From: Erez Zadok Date: Wed, 5 Oct 2005 01:13:45 +0000 (+0000) Subject: * ALL: convert from using sprintf to the safer xsnprintf. X-Git-Tag: am-utils-6_2a1~29 X-Git-Url: https://git.fsl.cs.stonybrook.edu/?a=commitdiff_plain;h=35ee3fe77ca6c712e5b49e460a27460f6189aa10;p=am-utils-6.1.git * ALL: convert from using sprintf to the safer xsnprintf. * mk-amd-map/Makefile.am (LDADD): link with libamu to get xsnprintf(). * amd/amd.h, amd/amd.c, include/am_utils.h: moved pid_fsname extern from am_utils.h to amd.h, and define its size as a macro that could be passed to xsnprintf(). --- diff --git a/ChangeLog b/ChangeLog index f9ea3cf..2507ff0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,14 @@ +2005-10-04 Erez Zadok + + * ALL: convert from using sprintf to the safer xsnprintf. + + * mk-amd-map/Makefile.am (LDADD): link with libamu to get + xsnprintf(). + + * amd/amd.h, amd/amd.c, include/am_utils.h: moved pid_fsname + extern from am_utils.h to amd.h, and define its size as a macro + that could be passed to xsnprintf(). + 2005-10-02 Erez Zadok * libamu/Makefile.am: use strutil.c, not util.c. diff --git a/NEWS b/NEWS index 27ff14d..efbf647 100644 --- a/NEWS +++ b/NEWS @@ -49,6 +49,7 @@ XXX: Dan, document sun_map_syntax flag in more detail in am-utils.texi and README.attrcache * pawd goes into an infinite loop on type:=auto * consistent search for file system mnttab/mount names + * convert all sprintf to safer xsnprintf Amd now understands a new log_option called "defaults" which is synonymous with "fatal,error,user,warning,info" (and is also what logging happens by diff --git a/amd/amd.c b/amd/amd.c index e87d4d8..b85eecf 100644 --- a/amd/amd.c +++ b/amd/amd.c @@ -53,7 +53,7 @@ struct amu_global_options gopt; /* where global options are stored */ -char pid_fsname[16 + MAXHOSTNAMELEN]; /* "kiska.southseas.nz:(pid%d)" */ +char pid_fsname[SIZEOF_PID_FSNAME]; /* "kiska.southseas.nz:(pid%d)" */ char *hostdomain = "unknown.domain"; char hostd[2 * MAXHOSTNAMELEN + 1]; /* Host+domain */ char *endian = ARCH_ENDIAN; /* Big or Little endian */ diff --git a/amd/amd.h b/amd/amd.h index 8967323..95fafa1 100644 --- a/amd/amd.h +++ b/amd/amd.h @@ -624,12 +624,16 @@ extern int valid_key(char *); extern void wakeup(wchan_t); extern void wakeup_srvr(fserver *); extern void wakeup_task(int, int, wchan_t); +#define SIZEOF_PID_FSNAME (16 + MAXHOSTNAMELEN) +extern char pid_fsname[SIZEOF_PID_FSNAME]; /* "kiska.southseas.nz:(pid%d)" */ /* * Global variables. */ extern SVCXPRT *current_transp; /* For nfs_quick_reply() */ extern char *conf_tag; +#define SIZEOF_UID_STR 12 +#define SIZEOF_GID_STR 12 extern char *opt_gid; extern char *opt_uid; extern int NumChildren; @@ -669,7 +673,7 @@ extern int autofs_umount_succeeded(am_node *mp); extern int autofs_umount_failed(am_node *mp); extern int autofs_mount_fs(am_node *mp, mntfs *mf); extern int autofs_umount_fs(am_node *mp, mntfs *mf); -extern void autofs_get_opts(char *opts, autofs_fh_t *fh); +extern void autofs_get_opts(char *opts, size_t l, autofs_fh_t *fh); extern int autofs_compute_mount_flags(mntent_t *); extern void autofs_timeout_mp(am_node *); extern int create_autofs_service(void); diff --git a/amd/amfs_auto.c b/amd/amfs_auto.c index 1d8365b..edf2067 100644 --- a/amd/amfs_auto.c +++ b/amd/amfs_auto.c @@ -155,7 +155,7 @@ amfs_auto_mount(am_node *mp, mntfs *mf) char opts[256]; int error; - autofs_get_opts(opts, mp->am_autofs_fh); + autofs_get_opts(opts, sizeof(opts), mp->am_autofs_fh); /* now do the mount */ error = amfs_mount(mp, mf, opts); diff --git a/amd/amfs_generic.c b/amd/amfs_generic.c index 84a5131..e463dfd 100644 --- a/amd/amfs_generic.c +++ b/amd/amfs_generic.c @@ -363,7 +363,7 @@ amfs_lookup_mntfs(am_node *new_mp, int *error_return) if (mp->am_pref) { if (strlen(mp->am_pref) + strlen(new_mp->am_name) >= sizeof(path_name)) ereturn(ENAMETOOLONG); - sprintf(path_name, "%s%s", mp->am_pref, new_mp->am_name); + xsnprintf(path_name, sizeof(path_name), "%s%s", mp->am_pref, new_mp->am_name); pfname = path_name; } else { pfname = new_mp->am_name; @@ -1033,8 +1033,9 @@ amfs_parse_defaults(am_node *mp, mntfs *mf, char *def_opts) * otherwise just use these defaults. */ if (*def_opts && *dfl) { - char *nopts = (char *) xmalloc(strlen(def_opts) + strlen(dfl) + 2); - sprintf(nopts, "%s;%s", dfl, def_opts); + size_t l = strlen(def_opts) + strlen(dfl) + 2; + char *nopts = (char *) xmalloc(l); + xsnprintf(nopts, l, "%s;%s", dfl, def_opts); XFREE(def_opts); def_opts = nopts; } else if (*dfl) { diff --git a/amd/amfs_host.c b/amd/amfs_host.c index 75e1f0f..4d36518 100644 --- a/amd/amfs_host.c +++ b/amd/amfs_host.c @@ -97,21 +97,21 @@ am_ops amfs_host_ops = * allows the entire PC disk to be mounted. */ static void -make_mntpt(char *mntpt, const exports ex, const char *mf_mount) +make_mntpt(char *mntpt, size_t l, const exports ex, const char *mf_mount) { if (ex->ex_dir[0] == '/') { if (ex->ex_dir[1] == 0) - strcpy(mntpt, mf_mount); + xstrlcpy(mntpt, mf_mount, l); else - sprintf(mntpt, "%s%s", mf_mount, ex->ex_dir); + xsnprintf(mntpt, l, "%s%s", mf_mount, ex->ex_dir); } else if (ex->ex_dir[0] >= 'a' && ex->ex_dir[0] <= 'z' && ex->ex_dir[1] == ':' && ex->ex_dir[2] == '/' && ex->ex_dir[3] == 0) - sprintf(mntpt, "%s/%c%%", mf_mount, ex->ex_dir[0]); + xsnprintf(mntpt, l, "%s/%c%%", mf_mount, ex->ex_dir[0]); else - sprintf(mntpt, "%s/%s", mf_mount, ex->ex_dir); + xsnprintf(mntpt, l, "%s/%s", mf_mount, ex->ex_dir); } @@ -418,7 +418,7 @@ amfs_host_mount(am_node *am, mntfs *mf) */ ep = (exports *) xmalloc(n_export * sizeof(exports)); for (j = 0, ex = exlist; ex; ex = ex->ex_next) { - make_mntpt(mntpt, ex, mf->mf_mount); + make_mntpt(mntpt, sizeof(mntpt), ex, mf->mf_mount); if (already_mounted(mlist, mntpt)) /* we have at least one mounted f/s, so don't fail the mount */ ok = TRUE; @@ -476,7 +476,7 @@ amfs_host_mount(am_node *am, mntfs *mf) ex = ep[j]; if (ex) { strcpy(rfs_dir, ex->ex_dir); - make_mntpt(mntpt, ex, mf->mf_mount); + make_mntpt(mntpt, sizeof(mntpt), ex, mf->mf_mount); if (do_mount(&fp[j], mntpt, fs_name, mf) == 0) ok = TRUE; } diff --git a/amd/amfs_toplvl.c b/amd/amfs_toplvl.c index acf668e..4cf07d0 100644 --- a/amd/amfs_toplvl.c +++ b/amd/amfs_toplvl.c @@ -87,7 +87,7 @@ am_ops amfs_toplvl_ops = ****************************************************************************/ static void -set_auto_attrcache_timeout(char *preopts, char *opts) +set_auto_attrcache_timeout(char *preopts, size_t l, char *opts) { #ifdef MNTTAB_OPT_NOAC @@ -98,7 +98,7 @@ set_auto_attrcache_timeout(char *preopts, char *opts) * automount points. */ if (gopt.auto_attrcache == 0) { - sprintf(preopts, ",%s", MNTTAB_OPT_NOAC); + xsnprintf(preopts, l, ",%s", MNTTAB_OPT_NOAC); strcat(opts, preopts); } #endif /* MNTTAB_OPT_NOAC */ @@ -110,23 +110,23 @@ set_auto_attrcache_timeout(char *preopts, char *opts) * then we'll have to condition the remainder of this on OPT_NOAC. */ #ifdef MNTTAB_OPT_ACTIMEO - sprintf(preopts, ",%s=%d", MNTTAB_OPT_ACTIMEO, gopt.auto_attrcache); + xsnprintf(preopts, l, ",%s=%d", MNTTAB_OPT_ACTIMEO, gopt.auto_attrcache); strcat(opts, preopts); #else /* MNTTAB_OPT_ACTIMEO */ # ifdef MNTTAB_OPT_ACDIRMIN - sprintf(preopts, ",%s=%d", MNTTAB_OPT_ACTDIRMIN, gopt.auto_attrcache); + xsnprintf(preopts, l, ",%s=%d", MNTTAB_OPT_ACTDIRMIN, gopt.auto_attrcache); strcat(opts, preopts); # endif /* MNTTAB_OPT_ACDIRMIN */ # ifdef MNTTAB_OPT_ACDIRMAX - sprintf(preopts, ",%s=%d", MNTTAB_OPT_ACTDIRMAX, gopt.auto_attrcache); + xsnprintf(preopts, l, ",%s=%d", MNTTAB_OPT_ACTDIRMAX, gopt.auto_attrcache); strcat(opts, preopts); # endif /* MNTTAB_OPT_ACDIRMAX */ # ifdef MNTTAB_OPT_ACREGMIN - sprintf(preopts, ",%s=%d", MNTTAB_OPT_ACTREGMIN, gopt.auto_attrcache); + xsnprintf(preopts, l, ",%s=%d", MNTTAB_OPT_ACTREGMIN, gopt.auto_attrcache); strcat(opts, preopts); # endif /* MNTTAB_OPT_ACREGMIN */ # ifdef MNTTAB_OPT_ACREGMAX - sprintf(preopts, ",%s=%d", MNTTAB_OPT_ACTREGMAX, gopt.auto_attrcache); + xsnprintf(preopts, l, ",%s=%d", MNTTAB_OPT_ACTREGMAX, gopt.auto_attrcache); strcat(opts, preopts); # endif /* MNTTAB_OPT_ACREGMAX */ #endif /* MNTTAB_OPT_ACTIMEO */ @@ -209,26 +209,26 @@ amfs_toplvl_mount(am_node *mp, mntfs *mf) strcat(preopts, ","); #endif /* MNTTAB_OPT_IGNORE */ #ifdef WANT_TIMEO_AND_RETRANS_ON_TOPLVL - sprintf(opts, "%s%s,%s=%d,%s=%d,%s=%d,%s,map=%s", + xsnprintf(opts, sizeof(opts), "%s%s,%s=%d,%s=%d,%s=%d,%s,map=%s", #else /* WANT_TIMEO_AND_RETRANS_ON_TOPLVL */ - sprintf(opts, "%s%s,%s=%d,%s,map=%s", + xsnprintf(opts, sizeof(opts), "%s%s,%s=%d,%s,map=%s", #endif /* WANT_TIMEO_AND_RETRANS_ON_TOPLVL */ - preopts, - MNTTAB_OPT_RW, - MNTTAB_OPT_PORT, nfs_port, + preopts, + MNTTAB_OPT_RW, + MNTTAB_OPT_PORT, nfs_port, #ifdef WANT_TIMEO_AND_RETRANS_ON_TOPLVL - /* note: TIMEO+RETRANS for toplvl are only "udp" currently */ - MNTTAB_OPT_TIMEO, gopt.amfs_auto_timeo[AMU_TYPE_UDP], - MNTTAB_OPT_RETRANS, gopt.amfs_auto_retrans[AMU_TYPE_UDP], + /* note: TIMEO+RETRANS for toplvl are only "udp" currently */ + MNTTAB_OPT_TIMEO, gopt.amfs_auto_timeo[AMU_TYPE_UDP], + MNTTAB_OPT_RETRANS, gopt.amfs_auto_retrans[AMU_TYPE_UDP], #endif /* WANT_TIMEO_AND_RETRANS_ON_TOPLVL */ - mf->mf_ops->fs_type, mf->mf_info); + mf->mf_ops->fs_type, mf->mf_info); #ifdef MNTTAB_OPT_NOAC if (gopt.auto_attrcache == 0) { strcat(opts, ","); strcat(opts, MNTTAB_OPT_NOAC); } else #endif /* MNTTAB_OPT_NOAC */ - set_auto_attrcache_timeout(preopts, opts); + set_auto_attrcache_timeout(preopts, sizeof(preopts), opts); } /* now do the mount */ diff --git a/amd/autil.c b/amd/autil.c index 2435858..988a386 100644 --- a/amd/autil.c +++ b/amd/autil.c @@ -493,8 +493,8 @@ amfs_mount(am_node *mp, mntfs *mf, char *opts) /* * Make a ``hostname'' string for the kernel */ - sprintf(fs_hostname, "pid%ld@%s:%s", - get_server_pid(), am_get_hostname(), dir); + xsnprintf(fs_hostname, sizeof(fs_hostname), "pid%ld@%s:%s", + get_server_pid(), am_get_hostname(), dir); /* * Most kernels have a name length restriction (64 bytes)... */ diff --git a/amd/get_args.c b/amd/get_args.c index ee8b9e7..359cc2c 100644 --- a/amd/get_args.c +++ b/amd/get_args.c @@ -326,7 +326,8 @@ get_args(int argc, char *argv[]) fp = fopen(amu_conf_file, "r"); if (!fp) { char buf[128]; - sprintf(buf, "Amd configuration file (%s)", amu_conf_file); + xsnprintf(buf, sizeof(buf), "Amd configuration file (%s)", + amu_conf_file); perror(buf); exit(1); } diff --git a/amd/info_hesiod.c b/amd/info_hesiod.c index 50c470d..fd60b80 100644 --- a/amd/info_hesiod.c +++ b/amd/info_hesiod.c @@ -106,7 +106,7 @@ hesiod_search(mnt_map *m, char *map, char *key, char **pval, time_t *tp) if (key[0] == '.') return ENOENT; - sprintf(hes_key, "%s.%s", key, map + HES_PREFLEN); + xsnprintf(hes_key, sizeof(hes_key), "%s.%s", key, map + HES_PREFLEN); /* * Call the resolver diff --git a/amd/info_ldap.c b/amd/info_ldap.c index 50e638c..61b3203 100644 --- a/amd/info_ldap.c +++ b/amd/info_ldap.c @@ -351,7 +351,7 @@ get_ldap_timestamp(ALD *a, char *map, time_t *ts) tv.tv_sec = 3; tv.tv_usec = 0; - sprintf(filter, AMD_LDAP_TSFILTER, map); + xsnprintf(filter, sizeof(filter), AMD_LDAP_TSFILTER, map); dlog("Getting timestamp for map %s\n", map); dlog("Filter is: %s\n", filter); dlog("Base is: %s\n", gopt.ldap_base); @@ -456,7 +456,7 @@ amu_ldap_search(mnt_map *m, char *map, char *key, char **pval, time_t *ts) if (amu_ldap_rebind(a)) /* Check that's the handle is still valid */ return (ENOENT); - sprintf(filter, AMD_LDAP_FILTER, map, key); + xsnprintf(filter, sizeof(filter), AMD_LDAP_FILTER, map, key); /* "*" is special to ldap_search(); run through the filter escaping it. */ f1 = filter; f2 = filter2; while (*f1) { diff --git a/amd/info_nisplus.c b/amd/info_nisplus.c index 4241f9a..e44d70b 100644 --- a/amd/info_nisplus.c +++ b/amd/info_nisplus.c @@ -93,6 +93,7 @@ nisplus_reload(mnt_map *m, char *map, void (*fn) ()) nis_result *result; char *org; /* if map does not have ".org_dir" then append it */ nis_name map_name; + size_t l; org = strstr(map, NISPLUS_ORGDIR); if (org == NULL) @@ -101,13 +102,14 @@ nisplus_reload(mnt_map *m, char *map, void (*fn) ()) org = ""; /* make some room for the NIS map_name */ - map_name = xmalloc(strlen(map) + sizeof(NISPLUS_ORGDIR)); + l = strlen(map) + sizeof(NISPLUS_ORGDIR); + map_name = xmalloc(l); if (map_name == NULL) { plog(XLOG_ERROR, "Unable to create map_name %s: %s", map, strerror(ENOMEM)); return ENOMEM; } - sprintf(map_name, "%s%s", map, org); + xsnprintf(map_name, l, "%s%s", map, org); data.ncd_m = m; data.ncd_map = map_name; @@ -160,6 +162,7 @@ nisplus_search(mnt_map *m, char *map, char *key, char **val, time_t *tp) struct nisplus_search_callback_data data; nis_name index; char *org; /* if map does not have ".org_dir" then append it */ + size_t l; org = strstr(map, NISPLUS_ORGDIR); if (org == NULL) @@ -168,14 +171,14 @@ nisplus_search(mnt_map *m, char *map, char *key, char **val, time_t *tp) org = ""; /* make some room for the NIS index */ - index = xmalloc(sizeof('[') /* for opening selection criteria */ - +sizeof(NISPLUS_KEY) - + strlen(key) - + sizeof(']') /* for closing selection criteria */ - +sizeof(',') /* + 1 for , separator */ - +strlen(map) - + sizeof(NISPLUS_ORGDIR) - ); + l = sizeof('[') /* for opening selection criteria */ + + sizeof(NISPLUS_KEY) + + strlen(key) + + sizeof(']') /* for closing selection criteria */ + + sizeof(',') /* + 1 for , separator */ + + strlen(map) + + sizeof(NISPLUS_ORGDIR); + index = xmalloc(l); if (index == NULL) { plog(XLOG_ERROR, "Unable to create index %s: %s", @@ -183,7 +186,7 @@ nisplus_search(mnt_map *m, char *map, char *key, char **val, time_t *tp) strerror(ENOMEM)); return ENOMEM; } - sprintf(index, "[%s%s],%s%s", NISPLUS_KEY, key, map, org); + xsnprintf(index, l, "[%s%s],%s%s", NISPLUS_KEY, key, map, org); data.key = key; data.value = NULL; @@ -260,6 +263,7 @@ nisplus_init(mnt_map *m, char *map, time_t *tp) char *org; /* if map does not have ".org_dir" then append it */ nis_name map_name; int error = 0; + size_t l; org = strstr(map, NISPLUS_ORGDIR); if (org == NULL) @@ -268,7 +272,8 @@ nisplus_init(mnt_map *m, char *map, time_t *tp) org = ""; /* make some room for the NIS map_name */ - map_name = xmalloc(strlen(map) + sizeof(NISPLUS_ORGDIR)); + l = strlen(map) + sizeof(NISPLUS_ORGDIR); + map_name = xmalloc(l); if (map_name == NULL) { plog(XLOG_ERROR, "Unable to create map_name %s: %s", @@ -276,7 +281,7 @@ nisplus_init(mnt_map *m, char *map, time_t *tp) strerror(ENOMEM)); return ENOMEM; } - sprintf(map_name, "%s%s", map, org); + xsnprintf(map_name, l, "%s%s", map, org); result = nis_lookup(map_name, (EXPAND_NAME | FOLLOW_LINKS | FOLLOW_PATH)); diff --git a/amd/info_passwd.c b/amd/info_passwd.c index 8add8aa..6ba14b9 100644 --- a/amd/info_passwd.c +++ b/amd/info_passwd.c @@ -175,8 +175,8 @@ passwd_search(mnt_map *m, char *map, char *key, char **pval, time_t *tp) p++; else p = "type:=nfs;rfs:=/${var0}/${var1};rhost:=${var1};sublink:=${var2};fs:=${autodir}${var3}"; - sprintf(val, "var0:=%s;var1:=%s;var2:=%s;var3:=%s;%s", - dir+1, rhost, user, pw->pw_dir, p); + xsnprintf(val, sizeof(val), "var0:=%s;var1:=%s;var2:=%s;var3:=%s;%s", + dir+1, rhost, user, pw->pw_dir, p); dlog("passwd_search: map=%s key=%s -> %s", map, key, val); if (q) *q = '.'; diff --git a/amd/info_union.c b/amd/info_union.c index 82c524f..3f9e56b 100644 --- a/amd/info_union.c +++ b/amd/info_union.c @@ -80,10 +80,12 @@ union_search(mnt_map *m, char *map, char *key, char **pval, time_t *tp) char *mapd = strdup(map + UNION_PREFLEN); char **v = strsplit(mapd, ':', '\"'); char **p; + size_t l; for (p = v; p[1]; p++) ; - *pval = xmalloc(strlen(*p) + 5); - sprintf(*pval, "fs:=%s", *p); + l = strlen(*p) + 5; + *pval = xmalloc(l); + xsnprintf(*pval, l, "fs:=%s", *p); XFREE(mapd); XFREE(v); return 0; @@ -103,7 +105,7 @@ union_reload(mnt_map *m, char *map, void (*fn) (mnt_map *, char *, char *)) (*fn) (m, strdup("/defaults"), strdup("type:=link;opts:=nounmount;sublink:=${key}")); for (dir = v; *dir; dir++) { - int dlen; + size_t l; struct dirent *dp; DIR *dirp = opendir(*dir); @@ -111,7 +113,7 @@ union_reload(mnt_map *m, char *map, void (*fn) (mnt_map *, char *, char *)) plog(XLOG_USER, "Cannot read directory %s: %m", *dir); continue; } - dlen = strlen(*dir); + l = strlen(*dir) + 5; dlog("Reading directory %s...", *dir); while ((dp = readdir(dirp))) { @@ -122,8 +124,8 @@ union_reload(mnt_map *m, char *map, void (*fn) (mnt_map *, char *, char *)) continue; dlog("... gives %s", dp->d_name); - val = xmalloc(dlen + 5); - sprintf(val, "fs:=%s", *dir); + val = xmalloc(l); + xsnprintf(val, l + 5, "fs:=%s", *dir); (*fn) (m, strdup(dp->d_name), val); } closedir(dirp); @@ -133,10 +135,10 @@ union_reload(mnt_map *m, char *map, void (*fn) (mnt_map *, char *, char *)) * Add wildcard entry */ { - size_t len = strlen(*(dir-1)) + 5; - char *val = xmalloc(len); + size_t l = strlen(*(dir-1)) + 5; + char *val = xmalloc(l); - xsnprintf(val, len, "fs:=%s", *(dir-1)); + xsnprintf(val, l, "fs:=%s", *(dir-1)); (*fn) (m, strdup("*"), val); } XFREE(mapd); diff --git a/amd/mapc.c b/amd/mapc.c index 9dec3fe..2401af9 100644 --- a/amd/mapc.c +++ b/amd/mapc.c @@ -474,7 +474,7 @@ mapc_add_kv(mnt_map *m, char *key, char *val) /* * Make sure the string is bound to the start and end */ - sprintf(pattern, "^%s$", key); + xsnprintf(pattern, sizeof(pattern), "^%s$", key); retval = regcomp(&re, pattern, REG_ICASE); if (retval != 0) { char errstr[256]; @@ -1091,9 +1091,10 @@ root_newmap(const char *dir, const char *opts, const char *map, const cf_map_t * if (cfm) { if (map) { - sprintf(str, "cache:=mapdefault;type:=toplvl;mount_type:=%s;fs:=\"%s\"", - cfm->cfm_flags & CFM_MOUNT_TYPE_AUTOFS ? "autofs" : "nfs", - get_full_path(map, cfm->cfm_search_path, cfm->cfm_type)); + xsnprintf(str, sizeof(str), + "cache:=mapdefault;type:=toplvl;mount_type:=%s;fs:=\"%s\"", + cfm->cfm_flags & CFM_MOUNT_TYPE_AUTOFS ? "autofs" : "nfs", + get_full_path(map, cfm->cfm_search_path, cfm->cfm_type)); if (opts && opts[0] != '\0') { strcat(str, ";"); strcat(str, opts); @@ -1111,8 +1112,9 @@ root_newmap(const char *dir, const char *opts, const char *map, const cf_map_t * } } else { if (map) - sprintf(str, "cache:=mapdefault;type:=toplvl;fs:=\"%s\";%s", - map, opts ? opts : ""); + xsnprintf(str, sizeof(str), + "cache:=mapdefault;type:=toplvl;fs:=\"%s\";%s", + map, opts ? opts : ""); else strcpy(str, opts); } diff --git a/amd/nfs_prot_svc.c b/amd/nfs_prot_svc.c index 6895a96..c6d93a9 100644 --- a/amd/nfs_prot_svc.c +++ b/amd/nfs_prot_svc.c @@ -127,7 +127,7 @@ nfs_program_2(struct svc_req *rqstp, SVCXPRT *transp) ntohs(sinp->sin_port) >= IPPORT_RESERVED && !(gopt.flags & CFM_NFS_INSECURE_PORT)) { plog(XLOG_WARNING, "ignoring request from %s:%u, port not reserved", - inet_dquad(dq, sinp->sin_addr.s_addr), + inet_dquad(dq, sizeof(dq), sinp->sin_addr.s_addr), ntohs(sinp->sin_port)); return; } @@ -135,9 +135,9 @@ nfs_program_2(struct svc_req *rqstp, SVCXPRT *transp) /* if the address does not match, ignore the request */ if (sinp && sinp->sin_addr.s_addr != myipaddr.s_addr) { plog(XLOG_WARNING, "ignoring request from %s:%u, expected %s", - inet_dquad(dq, sinp->sin_addr.s_addr), + inet_dquad(dq, sizeof(dq), sinp->sin_addr.s_addr), ntohs(sinp->sin_port), - inet_dquad(dq2, myipaddr.s_addr)); + inet_dquad(dq2, sizeof(dq2), myipaddr.s_addr)); return; } #endif /* not HAVE_TRANPORT_TYPE_TLI */ diff --git a/amd/nfs_start.c b/amd/nfs_start.c index 617f9a3..00ab825 100644 --- a/amd/nfs_start.c +++ b/amd/nfs_start.c @@ -368,7 +368,8 @@ mount_automounter(int ppid) if (ret != 0) return ret; } - sprintf(pid_fsname, "%s:(pid%ld,port%u)", am_get_hostname(), (long) am_mypid, nfs_port); + xsnprintf(pid_fsname, SIZEOF_PID_FSNAME, "%s:(pid%ld,port%u)", + am_get_hostname(), (long) am_mypid, nfs_port); /* security: if user sets -D noamq, don't even create listening socket */ if (amuDebug(D_AMQ)) { diff --git a/amd/nfs_subr.c b/amd/nfs_subr.c index 336054c..8cb8031 100644 --- a/amd/nfs_subr.c +++ b/amd/nfs_subr.c @@ -205,8 +205,8 @@ nfsproc_lookup_2_svc(nfsdiropargs *argp, struct svc_req *rqstp) /* finally, find the effective uid/gid from RPC request */ if (getcreds(rqstp, &uid, &gid, nfsxprt) < 0) plog(XLOG_ERROR, "cannot get uid/gid from RPC credentials"); - sprintf(opt_uid, "%d", (int) uid); - sprintf(opt_gid, "%d", (int) gid); + xsnprintf(opt_uid, SIZEOF_UID_STR, "%d", (int) uid); + xsnprintf(opt_gid, SIZEOF_GID_STR, "%d", (int) gid); mp = fh_to_mp3(&argp->da_fhandle, &retry, VLOOK_CREATE); if (mp == NULL) { diff --git a/amd/ops_cachefs.c b/amd/ops_cachefs.c index ba255f6..7a779b2 100644 --- a/amd/ops_cachefs.c +++ b/amd/ops_cachefs.c @@ -175,8 +175,13 @@ mount_cachefs(char *mntdir, char *backdir, char *cachedir, /* CFS fscdir name */ memset(ca.cfs_cacheid, 0, sizeof(ca.cfs_cacheid)); - /* append cacheid and mountpoint */ - sprintf(ca.cfs_cacheid, "%s:%s", ca.cfs_fsid, mntdir); + /* + * Append cacheid and mountpoint. + * sizeof(cfs_cacheid) should be C_MAX_MOUNT_FSCDIRNAME as per + * (checked on Solaris 8). + */ + xsnprintf(ca.cfs_cacheid, sizeof(ca.cfs_cacheid), + "%s:%s", ca.cfs_fsid, mntdir); /* convert '/' to '_' (Solaris does that...) */ cp = ca.cfs_cacheid; while ((cp = strpbrk(cp, "/")) != NULL) @@ -247,7 +252,7 @@ cachefs_umount(am_node *am, mntfs *mf) cachedir = (char *) mf->mf_private; plog(XLOG_INFO, "running fsck on cache directory \"%s\"", cachedir); - sprintf(cmd, "fsck -F cachefs %s", cachedir); + xsnprintf(cmd, sizeof(cmd), "fsck -F cachefs %s", cachedir); system(cmd); } diff --git a/amd/ops_nfs.c b/amd/ops_nfs.c index dd85fef..9d6fefe 100644 --- a/amd/ops_nfs.c +++ b/amd/ops_nfs.c @@ -686,6 +686,7 @@ static char * nfs_match(am_opts *fo) { char *xmtab; + size_t l; if (fo->opt_fs && !fo->opt_rfs) fo->opt_rfs = fo->opt_fs; @@ -701,8 +702,9 @@ nfs_match(am_opts *fo) /* * Determine magic cookie to put in mtab */ - xmtab = (char *) xmalloc(strlen(fo->opt_rhost) + strlen(fo->opt_rfs) + 2); - sprintf(xmtab, "%s:%s", fo->opt_rhost, fo->opt_rfs); + l = strlen(fo->opt_rhost) + strlen(fo->opt_rfs) + 2; + xmtab = (char *) xmalloc(l); + xsnprintf(xmtab, l, "%s:%s", fo->opt_rhost, fo->opt_rfs); dlog("NFS: mounting remote server \"%s\", remote fs \"%s\" on \"%s\"", fo->opt_rhost, fo->opt_rfs, fo->opt_fs); @@ -799,11 +801,11 @@ mount_nfs_fh(am_nfs_handle_t *fhp, char *mntdir, char *fs_name, mntfs *mf) proto = AMU_TYPE_TCP; if (proto != AMU_TYPE_NONE) { if (gopt.amfs_auto_timeo[proto] > 0) - sprintf(transp_timeo_opts, "%s=%d,", - MNTTAB_OPT_TIMEO, gopt.amfs_auto_timeo[proto]); + xsnprintf(transp_timeo_opts, sizeof(transp_timeo_opts), "%s=%d,", + MNTTAB_OPT_TIMEO, gopt.amfs_auto_timeo[proto]); if (gopt.amfs_auto_retrans[proto] > 0) - sprintf(transp_retrans_opts, "%s=%d,", - MNTTAB_OPT_RETRANS, gopt.amfs_auto_retrans[proto]); + xsnprintf(transp_retrans_opts, sizeof(transp_retrans_opts), "%s=%d,", + MNTTAB_OPT_RETRANS, gopt.amfs_auto_retrans[proto]); } if (mf->mf_remopts && *mf->mf_remopts && diff --git a/amd/opts.c b/amd/opts.c index 45a587f..3698ff6 100644 --- a/amd/opts.c +++ b/amd/opts.c @@ -113,7 +113,7 @@ static char *opt_key = nullstr; static char *opt_keyd = nullstr; static char *opt_map = nullstr; static char *opt_path = nullstr; -static char uid_str[12], gid_str[12]; +static char uid_str[SIZEOF_UID_STR], gid_str[SIZEOF_GID_STR]; char *opt_uid = uid_str; char *opt_gid = gid_str; static char *vars[8]; @@ -1155,12 +1155,12 @@ expand_op(char *opt, int sel_p) /* * Copy the string across unexpanded */ - sprintf(xbuf, "${%s%s%s}", - todo == E_File ? "/" : - todo == E_Domain ? "." : "", - nbuf, - todo == E_Dir ? "/" : - todo == E_Host ? "." : ""); + xsnprintf(xbuf, sizeof(xbuf), "${%s%s%s}", + todo == E_File ? "/" : + todo == E_Domain ? "." : "", + nbuf, + todo == E_Dir ? "/" : + todo == E_Host ? "." : ""); val = xbuf; /* * Make sure expansion doesn't diff --git a/amd/rpc_fwd.c b/amd/rpc_fwd.c index 35af422..71ced6a 100644 --- a/amd/rpc_fwd.c +++ b/amd/rpc_fwd.c @@ -304,7 +304,7 @@ fwd_packet(int type_id, char *pkt, int len, struct sockaddr_in *fwdto, struct so if (p && fwdto) dlog("Sending packet id %#x to %s:%d", p->rf_xid, - inet_dquad(dq, fwdto->sin_addr.s_addr), + inet_dquad(dq, sizeof(dq), fwdto->sin_addr.s_addr), ntohs(fwdto->sin_port)); } #endif /* DEBUG */ diff --git a/amq/pawd.c b/amq/pawd.c index ac6765e..7d70e2b 100644 --- a/amq/pawd.c +++ b/amq/pawd.c @@ -157,7 +157,8 @@ hack_name(char *dir) fprintf(stderr, "partition %s, username %s\n", partition, username); #endif /* DEBUG */ - sprintf(hesiod_lookup, "%s.homes-remote", username); + xsnprintf(hesiod_lookup, sizeof(hesiod_lookup), + "%s.homes-remote", username); hes = hes_resolve(hesiod_lookup, "amd"); if (!hes) return NULL; diff --git a/conf/autofs/autofs_linux.c b/conf/autofs/autofs_linux.c index 22bf421..e5ced35 100644 --- a/conf/autofs/autofs_linux.c +++ b/conf/autofs/autofs_linux.c @@ -780,10 +780,10 @@ autofs_mount_failed(am_node *mp) void -autofs_get_opts(char *opts, autofs_fh_t *fh) +autofs_get_opts(char *opts, size_t l, autofs_fh_t *fh) { - sprintf(opts, "fd=%d,minproto=%d,maxproto=%d", - fh->kernelfd, AUTOFS_MIN_VERSION, AUTOFS_MAX_VERSION); + xsnprintf(opts, l, "fd=%d,minproto=%d,maxproto=%d", + fh->kernelfd, AUTOFS_MIN_VERSION, AUTOFS_MAX_VERSION); } diff --git a/conf/autofs/autofs_solaris_v1.c b/conf/autofs/autofs_solaris_v1.c index c72d029..233782d 100644 --- a/conf/autofs/autofs_solaris_v1.c +++ b/conf/autofs/autofs_solaris_v1.c @@ -195,8 +195,8 @@ autofs_mount_1_req(struct mntrequest *m, m->name, m->map, m->opts, m->path); /* find the effective uid/gid from RPC request */ - sprintf(opt_uid, "%d", (int) cred->aup_uid); - sprintf(opt_gid, "%d", (int) cred->aup_gid); + xsnprintf(opt_uid, SIZEOF_UID_STR, "%d", (int) cred->aup_uid); + xsnprintf(opt_gid, SIZEOF_GID_STR, "%d", (int) cred->aup_gid); mp = find_ap(m->path); if (!mp) { @@ -698,10 +698,10 @@ autofs_mount_failed(am_node *mp) void -autofs_get_opts(char *opts, autofs_fh_t *fh) +autofs_get_opts(char *opts, size_t l, autofs_fh_t *fh) { - sprintf(opts, "%sdirect", - fh->direct ? "" : "in"); + xsnprintf(opts, l, "%sdirect", + fh->direct ? "" : "in"); } diff --git a/conf/autofs/autofs_solaris_v2_v3.c b/conf/autofs/autofs_solaris_v2_v3.c index c5a47fe..421fd0f 100644 --- a/conf/autofs/autofs_solaris_v2_v3.c +++ b/conf/autofs/autofs_solaris_v2_v3.c @@ -488,8 +488,8 @@ autofs_lookup_2_req(autofs_lookupargs *m, m->path, m->isdirect); /* find the effective uid/gid from RPC request */ - sprintf(opt_uid, "%d", (int) cred->aup_uid); - sprintf(opt_gid, "%d", (int) cred->aup_gid); + xsnprintf(opt_uid, SIZEOF_UID_STR, "%d", (int) cred->aup_uid); + xsnprintf(opt_gid, SIZEOF_GID_STR, "%d", (int) cred->aup_gid); mp = find_ap(m->path); if (!mp) { @@ -556,8 +556,8 @@ autofs_mount_2_req(autofs_lookupargs *m, m->path, m->isdirect); /* find the effective uid/gid from RPC request */ - sprintf(opt_uid, "%d", (int) cred->aup_uid); - sprintf(opt_gid, "%d", (int) cred->aup_gid); + xsnprintf(opt_uid, SIZEOF_UID_STR, "%d", (int) cred->aup_uid); + xsnprintf(opt_gid, SIZEOF_GID_STR, "%d", (int) cred->aup_gid); mp = find_ap(m->path); if (!mp) { @@ -1254,10 +1254,10 @@ autofs_mount_failed(am_node *mp) void -autofs_get_opts(char *opts, autofs_fh_t *fh) +autofs_get_opts(char *opts, size_t l, autofs_fh_t *fh) { - sprintf(opts, "%sdirect", - fh->direct ? "" : "in"); + xsnprintf(opts, l, "%sdirect", + fh->direct ? "" : "in"); } diff --git a/conf/mount/mount_linux.c b/conf/mount/mount_linux.c index 5d9cdef..156d98e 100644 --- a/conf/mount/mount_linux.c +++ b/conf/mount/mount_linux.c @@ -411,17 +411,19 @@ mount_linux_nonfs(MTYPE_TYPE type, mntent_t *mnt, int flags, caddr_t data) tmp_opts = parse_opts(type, mnt->mnt_opts, &flags, &extra_opts, &noauto); -#if defined(MOUNT_TYPE_LOFS) +#ifdef MOUNT_TYPE_LOFS if (STREQ(type, MOUNT_TYPE_LOFS)) { -# if defined(MNT2_GEN_OPT_BIND) - /* use bind mounts for lofs */ - flags |= MNT2_GEN_OPT_BIND; -# else /* not MNT2_GEN_OPT_BIND */ +# ifndef MNT2_GEN_OPT_BIND + size_t l; /* this is basically a hack to support fist lofs */ XFREE(extra_opts); - extra_opts = (char *) xmalloc(strlen(mnt->mnt_fsname) + sizeof("dir=") + 1); - sprintf(extra_opts, "dir=%s", mnt->mnt_fsname); -# endif /* not MNT2_GEN_OPT_BIND */ + l = strlen(mnt->mnt_fsname) + sizeof("dir=") + 1; + extra_opts = (char *) xmalloc(l); + xsnprintf(extra_opts, l, sizeof(extra_opts), "dir=%s", mnt->mnt_fsname); +# else /* MNT2_GEN_OPT_BIND */ + /* use bind mounts for lofs */ + flags |= MNT2_GEN_OPT_BIND; +# endif /* MNT2_GEN_OPT_BIND */ errorcode = do_mount_linux(type, mnt, flags, extra_opts); } else /* end of "if type is LOFS" */ #endif /* MOUNT_TYPE_LOFS */ @@ -438,16 +440,16 @@ mount_linux_nonfs(MTYPE_TYPE type, mntent_t *mnt, int flags, caddr_t data) S_ISREG(buf.st_mode)) { if ((loopdev = setup_loop_device(mnt->mnt_fsname)) != NULL) { char *str; - int len; + size_t l; plog(XLOG_INFO, "setup loop device %s over %s OK", loopdev, mnt->mnt_fsname); old_fsname = mnt->mnt_fsname; mnt->mnt_fsname = loopdev; /* XXX: hack, append loop=/dev/loopX to mnttab opts */ - len = strlen(mnt->mnt_opts) + 7 + strlen(loopdev); - str = (char *) xmalloc(len); + l = strlen(mnt->mnt_opts) + 7 + strlen(loopdev); + str = (char *) xmalloc(l); if (str) { - sprintf(str, "%s,loop=%s", mnt->mnt_opts, loopdev); + xsnprintf(str, l, "%s,loop=%s", mnt->mnt_opts, loopdev); XFREE(mnt->mnt_opts); mnt->mnt_opts = str; } @@ -755,7 +757,7 @@ find_unused_loop_device(void) #define LOOP_FMT_SIZE(a) (sizeof(a)/sizeof(a[0])) for (j = 0; j < (int) LOOP_FMT_SIZE(loop_formats); j++) { for (i = 0; i < 256; i++) { - sprintf(dev, loop_formats[j], i); + xsnprintf(dev, sizeof(dev), loop_formats[j], i); if (stat(dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) { somedev++; fd = open(dev, O_RDONLY); diff --git a/conf/mtab/mtab_linux.c b/conf/mtab/mtab_linux.c index 704b6b5..c32c985 100644 --- a/conf/mtab/mtab_linux.c +++ b/conf/mtab/mtab_linux.c @@ -159,6 +159,7 @@ lock_mtab(void) { int tries = 100000, i; char *linktargetfile; + size_t l; /* * Redhat's original code set a signal handler called "handler()" for all @@ -175,8 +176,9 @@ lock_mtab(void) /* somewhat clumsy, but some ancient systems do not have snprintf() */ /* use 20 as upper bound for the length of %d output */ - linktargetfile = xmalloc(strlen(MOUNTLOCK_LINKTARGET) + 20); - sprintf(linktargetfile, MOUNTLOCK_LINKTARGET, getpid()); + l = strlen(MOUNTLOCK_LINKTARGET) + 20; + linktargetfile = xmalloc(l); + xsnprintf(linktargetfile, l, MOUNTLOCK_LINKTARGET, getpid()); i = open(linktargetfile, O_WRONLY|O_CREAT, 0); if (i < 0) { diff --git a/conf/mtab/mtab_svr4.c b/conf/mtab/mtab_svr4.c index 69a729a..7c7a4b0 100644 --- a/conf/mtab/mtab_svr4.c +++ b/conf/mtab/mtab_svr4.c @@ -181,7 +181,7 @@ update_mnttab_fields(const mntent_t *mnt) if (gettimeofday(&tv, NULL) < 0) timestr[0] = '\0'; else - sprintf(timestr, "%ld", tv.tv_sec); + xsnprintf(timestr, sizeof(timestr), "%ld", tv.tv_sec); mt.mnt_time = timestr; diff --git a/conf/transp/transp_sockets.c b/conf/transp/transp_sockets.c index 27ba8e3..ac55ade 100644 --- a/conf/transp/transp_sockets.c +++ b/conf/transp/transp_sockets.c @@ -110,7 +110,7 @@ amu_get_myaddress(struct in_addr *iap, const char *preferred_localhost) } memmove((voidp) &iap->s_addr, (voidp) hp->h_addr_list[0], sizeof(iap->s_addr)); plog(XLOG_INFO, "localhost_address \"%s\" requested, using %s", - preferred_localhost, inet_dquad(dq, iap->s_addr)); + preferred_localhost, inet_dquad(dq, sizeof(dq), iap->s_addr)); return; out: diff --git a/conf/transp/transp_tli.c b/conf/transp/transp_tli.c index a2b5ea0..68c4700 100644 --- a/conf/transp/transp_tli.c +++ b/conf/transp/transp_tli.c @@ -87,7 +87,7 @@ amu_get_myaddress(struct in_addr *iap, const char *preferred_localhost) char dq[20]; if (preferred_localhost) plog(XLOG_INFO, "localhost_address \"%s\" requested, using %s", - preferred_localhost, inet_dquad(dq, iap->s_addr)); + preferred_localhost, inet_dquad(dq, sizeof(dq), iap->s_addr)); iap->s_addr = sinp->sin_addr.s_addr; /* XXX: used to be htonl() */ } diff --git a/fsinfo/fsi_analyze.c b/fsinfo/fsi_analyze.c index 7c99d99..b4c6724 100644 --- a/fsinfo/fsi_analyze.c +++ b/fsinfo/fsi_analyze.c @@ -220,7 +220,7 @@ analyze_dkmount_tree(qelem *q, fsi_mount *parent, disk_fs *dk) fsi_log("Mount %s:", mp->m_name); if (parent) { char n[MAXPATHLEN]; - sprintf(n, "%s/%s", parent->m_name, mp->m_name); + xsnprintf(n, sizeof(n), "%s/%s", parent->m_name, mp->m_name); if (*mp->m_name == '/') lerror(mp->m_ioloc, "sub-directory %s of %s starts with '/'", mp->m_name, parent->m_name); else if (STREQ(mp->m_name, "default")) @@ -283,7 +283,7 @@ analyze_dkmounts(disk_fs *dk, qelem *q) if (STREQ(mp2->m_name, "default")) { if (ISSET(mp2->m_mask, DM_VOLNAME)) { char nbuf[1024]; - compute_automount_point(nbuf, dk->d_host, mp2->m_volname); + compute_automount_point(nbuf, sizeof(nbuf), dk->d_host, mp2->m_volname); XFREE(mp2->m_name); mp2->m_name = strdup(nbuf); fsi_log("%s:%s has default mount on %s", dk->d_host->h_hostname, dk->d_dev, mp2->m_name); @@ -630,7 +630,7 @@ analyze_automount_tree(qelem *q, char *pref, int lvl) if (lvl > 0 || ap->a_mount) if (ap->a_name[1] && strchr(ap->a_name + 1, '/')) lerror(ap->a_ioloc, "not allowed '/' in a directory name"); - sprintf(nname, "%s/%s", pref, ap->a_name); + xsnprintf(nname, sizeof(nname), "%s/%s", pref, ap->a_name); XFREE(ap->a_name); ap->a_name = strdup(nname[1] == '/' ? nname + 1 : nname); fsi_log("automount point %s:", ap->a_name); diff --git a/fsinfo/fsi_util.c b/fsinfo/fsi_util.c index b701e38..3167a39 100644 --- a/fsinfo/fsi_util.c +++ b/fsinfo/fsi_util.c @@ -76,7 +76,7 @@ show_total(void) if (total_mmm < 0) fputc('*', stdout); - sprintf(n, "%d", total_shown); + xsnprintf(n, sizeof(n), "%d", total_shown); len = strlen(n); if (col_output(len)) fputc(' ', stdout); @@ -275,7 +275,7 @@ pref_open(char *pref, char *hn, void (*hdr) (FILE *, char *), char *arg) char p[MAXPATHLEN]; FILE *ef; - sprintf(p, "%s%s", pref, hn); + xsnprintf(p, sizeof(p), "%s%s", pref, hn); fsi_log("Writing %s info for %s to %s", pref, hn, p); ef = fopen(p, "w"); if (ef) { @@ -300,9 +300,9 @@ pref_close(FILE *fp) * Determine where Amd would automount the host/volname pair */ void -compute_automount_point(char *buf, host *hp, char *vn) +compute_automount_point(char *buf, size_t l, host *hp, char *vn) { - sprintf(buf, "%s/%s%s", autodir, hp->h_lochost, vn); + xsnprintf(buf, l, "%s/%s%s", autodir, hp->h_lochost, vn); } diff --git a/fsinfo/fsinfo.c b/fsinfo/fsinfo.c index dcebd5d..054779e 100644 --- a/fsinfo/fsinfo.c +++ b/fsinfo/fsinfo.c @@ -156,7 +156,8 @@ fsi_get_args(int c, char *v[]) case 'I': case 'D': case 'U': - sprintf(iptr, "-%c%s ", ch, optarg); + /* sizeof(iptr) is actually that of idvbuf. See declaration above */ + xsnprintf(iptr, sizeof(idvbuf), "-%c%s ", ch, optarg); iptr += strlen(iptr); break; diff --git a/fsinfo/fsinfo.h b/fsinfo/fsinfo.h index a3a7fb7..40c42b7 100644 --- a/fsinfo/fsinfo.h +++ b/fsinfo/fsinfo.h @@ -80,7 +80,7 @@ extern fsi_mount *new_mount(void); extern qelem *new_que(void); extern void analyze_automounts(qelem *); extern void analyze_hosts(qelem *); -extern void compute_automount_point(char *, host *, char *); +extern void compute_automount_point(char *, size_t, host *, char *); extern void dict_add(dict *, char *, char *); extern void error(char *fmt, ...) __attribute__((__format__(__printf__, 1, 2))); diff --git a/fsinfo/wr_atab.c b/fsinfo/wr_atab.c index 3440aac..5f6ecf5 100644 --- a/fsinfo/wr_atab.c +++ b/fsinfo/wr_atab.c @@ -134,7 +134,8 @@ write_amount_info(FILE *af, automount *ap, u_int sk) */ if (mp->m_dk->d_host->h_lochost) { char amountpt[1024]; - compute_automount_point(amountpt, mp->m_dk->d_host, mp->m_exported->m_volname); + compute_automount_point(amountpt, sizeof(amountpt), + mp->m_dk->d_host, mp->m_exported->m_volname); if (!STREQ(mp->m_dk->d_mountpt, amountpt)) { /* * ap->a_volname is the name of the aliased volume diff --git a/hlfsd/hlfsd.c b/hlfsd/hlfsd.c index 567b09a..0138dc2 100644 --- a/hlfsd/hlfsd.c +++ b/hlfsd/hlfsd.c @@ -459,7 +459,8 @@ main(int argc, char *argv[]) /* * setup options to mount table (/etc/{mtab,mnttab}) entry */ - sprintf(hostpid_fs, "%s:(pid%d)", hostname, masterpid); + xsnprintf(hostpid_fs, sizeof(hostpid_fs), + "%s:(pid%d)", hostname, masterpid); memset((char *) &mnt, 0, sizeof(mnt)); mnt.mnt_dir = dir_name; /* i.e., "/mail" */ mnt.mnt_fsname = hostpid_fs; @@ -512,7 +513,8 @@ main(int argc, char *argv[]) * Update hostname field. * Make some name prog:pid (i.e., hlfsd:174) for hostname */ - sprintf(progpid_fs, "%s:%d", am_get_progname(), masterpid); + xsnprintf(progpid_fs, sizeof(progpid_fs), + "%s:%d", am_get_progname(), masterpid); /* Most kernels have a name length restriction. */ if ((int) strlen(progpid_fs) >= (int) MAXHOSTNAMELEN) diff --git a/hlfsd/homedir.c b/hlfsd/homedir.c index 347ec7a..16248a6 100644 --- a/hlfsd/homedir.c +++ b/hlfsd/homedir.c @@ -99,9 +99,9 @@ homedir(int userid, int groupid) return alt_spooldir; /* use alt spool for / or rel. home */ } if ((int) userid == 0) /* force all uid 0 to use root's home */ - sprintf(linkval, "%s/%s", root_home, home_subdir); + xsnprintf(linkval, sizeof(linkval), "%s/%s", root_home, home_subdir); else - sprintf(linkval, "%s/%s", homename, home_subdir); + xsnprintf(linkval, sizeof(linkval), "%s/%s", homename, home_subdir); if (noverify) { found->last_status = 0; @@ -228,7 +228,7 @@ hlfsd_diskspace(char *path) char buf[MAXPATHLEN]; int fd, len; - sprintf(buf, "%s/._hlfstmp_%lu", path, (long) getpid()); + xsnprintf(buf, sizeof(buf), "%s/._hlfstmp_%lu", path, (long) getpid()); if ((fd = open(buf, O_RDWR | O_CREAT, 0600)) < 0) { plog(XLOG_ERROR, "cannot open %s: %m", buf); return -1; @@ -397,9 +397,11 @@ mailbox(int uid, char *username) if ((home = homeof(username)) == (char *) NULL) return (char *) NULL; if (STREQ(home, "/")) - sprintf(mboxfile, "/%s/%s", home_subdir, username); + xsnprintf(mboxfile, sizeof(mboxfile), + "/%s/%s", home_subdir, username); else - sprintf(mboxfile, "%s/%s/%s", home, home_subdir, username); + xsnprintf(mboxfile, sizeof(mboxfile), + "%s/%s/%s", home, home_subdir, username); return mboxfile; } diff --git a/include/am_utils.h b/include/am_utils.h index 6cc8f7b..44fc88f 100644 --- a/include/am_utils.h +++ b/include/am_utils.h @@ -243,7 +243,6 @@ extern char *endian; /* "big" */ extern char *hostdomain; /* "southseas.nz" */ extern char copyright[]; /* Copyright info */ extern char hostd[]; /* "kiska.southseas.nz" */ -extern char pid_fsname[]; /* kiska.southseas.nz:(pid%d) */ extern char version[]; /* Version info */ /* @@ -281,7 +280,7 @@ extern bool_t xdr_dirpath(XDR *xdrs, dirpath *objp); extern char **strsplit(char *, int, int); extern char *expand_selectors(char *); extern char *get_version_string(void); -extern char *inet_dquad(char *, u_long); +extern char *inet_dquad(char *, size_t, u_long); extern char *print_wires(void); extern char *str3cat(char *, char *, char *, char *); extern char *strealloc(char *, char *); diff --git a/libamu/mount_fs.c b/libamu/mount_fs.c index a6f97a1..c33febd 100644 --- a/libamu/mount_fs.c +++ b/libamu/mount_fs.c @@ -243,11 +243,11 @@ again: if (lstat(mnt_dir, &stb) == 0) { char optsbuf[48]; if (sizeof(stb.st_dev) == 2) /* e.g. SunOS 4.1 */ - sprintf(optsbuf, "%s=%04lx", - MNTTAB_OPT_DEV, (u_long) stb.st_dev & 0xffff); + xsnprintf(optsbuf, sizeof(optsbuf), "%s=%04lx", + MNTTAB_OPT_DEV, (u_long) stb.st_dev & 0xffff); else /* e.g. System Vr4 */ - sprintf(optsbuf, "%s=%08lx", - MNTTAB_OPT_DEV, (u_long) stb.st_dev); + xsnprintf(optsbuf, sizeof(optsbuf), "%s=%08lx", + MNTTAB_OPT_DEV, (u_long) stb.st_dev); append_opts(zopts, optsbuf); } } @@ -261,7 +261,8 @@ again: if (nfs_version == NFS_VERSION3 && hasmntval(mnt, MNTTAB_OPT_VERS) != NFS_VERSION3) { char optsbuf[48]; - sprintf(optsbuf, "%s=%d", MNTTAB_OPT_VERS, NFS_VERSION3); + xsnprintf(optsbuf, sizeof(optsbuf), + "%s=%d", MNTTAB_OPT_VERS, NFS_VERSION3); append_opts(zopts, optsbuf); } # endif /* defined(HAVE_FS_NFS3) && defined(MNTTAB_OPT_VERS) */ @@ -273,7 +274,7 @@ again: */ if (nfs_proto && !amu_hasmntopt(mnt, MNTTAB_OPT_PROTO)) { char optsbuf[48]; - sprintf(optsbuf, "%s=%s", MNTTAB_OPT_PROTO, nfs_proto); + xsnprintf(optsbuf, sizeof(optsbuf), "%s=%s", MNTTAB_OPT_PROTO, nfs_proto); append_opts(zopts, optsbuf); } # endif /* MNTTAB_OPT_PROTO */ @@ -296,8 +297,9 @@ again: # ifdef HAVE_MNTENT_T_MNT_TIME # ifdef HAVE_MNTENT_T_MNT_TIME_STRING { /* allocate enough space for a long */ - char *str = (char *) xmalloc(13 * sizeof(char)); - sprintf(str, "%ld", time((time_t *) NULL)); + size_t l = 13 * sizeof(char); + char *str = (char *) xmalloc(l) + xsnprintf(str, l, "%ld", time((time_t *) NULL)); mnt->mnt_time = str; } # else /* not HAVE_MNTENT_T_MNT_TIME_STRING */ @@ -846,7 +848,7 @@ get_hex_string(u_int len, const char *fhdata) memset(&arr[0], 0, (64 * sizeof(short int))); memcpy(&arr[0], &fhdata[0], len); for (i=0; i= (sizeof(sys_errlist) >> 2)) { static char errstr[30]; - sprintf(errstr, "Unknown error #%d", errnum); + xsnprintf(errstr, sizeof(errstr), "Unknown error #%d", errnum); return errstr; } return sys_errlist[error]; diff --git a/libamu/wire.c b/libamu/wire.c index b29cd9c..cc88ecb 100644 --- a/libamu/wire.c +++ b/libamu/wire.c @@ -105,25 +105,26 @@ print_wires(void) int bufcount = 0; int buf_size = 1024; - buf = SALLOC(1024); + buf = SALLOC(buf_size); /* initial allocation (may grow!) */ if (!buf) return NULL; if (!localnets) { - sprintf(buf, "No networks.\n"); + xsnprintf(buf, buf_size, "No networks.\n"); return buf; } /* check if there's more than one network */ if (!localnets->ip_next) { - sprintf(buf, - "Network: wire=\"%s\" (netnumber=%s).\n", - localnets->ip_net_name, localnets->ip_net_num); + /* use buf_size for sizeof(buf) because of the realloc() below */ + xsnprintf(buf, buf_size, + "Network: wire=\"%s\" (netnumber=%s).\n", + localnets->ip_net_name, localnets->ip_net_num); return buf; } buf[0] = '\0'; /* null out buffer before appending */ for (i = 1, al = localnets; al; al = al->ip_next, i++) { - sprintf(s, "Network %d: wire=\"%s\" (netnumber=%s).\n", - i, al->ip_net_name, al->ip_net_num); + xsnprintf(s, sizeof(s), "Network %d: wire=\"%s\" (netnumber=%s).\n", + i, al->ip_net_name, al->ip_net_num); bufcount += strlen(s); if (bufcount > buf_size) { buf_size *= 2; @@ -214,18 +215,18 @@ getwire_lookup(u_long address, u_long netmask, int ishost) } if ((subnet & 0xffffff) == 0) { - sprintf(netNumberBuf, "%lu", C(subnet >> 24)); + xsnprintf(netNumberBuf, sizeof(netNumberBuf), "%lu", C(subnet >> 24)); } else if ((subnet & 0xffff) == 0) { - sprintf(netNumberBuf, "%lu.%lu", - C(subnet >> 24), C(subnet >> 16)); + xsnprintf(netNumberBuf, sizeof(netNumberBuf), "%lu.%lu", + C(subnet >> 24), C(subnet >> 16)); } else if ((subnet & 0xff) == 0) { - sprintf(netNumberBuf, "%lu.%lu.%lu", - C(subnet >> 24), C(subnet >> 16), - C(subnet >> 8)); + xsnprintf(netNumberBuf, sizeof(netNumberBuf), "%lu.%lu.%lu", + C(subnet >> 24), C(subnet >> 16), + C(subnet >> 8)); } else { - sprintf(netNumberBuf, "%lu.%lu.%lu.%lu", - C(subnet >> 24), C(subnet >> 16), - C(subnet >> 8), C(subnet)); + xsnprintf(netNumberBuf, sizeof(netNumberBuf), "%lu.%lu.%lu.%lu", + C(subnet >> 24), C(subnet >> 16), + C(subnet >> 8), C(subnet)); } /* fill in network number (string) */ @@ -241,7 +242,7 @@ getwire_lookup(u_long address, u_long netmask, int ishost) if (hp != NULL) s = (char *) hp->h_name; else - s = inet_dquad(buf, subnet); + s = inet_dquad(buf, sizeof(buf), subnet); } /* fill in network name (string) */ @@ -263,14 +264,14 @@ getwire_lookup(u_long address, u_long netmask, int ishost) * sizeof(buf) needs to be at least 16. */ char * -inet_dquad(char *buf, u_long addr) +inet_dquad(char *buf, size_t l, u_long addr) { addr = ntohl(addr); - sprintf(buf, "%ld.%ld.%ld.%ld", - ((addr >> 24) & 0xff), - ((addr >> 16) & 0xff), - ((addr >> 8) & 0xff), - ((addr >> 0) & 0xff)); + xsnprintf(buf, l, "%ld.%ld.%ld.%ld", + ((addr >> 24) & 0xff), + ((addr >> 16) & 0xff), + ((addr >> 8) & 0xff), + ((addr >> 0) & 0xff)); return buf; } @@ -291,7 +292,8 @@ islocalnet(u_long addr) #ifdef DEBUG { char buf[16]; - plog(XLOG_INFO, "%s is on a remote network", inet_dquad(buf, addr)); + plog(XLOG_INFO, "%s is on a remote network", + inet_dquad(buf, sizeof(buf), addr)); } #endif /* DEBUG */ diff --git a/libamu/xutil.c b/libamu/xutil.c index 9ded0bd..2a6f9df 100644 --- a/libamu/xutil.c +++ b/libamu/xutil.c @@ -322,9 +322,11 @@ show_time_host_and_name(int lvl) #if defined(HAVE_CLOCK_GETTIME) && defined(DEBUG) struct timespec ts; #endif /* defined(HAVE_CLOCK_GETTIME) && defined(DEBUG) */ - char nsecs[11] = ""; /* '.' + 9 digits + '\0' */ + char nsecs[11]; /* '.' + 9 digits + '\0' */ char *sev; + nsecs[0] = '\0'; + #if defined(HAVE_CLOCK_GETTIME) && defined(DEBUG) /* * Some systems (AIX 4.3) seem to implement clock_gettime() as stub @@ -333,7 +335,7 @@ show_time_host_and_name(int lvl) if (clock_gettime(CLOCK_REALTIME, &ts) == 0) { t = ts.tv_sec; if (amuDebug(D_HRTIME)) - sprintf(nsecs, ".%09ld", ts.tv_nsec); + xsnprintf(nsecs, sizeof(nsecs), ".%09ld", ts.tv_nsec); } else #endif /* defined(HAVE_CLOCK_GETTIME) && defined(DEBUG) */ @@ -546,7 +548,8 @@ real_plog(int lvl, const char *fmt, va_list vargs) * cycles like crazy. */ show_time_host_and_name(last_lvl); - sprintf(last_msg, "last message repeated %d times\n", last_count); + xsnprintf(last_msg, sizeof(last_msg), + "last message repeated %d times\n", last_count); fwrite(last_msg, strlen(last_msg), 1, logfp); fflush(logfp); last_count = 0; /* start from scratch */ @@ -557,7 +560,8 @@ real_plog(int lvl, const char *fmt, va_list vargs) last_count++; } else { /* last msg repeated+skipped, new one differs */ show_time_host_and_name(last_lvl); - sprintf(last_msg, "last message repeated %d times\n", last_count); + xsnprintf(last_msg, sizeof(last_msg), + "last message repeated %d times\n", last_count); fwrite(last_msg, strlen(last_msg), 1, logfp); if (strlcpy(last_msg, msg, 1024) >= 1024) /* don't use xstrlcpy here (recursive!) */ fprintf(stderr, "real_plog: string \"%s\" truncated to \"%s\"\n", last_msg, msg); diff --git a/mk-amd-map/Makefile.am b/mk-amd-map/Makefile.am index 06d67e8..527b6d5 100644 --- a/mk-amd-map/Makefile.am +++ b/mk-amd-map/Makefile.am @@ -14,7 +14,7 @@ man_MANS = mk-amd-map.8 mk_amd_map_SOURCES = mk-amd-map.c -#LDADD = ../libamu/libamu.la +LDADD = ../libamu/libamu.la INCLUDES = -I$(top_srcdir)/include diff --git a/mk-amd-map/mk-amd-map.c b/mk-amd-map/mk-amd-map.c index 740f8e0..7e9981b 100644 --- a/mk-amd-map/mk-amd-map.c +++ b/mk-amd-map/mk-amd-map.c @@ -222,7 +222,7 @@ main(int argc, char *argv[]) char maptpag[16], maptdir[16]; char *map_name_pag = (char *) NULL, *map_name_dir = (char *) NULL; #endif /* not HAVE_DB_SUFFIX */ - int len; + size_t l = 0; char *sl; int printit = 0; int usage = 0; @@ -271,13 +271,14 @@ main(int argc, char *argv[]) #endif /* DEBUG */ if (!printit) { - len = strlen(mapsrc); + /* enough space for ".db" or ".pag" or ".dir" appended */ + l = strlen(mapsrc) + 5; #ifdef HAVE_DB_SUFFIX - map_name_db = (char *) malloc(len + 4); + map_name_db = (char *) malloc(l); error = (map_name_db == NULL); #else /* not HAVE_DB_SUFFIX */ - map_name_pag = (char *) malloc(len + 5); - map_name_dir = (char *) malloc(len + 5); + map_name_pag = (char *) malloc(l); + map_name_dir = (char *) malloc(l); error = (map_name_pag == NULL || map_name_dir == NULL); #endif /* not HAVE_DB_SUFFIX */ if (error) { @@ -304,15 +305,15 @@ main(int argc, char *argv[]) /* remove existing temps (if any) */ #ifdef HAVE_DB_SUFFIX - sprintf(maptdb, "%s.db", maptmp); + xsnprintf(maptdb, sizeof(maptdb), "%s.db", maptmp); if (remove_file(maptdb) < 0) { fprintf(stderr, "Can't remove existing temporary file; "); perror(maptdb); exit(1); } #else /* not HAVE_DB_SUFFIX */ - sprintf(maptpag, "%s.pag", maptmp); - sprintf(maptdir, "%s.dir", maptmp); + xsnprintf(maptpag, sizeof(maptpag), "%s.pag", maptmp); + xsnprintf(maptdir, sizeof(maptdir), "%s.dir", maptmp); if (remove_file(maptpag) < 0 || remove_file(maptdir) < 0) { fprintf(stderr, "Can't remove existing temporary files; %s and ", maptpag); perror(maptdir); @@ -347,7 +348,8 @@ main(int argc, char *argv[]) /* all went well */ #ifdef HAVE_DB_SUFFIX - sprintf(map_name_db, "%s.db", mapsrc); + /* sizeof(map_name_db) is malloc'ed above */ + xsnprintf(map_name_db, l, "%s.db", mapsrc); if (rename(maptdb, map_name_db) < 0) { fprintf(stderr, "Couldn't rename %s to ", maptdb); perror(map_name_db); @@ -356,8 +358,9 @@ main(int argc, char *argv[]) exit(1); } #else /* not HAVE_DB_SUFFIX */ - sprintf(map_name_pag, "%s.pag", mapsrc); - sprintf(map_name_dir, "%s.dir", mapsrc); + /* sizeof(map_name_{pag,dir}) are malloc'ed above */ + xsnprintf(map_name_pag, l, "%s.pag", mapsrc); + xsnprintf(map_name_dir, l, "%s.dir", mapsrc); if (rename(maptpag, map_name_pag) < 0) { fprintf(stderr, "Couldn't rename %s to ", maptpag); perror(map_name_pag);