endpwent (); return tm; } @@ -1460,7 +1460,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen, if (!ok && (vuser != 0) && vuser->guest) { if (user_ok(vuser->name,snum) && password_ok(vuser->name, password, pwlen, NULL)) { - strcpy(user, vuser->name); + fstrcpy(user, vuser->name); vuser->guest = False; DEBUG(3,("ACCEPTED: given password with registered user %s\n", user)); ok = True; @@ -1480,12 +1480,12 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen, auser = strtok(NULL,LIST_SEP)) { fstring user2; - strcpy(user2,auser); + fstrcpy(user2,auser); if (!user_ok(user2,snum)) continue; if (password_ok(user2,password, pwlen, NULL)) { ok = True; - strcpy(user,user2); + fstrcpy(user,user2); DEBUG(3,("ACCEPTED: session list username and given password ok\n")); } } @@ -1496,7 +1496,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen, if (!ok && !lp_revalidate(snum) && (vuser != 0) && !vuser->guest && user_ok(vuser->name,snum)) { - strcpy(user,vuser->name); + fstrcpy(user,vuser->name); *guest = False; DEBUG(3,("ACCEPTED: validated uid ok as non-guest\n")); ok = True; @@ -1526,19 +1526,19 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen, if (auser) { ok = True; - strcpy(user,auser); + fstrcpy(user,auser); DEBUG(3,("ACCEPTED: group username and given password ok\n")); } } else { fstring user2; - strcpy(user2,auser); + fstrcpy(user2,auser); if (user_ok(user2,snum) && password_ok(user2,password,pwlen,NULL)) { ok = True; - strcpy(user,user2); + fstrcpy(user,user2); DEBUG(3,("ACCEPTED: user list username and given password ok\n")); } } @@ -1553,7 +1553,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen, StrnCpy(guestname,lp_guestaccount(snum),sizeof(guestname)-1); if (Get_Pwnam(guestname,True)) { - strcpy(user,guestname); + fstrcpy(user,guestname); ok = True; DEBUG(3,("ACCEPTED: guest account and guest ok\n")); } diff --git a/source3/smbd/quotas.c b/source3/smbd/quotas.c index df85f79b9b..ee08e48e65 100644 --- a/source3/smbd/quotas.c +++ b/source3/smbd/quotas.c @@ -138,7 +138,7 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize) struct stat sbuf; dev_t devno ; static dev_t devno_cached = 0 ; - static char name[MNTMAXSTR] ; + static pstring name; struct q_request request ; struct qf_header header ; static int quota_default = 0 ; @@ -172,7 +172,7 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize) } - strcpy(name,mnt->mnt_dir) ; + pstrcpy(name,mnt->mnt_dir) ; endmntent(fd) ; if ( ! found ) @@ -249,10 +249,10 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize) struct quotctl command; int file; struct mnttab mnt; - static char name[MNT_LINE_MAX] ; + static pstring name; #else struct mntent *mnt; - static char name[MNTMAXSTR] ; + static pstring name; #endif FILE *fd; struct stat sbuf; @@ -283,8 +283,8 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize) } } - strcpy(name,mnt.mnt_mountp) ; - strcat(name,"/quotas") ; + pstrcpy(name,mnt.mnt_mountp) ; + pstrcat(name,"/quotas") ; fclose(fd) ; #else if ((fd = setmntent(MOUNTED, "r")) == NULL) @@ -302,7 +302,7 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize) } } - strcpy(name,mnt->mnt_fsname) ; + pstrcpy(name,mnt->mnt_fsname) ; endmntent(fd) ; #endif diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c927e09425..21a20b0712 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -308,7 +308,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (Protocol < PROTOCOL_NT1) { set_message(outbuf,2,strlen(devicename)+1,True); - strcpy(smb_buf(outbuf),devicename); + pstrcpy(smb_buf(outbuf),devicename); } else { @@ -318,8 +318,8 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) set_message(outbuf,3,3,True); p = smb_buf(outbuf); - strcpy(p,devicename); p = skip_string(p,1); /* device name */ - strcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */ + pstrcpy(p,devicename); p = skip_string(p,1); /* device name */ + pstrcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */ set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); @@ -578,7 +578,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* If no username is sent use the guest account */ if (!*user) { - strcpy(user,lp_guestaccount(-1)); + pstrcpy(user,lp_guestaccount(-1)); /* If no user and no password then set guest flag. */ if( *smb_apasswd == 0) guest = True; @@ -593,7 +593,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) */ if((lp_security() != SEC_SHARE) || *user) - strcpy(sesssetup_user,user); + pstrcpy(sesssetup_user,user); reload_services(True); @@ -641,7 +641,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) #endif } if (*smb_apasswd || !Get_Pwnam(user,True)) - strcpy(user,lp_guestaccount(-1)); + pstrcpy(user,lp_guestaccount(-1)); DEBUG(3,("Registered username %s for guest access\n",user)); guest = True; } @@ -649,7 +649,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (!Get_Pwnam(user,True)) { DEBUG(3,("No such user %s - using guest account\n",user)); - strcpy(user,lp_guestaccount(-1)); + pstrcpy(user,lp_guestaccount(-1)); guest = True; } @@ -670,9 +670,9 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) char *p; set_message(outbuf,3,3,True); p = smb_buf(outbuf); - strcpy(p,"Unix"); p = skip_string(p,1); - strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1); - strcpy(p,global_myworkgroup); p = skip_string(p,1); + pstrcpy(p,"Unix"); p = skip_string(p,1); + pstrcpy(p,"Samba "); pstrcat(p,VERSION); p = skip_string(p,1); + pstrcpy(p,global_myworkgroup); p = skip_string(p,1); set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); /* perhaps grab OS version here?? */ } @@ -984,7 +984,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) p = strrchr(dir2,'/'); if (p == NULL) { - strcpy(mask,dir2); + pstrcpy(mask,dir2); *dir2 = 0; } else @@ -1000,7 +1000,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) *p = 0; if (strlen(directory) == 0) - strcpy(directory,"./"); + pstrcpy(directory,"./"); bzero(status,21); CVAL(status,0) = dirtype; } @@ -1027,8 +1027,8 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) fstrcpy(ext,p+1); *p = 0; trim_string(mask,NULL," "); - strcat(mask,"."); - strcat(mask,ext); + pstrcat(mask,"."); + pstrcat(mask,ext); } } @@ -1049,7 +1049,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) fstrcpy(tmp,&mask[8]); mask[8] = '.'; mask[9] = 0; - strcat(mask,tmp); + pstrcat(mask,tmp); } DEBUG(5,("mask=%s directory=%s\n",mask,directory)); @@ -1566,7 +1566,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); - strcat(fname,"/TMXXXXXX"); + pstrcat(fname,"/TMXXXXXX"); unix_convert(fname,cnum,0,&bad_path); unixmode = unix_mode(cnum,createmode); @@ -1586,7 +1586,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) return(UNIXERROR(ERRDOS,ERRnoaccess)); } - strcpy(fname2,(char *)mktemp(fname)); + pstrcpy(fname2,(char *)mktemp(fname)); /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ @@ -1609,7 +1609,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,1,2 + strlen(fname2),True); SSVAL(outbuf,smb_vwv0,fnum); CVAL(smb_buf(outbuf),0) = 4; - strcpy(smb_buf(outbuf) + 1,fname2); + pstrcpy(smb_buf(outbuf) + 1,fname2); if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; @@ -1678,12 +1678,12 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) p = strrchr(name,'/'); if (!p) { - strcpy(directory,"./"); - strcpy(mask,name); + pstrcpy(directory,"./"); + pstrcpy(mask,name); } else { *p = 0; - strcpy(directory,name); - strcpy(mask,p+1); + pstrcpy(directory,name); + pstrcpy(mask,p+1); } if (is_mangled(mask)) @@ -1692,8 +1692,8 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) has_wild = strchr(mask,'*') || strchr(mask,'?'); if (!has_wild) { - strcat(directory,"/"); - strcat(directory,mask); + pstrcat(directory,"/"); + pstrcat(directory,mask); if (can_delete(directory,cnum,dirtype) && !sys_unlink(directory)) count++; if (!count) exists = file_exist(directory,NULL); } else { @@ -1713,7 +1713,7 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) error = ERRbadfile; if (strequal(mask,"????????.???")) - strcpy(mask,"*"); + pstrcpy(mask,"*"); while ((dname = ReadDirName(dirptr))) { @@ -2636,7 +2636,7 @@ int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); - strcpy(fname2,(char *)mktemp(fname)); + pstrcpy(fname2,(char *)mktemp(fname)); if (!check_name(fname2,cnum)) { Files[fnum].reserved = False; @@ -2877,9 +2877,9 @@ static BOOL recursive_rmdir(char *directory) ret = True; break; } - strcpy(fullname, directory); - strcat(fullname, "/"); - strcat(fullname, dname); + pstrcpy(fullname, directory); + pstrcat(fullname, "/"); + pstrcat(fullname, dname); if(sys_lstat(fullname, &st) != 0) { @@ -2971,8 +2971,8 @@ int reply_rmdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) break; } pstrcpy(fullname, directory); - strcat(fullname, "/"); - strcat(fullname, dname); + pstrcat(fullname, "/"); + pstrcat(fullname, dname); if(sys_lstat(fullname, &st) != 0) break; @@ -3078,10 +3078,10 @@ static BOOL resolve_wildcards(char *name1,char *name2) if (*p) p++; } - strcpy(name2,root2); + pstrcpy(name2,root2); if (ext2[0]) { - strcat(name2,"."); - strcat(name2,ext2); + pstrcat(name2,"."); + pstrcat(name2,ext2); } return(True); @@ -3144,12 +3144,12 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) p = strrchr(name,'/'); if (!p) { - strcpy(directory,"."); - strcpy(mask,name); + pstrcpy(directory,"."); + pstrcpy(mask,name); } else { *p = 0; - strcpy(directory,name); - strcpy(mask,p+1); + pstrcpy(directory,name); + pstrcpy(mask,p+1); *p = '/'; /* Replace needed for exceptional test below. */ } @@ -3162,16 +3162,16 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) BOOL is_short_name = is_8_3(name, True); /* Add a terminating '/' to the directory name. */ - strcat(directory,"/"); - strcat(directory,mask); + pstrcat(directory,"/"); + pstrcat(directory,mask); /* Ensure newname contains a '/' also */ if(strrchr(newname,'/') == 0) { pstring tmpstr; - strcpy(tmpstr, "./"); - strcat(tmpstr, newname); - strcpy(newname, tmpstr); + pstrcpy(tmpstr, "./"); + pstrcat(tmpstr, newname); + pstrcpy(newname, tmpstr); } DEBUG(3,("reply_mv : case_sensitive = %d, case_preserve = %d, short case preserve = %d, directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", @@ -3197,7 +3197,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) * character above. */ p = strrchr(newname,'/'); - strcpy(newname_modified_last_component,p+1); + pstrcpy(newname_modified_last_component,p+1); if(strcsequal(newname_modified_last_component, newname_last_component) == False) { @@ -3205,7 +3205,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) * Replace the modified last component with * the original. */ - strcpy(p+1, newname_last_component); + pstrcpy(p+1, newname_last_component); } } @@ -3235,7 +3235,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) error = ERRbadfile; if (strequal(mask,"????????.???")) - strcpy(mask,"*"); + pstrcpy(mask,"*"); while ((dname = ReadDirName(dirptr))) { @@ -3309,8 +3309,8 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, p++; else p = src; - strcat(dest,"/"); - strcat(dest,p); + pstrcat(dest,"/"); + pstrcat(dest,p); } if (!file_exist(src,&st)) return(False); @@ -3415,12 +3415,12 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) p = strrchr(name,'/'); if (!p) { - strcpy(directory,"./"); - strcpy(mask,name); + pstrcpy(directory,"./"); + pstrcpy(mask,name); } else { *p = 0; - strcpy(directory,name); - strcpy(mask,p+1); + pstrcpy(directory,name); + pstrcpy(mask,p+1); } if (is_mangled(mask)) @@ -3429,8 +3429,8 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) has_wild = strchr(mask,'*') || strchr(mask,'?'); if (!has_wild) { - strcat(directory,"/"); - strcat(directory,mask); + pstrcat(directory,"/"); + pstrcat(directory,mask); if (resolve_wildcards(directory,newname) && copy_file(directory,newname,cnum,ofun, count,target_is_directory)) count++; @@ -3448,7 +3448,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) error = ERRbadfile; if (strequal(mask,"????????.???")) - strcpy(mask,"*"); + pstrcpy(mask,"*"); while ((dname = ReadDirName(dirptr))) { @@ -3459,7 +3459,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - strcpy(destname,newname); + pstrcpy(destname,newname); if (resolve_wildcards(fname,destname) && copy_file(directory,newname,cnum,ofun, count,target_is_directory)) count++; diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 7788b142e0..540f9f799f 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -427,8 +427,8 @@ static BOOL mangled_equal(char *name1, char *name2) if (is_8_3(name2, True)) return(False); - strcpy(tmpname,name2); - mangle_name_83(tmpname); + pstrcpy(tmpname,name2); + mangle_name_83(tmpname,sizeof(tmpname)); return(strequal(name1,tmpname)); } @@ -453,7 +453,7 @@ static BOOL scan_directory(char *path, char *name,int cnum,BOOL docache) path = "."; if (docache && (dname = DirCacheCheck(path,name,SNUM(cnum)))) { - strcpy(name, dname); + pstrcpy(name, dname); return(True); } @@ -489,7 +489,7 @@ static BOOL scan_directory(char *path, char *name,int cnum,BOOL docache) { /* we've found the file, change it's name and return */ if (docache) DirCacheAdd(path,name,dname,SNUM(cnum)); - strcpy(name, dname); + pstrcpy(name, dname); CloseDir(cur_dir); return(True); } @@ -547,9 +547,9 @@ BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_pa if(saved_last_component) { end = strrchr(name, '/'); if(end) - strcpy(saved_last_component, end + 1); + pstrcpy(saved_last_component, end + 1); else - strcpy(saved_last_component, name); + pstrcpy(saved_last_component, name); } if (!case_sensitive && @@ -567,7 +567,7 @@ BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_pa /* sanitise the name */ for (s=name2 ; *s ; s++) if (!issafe(*s)) *s = '_'; - strcpy(name,(char *)mktemp(name2)); + pstrcpy(name,(char *)mktemp(name2)); } return(True); } @@ -604,7 +604,7 @@ BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_pa if (end) *end = 0; if(saved_last_component != 0) - strcpy(saved_last_component, end ? end + 1 : start); + pstrcpy(saved_last_component, end ? end + 1 : start); /* check if the name exists up to this point */ if (sys_stat(name, &st) == 0) @@ -669,14 +669,14 @@ BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_pa /* restore the rest of the string */ if (end) { - strcpy(start+strlen(start)+1,rest); + pstrcpy(start+strlen(start)+1,rest); end = start + strlen(start); } } /* add to the dirpath that we have resolved so far */ - if (*dirpath) strcat(dirpath,"/"); - strcat(dirpath,start); + if (*dirpath) pstrcat(dirpath,"/"); + pstrcat(dirpath,start); /* restore the / that we wiped out earlier */ if (end) *end = '/'; @@ -990,7 +990,7 @@ static int fd_attempt_open(char *fname, int flags, int mode) if((fd == -1) && (errno == ENOENT) && (strchr(fname,'.')==NULL)) { - strcat(fname,"."); + pstrcat(fname,"."); fd = sys_open(fname,flags,mode); } @@ -3370,7 +3370,7 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de { if (validated_username(vuid)) { - strcpy(user,validated_username(vuid)); + pstrcpy(user,validated_username(vuid)); return(make_connection(user,user,password,pwlen,dev,vuid)); } } @@ -3381,7 +3381,7 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de */ if(*sesssetup_user) { - strcpy(user,sesssetup_user); + pstrcpy(user,sesssetup_user); return(make_connection(user,user,password,pwlen,dev,vuid)); } } @@ -3393,14 +3393,14 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de /* you can only connect to the IPC$ service as an ipc device */ if (strequal(service,"IPC$")) - strcpy(dev,"IPC"); + pstrcpy(dev,"IPC"); if (*dev == '?' || !*dev) { if (lp_print_ok(snum)) - strcpy(dev,"LPT1:"); + pstrcpy(dev,"LPT1:"); else - strcpy(dev,"A:"); + pstrcpy(dev,"A:"); } /* if the request is as a printer and you can't print then refuse */ @@ -3964,7 +3964,7 @@ int reply_nt1(char *outbuf) data_len = crypt_len + strlen(global_myworkgroup) + 1; set_message(outbuf,17,data_len,True); - strcpy(smb_buf(outbuf)+crypt_len, global_myworkgroup); + pstrcpy(smb_buf(outbuf)+crypt_len, global_myworkgroup); CVAL(outbuf,smb_vwv1) = secword; SSVALS(outbuf,smb_vwv16+1,crypt_len); @@ -4221,7 +4221,7 @@ void close_cnum(int cnum, uint16 vuid) if (*lp_postexec(SNUM(cnum)) && become_user(&Connections[cnum], cnum,vuid)) { pstring cmd; - strcpy(cmd,lp_postexec(SNUM(cnum))); + pstrcpy(cmd,lp_postexec(SNUM(cnum))); standard_sub(cnum,cmd); smbrun(cmd,NULL,False); unbecome_user(); @@ -4232,7 +4232,7 @@ void close_cnum(int cnum, uint16 vuid) if (*lp_rootpostexec(SNUM(cnum))) { pstring cmd; - strcpy(cmd,lp_rootpostexec(SNUM(cnum))); + pstrcpy(cmd,lp_rootpostexec(SNUM(cnum))); standard_sub(cnum,cmd); smbrun(cmd,NULL,False); } @@ -4270,7 +4270,7 @@ static BOOL dump_core(void) pstring dname; pstrcpy(dname,debugf); if ((p=strrchr(dname,'/'))) *p=0; - strcat(dname,"/corefiles"); + pstrcat(dname,"/corefiles"); mkdir(dname,0700); sys_chown(dname,getuid(),getgid()); chmod(dname,0700); @@ -5060,9 +5060,9 @@ static void usage(char *pname) TimeInit(); - strcpy(debugf,SMBLOGFILE); + pstrcpy(debugf,SMBLOGFILE); - strcpy(remote_machine, "smb"); + pstrcpy(remote_machine, "smb"); setup_logging(argv[0],False); @@ -5101,10 +5101,10 @@ static void usage(char *pname) switch (opt) { case 'O': - strcpy(user_socket_options,optarg); + pstrcpy(user_socket_options,optarg); break; case 'i': - strcpy(scope,optarg); + pstrcpy(scope,optarg); break; case 'P': { @@ -5113,10 +5113,10 @@ static void usage(char *pname) } break; case 's': - strcpy(servicesf,optarg); + pstrcpy(servicesf,optarg); break; case 'l': - strcpy(debugf,optarg); + pstrcpy(debugf,optarg); break; case 'a': { @@ -5185,7 +5185,7 @@ static void usage(char *pname) codepage_initialise(lp_client_code_page()); - strcpy(global_myworkgroup, lp_workgroup()); + pstrcpy(global_myworkgroup, lp_workgroup()); #ifndef NO_SIGNAL_TEST signal(SIGHUP,SIGNAL_CAST sig_hup); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index fb45efcc0b..db44dc984d 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -325,7 +325,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l if(p != NULL) { if(p[1] == '\0') - strcpy(mask,"*.*"); + pstrcpy(mask,"*.*"); else pstrcpy(mask, p+1); } @@ -368,8 +368,8 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l pstrcpy(pathreal,Connections[cnum].dirpath); if(needslash) - strcat(pathreal,"/"); - strcat(pathreal,dname); + pstrcat(pathreal,"/"); + pstrcat(pathreal,dname); if (sys_stat(pathreal,&sbuf) != 0) { DEBUG(5,("get_lanman2_dir_entry:Couldn't stat [%s] (%s)\n",pathreal,strerror(errno))); @@ -417,7 +417,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l SIVAL(p,l1_cbFileAlloc,ROUNDUP(size,1024)); SSVAL(p,l1_attrFile,mode); SCVAL(p,l1_cchName,strlen(fname)); - strcpy(p + l1_achName, fname); + pstrcpy(p + l1_achName, fname); nameptr = p + l1_achName; p += l1_achName + strlen(fname) + 1; break; @@ -436,7 +436,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l SSVAL(p,l2_attrFile,mode); SIVAL(p,l2_cbList,0); /* No extended attributes */ SCVAL(p,l2_cchName,strlen(fname)); - strcpy(p + l2_achName, fname); + pstrcpy(p + l2_achName, fname); nameptr = p + l2_achName; p += l2_achName + strlen(fname) + 1; break; @@ -451,7 +451,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l SSVAL(p,24,mode); SIVAL(p,26,4); CVAL(p,30) = strlen(fname); - strcpy(p+31, fname); + pstrcpy(p+31, fname); nameptr = p+31; p += 31 + strlen(fname) + 1; break; @@ -469,7 +469,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l SIVAL(p,20,ROUNDUP(size,1024)); SSVAL(p,24,mode); CVAL(p,32) = strlen(fname); - strcpy(p + 33, fname); + pstrcpy(p + 33, fname); nameptr = p+33; p += 33 + strlen(fname) + 1; break; @@ -490,7 +490,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l SIVAL(p,0,strlen(fname)); p += 4; SIVAL(p,0,0); p += 4; if (!was_8_3) { - strcpy(p+2,fname); + pstrcpy(p+2,fname); if (!name_map_mangle(p+2,True,SNUM(cnum))) (p+2)[12] = 0; } else @@ -499,7 +499,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l SSVAL(p,0,strlen(p+2)); p += 2 + 24; /* nameptr = p; */ - strcpy(p,fname); p += strlen(p); + pstrcpy(p,fname); p += strlen(p); p = pdata + len; break; @@ -516,7 +516,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l SIVAL(p,0,size); p += 8; SIVAL(p,0,nt_extmode); p += 4; SIVAL(p,0,strlen(fname)); p += 4; - strcpy(p,fname); + pstrcpy(p,fname); p = pdata + len; break; @@ -535,7 +535,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l SIVAL(p,0,nt_extmode); p += 4; SIVAL(p,0,strlen(fname)); p += 4; SIVAL(p,0,0); p += 4; - strcpy(p,fname); + pstrcpy(p,fname); p = pdata + len; break; @@ -545,7 +545,7 @@ static int get_lanman2_dir_entry(int cnum,char *path_mask,int dirtype,int info_l SIVAL(p,0,len); p += 4; SIVAL(p,0,reskey); p += 4; SIVAL(p,0,strlen(fname)); p += 4; - strcpy(p,fname); + pstrcpy(p,fname); p = pdata + len; break; @@ -651,10 +651,10 @@ static int call_trans2findfirst(char *inbuf, char *outbuf, int bufsize, int cnum p = strrchr(directory,'/'); if(p == NULL) { - strcpy(mask,directory); - strcpy(directory,"./"); + pstrcpy(mask,directory); + pstrcpy(directory,"./"); } else { - strcpy(mask,p+1); + pstrcpy(mask,p+1); *p = 0; } @@ -686,7 +686,7 @@ static int call_trans2findfirst(char *inbuf, char *outbuf, int bufsize, int cnum } /* a special case for 16 bit apps */ - if (strequal(mask,"????????.???")) strcpy(mask,"*"); + if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); /* handle broken clients that send us old 8.3 format */ string_sub(mask,"????????","*"); @@ -863,8 +863,8 @@ resume_key = %d resume name = %s continue=%d level = %d\n", DEBUG(2,("dptr_num %d has no wildcard\n", dptr_num)); return (ERROR(ERRDOS,ERRnofiles)); } - strcpy(mask, p); - strcpy(directory,Connections[cnum].dirpath); + pstrcpy(mask, p); + pstrcpy(directory,Connections[cnum].dirpath); /* Get the attr mask from the dptr */ dirtype = dptr_attr(dptr_num); @@ -1060,7 +1060,7 @@ static int call_trans2qfsinfo(char *inbuf, char *outbuf, int length, int bufsize case SMB_QUERY_FS_LABEL_INFO: data_len = 4 + strlen(vname); SIVAL(pdata,0,strlen(vname)); - strcpy(pdata+4,vname); + pstrcpy(pdata+4,vname); break; case SMB_QUERY_FS_VOLUME_INFO: data_len = 18 + 2*strlen(vname); diff --git a/source3/smbd/vt_mode.c b/source3/smbd/vt_mode.c index dcb6ce831d..19f8259464 100644 --- a/source3/smbd/vt_mode.c +++ b/source3/smbd/vt_mode.c @@ -50,7 +50,7 @@ extern int DEBUGLEVEL; extern char *InBuffer, *OutBuffer; extern int done_become_user; -char master_name [64], slave_name [64]; +fstring master_name, slave_name; int master, slave, i, o, e; int ms_type = MS_NONE, @@ -202,8 +202,8 @@ int VT_Start(void) #endif if(ms_poll == MS_VTY || ms_poll == 0) { - strcpy(master_name, MASTER_TMPL); - strcpy(slave_name, SLAVE_TMPL); + fstrcpy(master_name, MASTER_TMPL); + fstrcpy(slave_name, SLAVE_TMPL); for(X = LETTER1; *X && master < 0; X++) for(Y = LETTER2; *Y && master < 0; Y++) { @@ -242,9 +242,9 @@ int VT_Start(void) int i; for(i = MIN_I; i <= MAX_I && master < 0; i++) { - sprintf(master_name, MASTER_TMPL, i); + slprintf(master_name, sizeof(fstring) - 1, MASTER_TMPL, i); if((master = open(master_name, O_RDWR)) >= 0) { - sprintf(slave_name, SLAVE_TMPL, i); + slprintf(slave_name, sizeof(fstring) - 1, SLAVE_TMPL, i); if((slave = open(slave_name, O_RDWR)) < 0) close(master); } diff --git a/source3/utils/make_printerdef.c b/source3/utils/make_printerdef.c index 0c3cb633af..4745127175 100644 --- a/source3/utils/make_printerdef.c +++ b/source3/utils/make_printerdef.c @@ -28,9 +28,9 @@ char *files_to_copy; char *driverfile, *datafile, *helpfile, *languagemonitor, *datatype; -char buffer[50][255]; -char sbuffer[50][255]; -char sub_dir[50][2][255]; +char buffer[50][sizeof(pstring)]; +char sbuffer[50][sizeof(pstring)]; +char sub_dir[50][2][sizeof(pstring)]; void usage(char *name) { @@ -42,31 +42,31 @@ char *myfgets(char *s, int n, FILE *stream) char *LString1; char *LString2; char *temp; - char String[255]; - char NewString[255]; + pstring String; + pstring NewString; int i; fgets(s,n,stream); while ((LString1 = strchr(s,'%')) != NULL) { if (!(LString2 = strchr(LString1+1,'%'))) break; *LString2 = '\0'; - strcpy(String,LString1+1); + pstrcpy(String,LString1+1); i = 0; while(*sbuffer[i]!='\0') { if (strncmp(sbuffer[i],String,strlen(String))==0) { - strcpy(String,sbuffer[i]); + pstrcpy(String,sbuffer[i]); if ((temp = strchr(String,'=')) != NULL) ++temp; - strcpy(String,temp); + pstrcpy(String,temp); break; } i++; } *LString1 = '\0'; - strcpy(NewString,s); - strcat(NewString,String); - strcat(NewString,LString2+1); - strcpy(s, NewString); + pstrcpy(NewString,s); + pstrcat(NewString,String); + pstrcat(NewString,LString2+1); + pstrcpy(s, NewString); } return(s); } @@ -82,15 +82,15 @@ char *scan(char *chaine,char **entry) char *temp; int i=0; - *entry=(char *)malloc(255*sizeof(char)); - value=(char *)malloc(255*sizeof(char)); - strcpy(*entry,chaine); + *entry=(char *)malloc(sizeof(pstring)); + value=(char *)malloc(sizeof(pstring)); + pstrcpy(*entry,chaine); temp=chaine; while( temp[i]!='=' && temp[i]!='\0') { i++; } (*entry)[i]='\0'; - strcpy(value,temp+i+1); + pstrcpy(value,temp+i+1); return (value); } @@ -107,12 +107,12 @@ void build_subdir(void) #endif if (strcmp(data,"11")==0) { - strcpy(sub_dir[i][0],entry); - strcpy(sub_dir[i][1],""); + pstrcpy(sub_dir[i][0],entry); + pstrcpy(sub_dir[i][1],""); } if (strcmp(data,"23")==0) { - strcpy(sub_dir[i][0],entry); - strcpy(sub_dir[i][1],"color\\"); + pstrcpy(sub_dir[i][0],entry); + pstrcpy(sub_dir[i][1],"color\\"); } #ifdef DEBUGIT fprintf(stderr,"\tsubdir %s:%s\n",sub_dir[i][0],sub_dir[i][1]); @@ -131,12 +131,12 @@ void lookup_strings(FILE *fichier) int found=0,pointeur=0,i=0; char *temp,*temp2; - temp=(char *)malloc(255*sizeof(char)); - temp2=(char *)malloc(255*sizeof(char)); + temp=(char *)malloc(sizeof(pstring)); + temp2=(char *)malloc(sizeof(pstring)); *sbuffer[0]='\0'; - strcpy(temp2,"[Strings]"); + pstrcpy(temp2,"[Strings]"); rewind(fichier); #ifdef DEBUGIT @@ -158,7 +158,7 @@ void lookup_strings(FILE *fichier) *sbuffer[pointeur]='\0'; } else { - strcpy(sbuffer[pointeur],temp); + pstrcpy(sbuffer[pointeur],temp); i=strlen(sbuffer[pointeur])-1; while (sbuffer[pointeur][i]=='\r' || sbuffer[pointeur][i]=='\n') sbuffer[pointeur][i--]='\0'; @@ -181,14 +181,14 @@ void lookup_entry(FILE *fichier,char *chaine) int found=0,pointeur=0,i=0; char *temp,*temp2; - temp=(char *)malloc(255*sizeof(char)); - temp2=(char *)malloc(255*sizeof(char)); + temp=(char *)malloc(sizeof(pstring)); + temp2=(char *)malloc(sizeof(pstring)); *buffer[0]='\0'; - strcpy(temp2,"["); - strcat(temp2,chaine); - strcat(temp2,"]"); + pstrcpy(temp2,"["); + pstrcat(temp2,chaine); + pstrcat(temp2,"]"); rewind(fichier); #ifdef DEBUGIT @@ -210,7 +210,7 @@ void lookup_entry(FILE *fichier,char *chaine) *buffer[pointeur]='\0'; } else { - strcpy(buffer[pointeur],temp); + pstrcpy(buffer[pointeur],temp); i=strlen(buffer[pointeur])-1; while (buffer[pointeur][i]=='\r' || buffer[pointeur][i]=='\n') buffer[pointeur][i--]='\0'; @@ -232,9 +232,9 @@ char *find_desc(FILE *fichier,char *text) int found=0; - chaine=(char *)malloc(255*sizeof(char)); - long_desc=(char *)malloc(40*sizeof(char)); - short_desc=(char *)malloc(40*sizeof(char)); + chaine=(char *)malloc(sizeof(pstring)); + long_desc=(char *)malloc(sizeof(pstring)); + short_desc=(char *)malloc(sizeof(pstring)); if (!chaine || !long_desc || !short_desc) { fprintf(stderr,"Unable to malloc memory\n"); exit(1); @@ -267,7 +267,7 @@ char *find_desc(FILE *fichier,char *text) free(chaine); if (!found || !crap) return(NULL); while(*crap==' ') crap++; - strcpy(short_desc,crap); + pstrcpy(short_desc,crap); return(short_desc); } @@ -276,7 +276,7 @@ void scan_copyfiles(FILE *fichier, char *chaine) char *part; char *mpart; int i; - char direc[255]; + pstring direc; #ifdef DEBUGIT fprintf(stderr,"In scan_copyfiles Lookup up of %s\n",chaine); #endif @@ -290,19 +290,19 @@ void scan_copyfiles(FILE *fichier, char *chaine) */ if (*part=='@') { if (strlen(files_to_copy) != 0) - strcat(files_to_copy,","); - strcat(files_to_copy,&part[1]); + pstrcat(files_to_copy,","); + pstrcat(files_to_copy,&part[1]); fprintf(stderr,"%s\n",&part[1]); } else { lookup_entry(fichier,part); i=0; - strcpy(direc,""); + pstrcpy(direc,""); while (*sub_dir[i][0]!='\0') { #ifdef DEBUGIT fprintf(stderr,"\tsubdir %s:%s\n",sub_dir[i][0],sub_dir[i][1]); #endif if (strcmp(sub_dir[i][0],part)==0) - strcpy(direc,sub_dir[i][1]); + pstrcpy(direc,sub_dir[i][1]); i++; } i=0; @@ -331,7 +331,7 @@ void scan_copyfiles(FILE *fichier, char *chaine) part = strchr(buffer[i],','); if (part) { if ((mpart = strrchr(part+1,','))!=NULL) { - strcpy(buffer[i],mpart+1); + pstrcpy(buffer[i],mpart+1); } else *part = '\0'; while (--part > buffer[i]) @@ -340,9 +340,9 @@ void scan_copyfiles(FILE *fichier, char *chaine) } } if (strlen(files_to_copy) != 0) - strcat(files_to_copy,","); - strcat(files_to_copy,direc); - strcat(files_to_copy,buffer[i]); + pstrcat(files_to_copy,","); + pstrcat(files_to_copy,direc); + pstrcat(files_to_copy,buffer[i]); fprintf(stderr,"%s%s\n",direc,buffer[i]); i++; } @@ -364,8 +364,8 @@ void scan_short_desc(FILE *fichier, char *short_desc) helpfile=0; languagemonitor=0; datatype="RAW"; - chaine=(char *)malloc(255*sizeof(char)); - temp=(char *)malloc(255*sizeof(char)); + chaine=(char *)malloc(sizeof(pstring)); + temp=(char *)malloc(sizeof(pstring)); driverfile=short_desc; datafile=short_desc; @@ -422,7 +422,7 @@ void scan_short_desc(FILE *fichier, char *short_desc) if (languagemonitor) { temp = strtok(languagemonitor,","); if (*temp == '"') ++temp; - strcpy(languagemonitor,temp); + pstrcpy(languagemonitor,temp); if ((temp = strchr(languagemonitor,'"'))!=NULL) *temp = '\0'; } diff --git a/source3/utils/make_smbcodepage.c b/source3/utils/make_smbcodepage.c index 409d199640..ce45a7bc60 100644 --- a/source3/utils/make_smbcodepage.c +++ b/source3/utils/make_smbcodepage.c @@ -64,7 +64,7 @@ void read_line( char **buf, char *line_buf, int size) int clean_data( char **buf, uint32 *size) { - char linebuf[512]; + pstring linebuf; char *p = *buf; int num_lines = 0; char *newbuf = (char *)malloc( *size + 1); @@ -94,7 +94,7 @@ int clean_data( char **buf, uint32 *size) if(*cp == '\0') continue; - strcpy(newbuf_p, cp); + pstrcpy(newbuf_p, cp); num_lines++; newbuf_p += (strlen(newbuf_p) + 1); } diff --git a/source3/utils/nmblookup.c b/source3/utils/nmblookup.c index 4c9132ee75..59d5771c5d 100644 --- a/source3/utils/nmblookup.c +++ b/source3/utils/nmblookup.c @@ -196,7 +196,7 @@ int main(int argc,char *argv[]) if(lookup_by_ip) { - strcpy(lookup,"*"); + fstrcpy(lookup,"*"); ip = *interpret_addr2(argv[i]); printf("Looking up status of %s\n",inet_ntoa(ip)); name_status(ServerFD,lookup,lookup_type,True,ip,NULL,NULL,NULL); @@ -206,7 +206,7 @@ int main(int argc,char *argv[]) if (find_master) { if (*lookup == '-') { - strcpy(lookup,"\01\02__MSBROWSE__\02"); + fstrcpy(lookup,"\01\02__MSBROWSE__\02"); lookup_type = 1; } else { lookup_type = 0x1d; diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index 5060d80d3d..3737d82042 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -345,7 +345,7 @@ int main(int argc, char **argv) if(is_root) { disable_user = True; got_new_pass = True; - strcpy(new_passwd, "XXXXXX"); + fstrcpy(new_passwd, "XXXXXX"); } else usage(prog_name, is_root); break; @@ -356,7 +356,7 @@ int main(int argc, char **argv) if(is_root) { set_no_password = True; got_new_pass = True; - strcpy(new_passwd, "NO PASSWORD"); + fstrcpy(new_passwd, "NO PASSWORD"); } else usage(prog_name, is_root); case 'r': diff --git a/source3/utils/status.c b/source3/utils/status.c index 40bafbe0c2..d4753d589d 100644 --- a/source3/utils/status.c +++ b/source3/utils/status.c @@ -139,7 +139,7 @@ static void print_share_mode(share_mode_entry *e, char *fname) processes_only = 1; break; case 's': - strcpy(servicesf, optarg); + pstrcpy(servicesf, optarg); break; case 'u': /* added by OH */ Ucrit_addUsername(optarg); /* added by OH */ @@ -162,10 +162,10 @@ static void print_share_mode(share_mode_entry *e, char *fname) printf("lockdir = %s\n", *lp_lockdir() ? lp_lockdir() : "NULL"); } - strcpy(fname,lp_lockdir()); + pstrcpy(fname,lp_lockdir()); standard_sub_basic(fname); trim_string(fname,"","/"); - strcat(fname,"/STATUS..LCK"); + pstrcat(fname,"/STATUS..LCK"); f = fopen(fname,"r"); if (!f) { @@ -281,7 +281,7 @@ static void print_share_mode(share_mode_entry *e, char *fname) /* added by OH */ void Ucrit_addUsername(pstring username) { - strcpy(Ucrit_username, username); + pstrcpy(Ucrit_username, username); if(strlen(Ucrit_username) > 0) Ucrit_IsActive = 1; } diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 83d4d7fbb5..f37c7376fd 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -52,9 +52,9 @@ extern pstring myhostname; charset_initialise(); if (argc < 2) - strcpy(configfile,CONFIGFILE); + pstrcpy(configfile,CONFIGFILE); else - strcpy(configfile,argv[1]); + pstrcpy(configfile,argv[1]); dbf = stdout; DEBUGLEVEL = 2; diff --git a/source3/utils/torture.c b/source3/utils/torture.c index ede801afe9..1abfee0541 100644 --- a/source3/utils/torture.c +++ b/source3/utils/torture.c @@ -134,7 +134,7 @@ static BOOL rw_torture(struct cli_state *c, int numops) if (i % 10 == 0) { printf("%d\r", i); fflush(stdout); } - sprintf(fname,"\\torture.%u", n); + slprintf(fname, sizeof(fstring) - 1, "\\torture.%u", n); if (!wait_lock(c, fnum2, n*sizeof(int), sizeof(int))) { return False; @@ -860,7 +860,7 @@ static void create_procs(int nprocs, int numops) get_myname(myname,NULL); if (*username == 0 && getenv("LOGNAME")) { - strcpy(username,getenv("LOGNAME")); + pstrcpy(username,getenv("LOGNAME")); } argc--; @@ -888,11 +888,11 @@ static void create_procs(int nprocs, int numops) fstrcpy(myname, optarg); break; case 'U': - strcpy(username,optarg); + pstrcpy(username,optarg); p = strchr(username,'%'); if (p) { *p = 0; - strcpy(password, p+1); + pstrcpy(password, p+1); gotpass = 1; } break; @@ -906,7 +906,7 @@ static void create_procs(int nprocs, int numops) while (!gotpass) { p = getpass("Password:"); if (p) { - strcpy(password, p); + pstrcpy(password, p); gotpass = 1; } } diff --git a/source3/web/cgi.c b/source3/web/cgi.c index a1aa4d753d..5958b0a419 100644 --- a/source3/web/cgi.c +++ b/source3/web/cgi.c @@ -296,17 +296,17 @@ char *quotedup(char *s) for (i=0;i<len;i++) { switch (s[i]) { case '<': - strcpy(d, "<"); + safe_strcpy(d, "<", len + n*6 - (d - ret)); d += 4; break; case '>': - strcpy(d, ">"); + safe_strcpy(d, ">", len + n*6 - (d - ret)); d += 4; break; case '&': - strcpy(d, "&"); + safe_strcpy(d, "&", len + n*6 - (d - ret)); d += 5; break; @@ -347,7 +347,7 @@ char *urlquote(char *s) for (i=0;i<len;i++) { if (strchr(qlist,s[i])) { - sprintf(d, "%%%02X", (int)s[i]); + slprintf(d, len + n*2 - (d - ret), "%%%02X", (int)s[i]); d += 3; } else { *d++ = s[i]; @@ -387,7 +387,7 @@ char *quotequotes(char *s) for (i=0;i<len;i++) { switch (s[i]) { case '"': - strcpy(d, """); + safe_strcpy(d, """, len + n*6 - (d - ret)); d += 6; break; diff --git a/source3/web/startstop.c b/source3/web/startstop.c index 7ac66f2180..63e5afead2 100644 --- a/source3/web/startstop.c +++ b/source3/web/startstop.c @@ -37,7 +37,7 @@ void start_smbd(void) return; } - sprintf(binfile,"%s/smbd", SBINDIR); + slprintf(binfile, sizeof(pstring) - 1, "%s/smbd", SBINDIR); become_daemon(); @@ -58,7 +58,7 @@ void start_nmbd(void) return; } - sprintf(binfile,"%s/nmbd", SBINDIR); + slprintf(binfile, sizeof(pstring) - 1, "%s/nmbd", SBINDIR); become_daemon(); diff --git a/source3/web/statuspage.c b/source3/web/statuspage.c index 9bcc99a6af..184f7e1f73 100644 --- a/source3/web/statuspage.c +++ b/source3/web/statuspage.c @@ -121,7 +121,7 @@ void status_page(void) pstrcpy(fname,lp_lockdir()); standard_sub_basic(fname); trim_string(fname,"","/"); - strcat(fname,"/STATUS..LCK"); + pstrcat(fname,"/STATUS..LCK"); f = fopen(fname,"r"); @@ -131,7 +131,7 @@ void status_page(void) if (crec.magic == 0x280267 && crec.cnum == -1 && process_exists(crec.pid)) { char buf[30]; - sprintf(buf,"kill_%d", crec.pid); + slprintf(buf,sizeof(buf)-1,"kill_%d", crec.pid); if (cgi_variable(buf)) { kill_pid(crec.pid); } |