Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Miscellaneous format string safety improvements

This commit is contained in:
sommerfeld 2000-10-05 14:09:07 +00:00
parent ac07e85117
commit 8b2d1fefd2
7 changed files with 58 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/dist/ssh/auth-skey.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: auth-skey.c,v 1.1.1.1 2000/09/28 22:09:41 thorpej Exp $ */
/* $NetBSD: auth-skey.c,v 1.2 2000/10/05 14:09:07 sommerfeld Exp $ */
/*
* Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
@ -28,7 +28,7 @@
#include <sys/cdefs.h>
#ifndef lint
__RCSID("$NetBSD: auth-skey.c,v 1.1.1.1 2000/09/28 22:09:41 thorpej Exp $");
__RCSID("$NetBSD: auth-skey.c,v 1.2 2000/10/05 14:09:07 sommerfeld Exp $");
#endif
#include "includes.h"
@ -54,7 +54,7 @@ auth_skey_password(struct passwd * pw, const char *password)
skeyinfo = skey_fake_keyinfo(pw->pw_name);
}
if (skeyinfo != NULL)
packet_send_debug(skeyinfo);
packet_send_debug("%s", skeyinfo);
/* Try again. */
return 0;
} else if (skey_haskey(pw->pw_name) == 0 &&

6
crypto/dist/ssh/auth1.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: auth1.c,v 1.1.1.1 2000/09/28 22:09:42 thorpej Exp $ */
/* $NetBSD: auth1.c,v 1.2 2000/10/05 14:09:07 sommerfeld Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -15,7 +15,7 @@
#include <sys/cdefs.h>
#ifndef lint
__RCSID("$NetBSD: auth1.c,v 1.1.1.1 2000/09/28 22:09:42 thorpej Exp $");
__RCSID("$NetBSD: auth1.c,v 1.2 2000/10/05 14:09:07 sommerfeld Exp $");
#endif
#include "includes.h"
@ -105,7 +105,7 @@ do_fake_authloop1(char *user)
(password = packet_get_string(&dlen)) != NULL &&
dlen == 5 &&
strncasecmp(password, "s/key", 5) == 0 ) {
packet_send_debug(skeyinfo);
packet_send_debug("%s", skeyinfo);
}
}
if (password != NULL)

30
crypto/dist/ssh/channels.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: channels.c,v 1.1.1.1 2000/09/28 22:09:51 thorpej Exp $ */
/* $NetBSD: channels.c,v 1.2 2000/10/05 14:09:07 sommerfeld Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -45,7 +45,7 @@
#include <sys/cdefs.h>
#ifndef lint
__RCSID("$NetBSD: channels.c,v 1.1.1.1 2000/09/28 22:09:51 thorpej Exp $");
__RCSID("$NetBSD: channels.c,v 1.2 2000/10/05 14:09:07 sommerfeld Exp $");
#endif
#include "includes.h"
@ -1821,25 +1821,19 @@ static
int
connect_local_xsocket(unsigned int dnr)
{
static const char *const x_sockets[] = {
_PATH_XUNIX_DIR "%u",
NULL
};
static const char x_socket[] = _PATH_XUNIX_DIR "%u";
int sock;
struct sockaddr_un addr;
const char *const * path;
for (path = x_sockets; *path; ++path) {
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock < 0)
error("socket: %.100s", strerror(errno));
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
snprintf(addr.sun_path, sizeof addr.sun_path, *path, dnr);
if (connect(sock, (struct sockaddr *) & addr, sizeof(addr)) == 0)
return sock;
close(sock);
}
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock < 0)
error("socket: %.100s", strerror(errno));
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
snprintf(addr.sun_path, sizeof addr.sun_path, x_socket, dnr);
if (connect(sock, (struct sockaddr *) & addr, sizeof(addr)) == 0)
return sock;
close(sock);
error("connect %.100s: %.100s", addr.sun_path, strerror(errno));
return -1;
}

13
crypto/dist/ssh/log-server.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: log-server.c,v 1.1.1.1 2000/09/28 22:10:04 thorpej Exp $ */
/* $NetBSD: log-server.c,v 1.2 2000/10/05 14:09:08 sommerfeld Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -41,7 +41,7 @@
#include <sys/cdefs.h>
#ifndef lint
__RCSID("$NetBSD: log-server.c,v 1.1.1.1 2000/09/28 22:10:04 thorpej Exp $");
__RCSID("$NetBSD: log-server.c,v 1.2 2000/10/05 14:09:08 sommerfeld Exp $");
#endif
#include "includes.h"
@ -138,7 +138,6 @@ void
do_log(LogLevel level, const char *fmt, va_list args)
{
char msgbuf[MSGBUFSIZ];
char fmtbuf[MSGBUFSIZ];
char *txt = NULL;
int pri = LOG_INFO;
extern char *__progname;
@ -176,8 +175,12 @@ do_log(LogLevel level, const char *fmt, va_list args)
break;
}
if (txt != NULL) {
snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt);
vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args);
int len;
snprintf(msgbuf, sizeof(msgbuf), "%s: ", txt);
len = strlen(msgbuf);
if (len < sizeof(msgbuf))
vsnprintf(msgbuf+len, sizeof(msgbuf)-len, fmt, args);
} else {
vsnprintf(msgbuf, sizeof(msgbuf), fmt, args);
}

7
crypto/dist/ssh/scp.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: scp.c,v 1.1.1.1 2000/09/28 22:10:14 thorpej Exp $ */
/* $NetBSD: scp.c,v 1.2 2000/10/05 14:09:08 sommerfeld Exp $ */
/*
* scp - secure remote copy. This is basically patched BSD rcp which
@ -80,7 +80,7 @@
#include <sys/cdefs.h>
#ifndef lint
__RCSID("$NetBSD: scp.c,v 1.1.1.1 2000/09/28 22:10:14 thorpej Exp $");
__RCSID("$NetBSD: scp.c,v 1.2 2000/10/05 14:09:08 sommerfeld Exp $");
#endif
#include "includes.h"
@ -258,7 +258,8 @@ char *colon(char *);
void lostconn(int);
void nospace(void);
int okname(char *);
void run_err(const char *,...);
void run_err(const char *,...)
__attribute__((__format__(__printf__,1,2)));
void verifydir(char *);
struct passwd *pwd;

36
crypto/dist/ssh/ssh-agent.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ssh-agent.c,v 1.2 2000/10/04 03:43:58 itojun Exp $ */
/* $NetBSD: ssh-agent.c,v 1.3 2000/10/05 14:09:08 sommerfeld Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -40,7 +40,7 @@
#include <sys/cdefs.h>
#ifndef lint
__RCSID("$NetBSD: ssh-agent.c,v 1.2 2000/10/04 03:43:58 itojun Exp $");
__RCSID("$NetBSD: ssh-agent.c,v 1.3 2000/10/05 14:09:08 sommerfeld Exp $");
#endif
#include "includes.h"
@ -101,6 +101,24 @@ char socket_dir[1024];
extern char *__progname;
static void
printunset(int c_flag, char *varname)
{
if (c_flag)
printf("unsetenv %s;\n", varname);
else
printf("unset %s;\n", varname);
}
static void
printset(int c_flag, char *varname, char *val)
{
if (c_flag)
printf("setenv %s %s;\n", varname, val);
else
printf("%s=%s; export %s;\n", varname, val, varname);
}
static void
idtab_init(void)
{
@ -668,7 +686,7 @@ main(int ac, char **av)
int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch;
struct sockaddr_un sunaddr;
pid_t pid;
char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
char *shell, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
/* check if RSA support exists */
if (rsa_alive() == 0) {
@ -725,9 +743,8 @@ main(int ac, char **av)
perror("kill");
exit(1);
}
format = c_flag ? "unsetenv %s;\n" : "unset %s;\n";
printf(format, SSH_AUTHSOCKET_ENV_NAME);
printf(format, SSH_AGENTPID_ENV_NAME);
printunset(c_flag, SSH_AUTHSOCKET_ENV_NAME);
printunset(c_flag, SSH_AGENTPID_ENV_NAME);
printf("echo Agent pid %d killed;\n", pid);
exit(0);
}
@ -775,11 +792,8 @@ main(int ac, char **av)
close(sock);
snprintf(pidstrbuf, sizeof pidstrbuf, "%d", pid);
if (ac == 0) {
format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n";
printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name,
SSH_AUTHSOCKET_ENV_NAME);
printf(format, SSH_AGENTPID_ENV_NAME, pidstrbuf,
SSH_AGENTPID_ENV_NAME);
printset(c_flag, SSH_AUTHSOCKET_ENV_NAME, socket_name);
printset(c_flag, SSH_AGENTPID_ENV_NAME, pidstrbuf);
printf("echo Agent pid %d;\n", pid);
exit(0);
}

5
crypto/dist/ssh/ssh.h vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: ssh.h,v 1.1.1.1 2000/09/28 22:10:34 thorpej Exp $ */
/* $NetBSD: ssh.h,v 1.2 2000/10/05 14:09:08 sommerfeld Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -348,7 +348,8 @@ void log_init(const char *av0, LogLevel level, SyslogFacility facility,
int on_stderr, int quiet_mode, int debug_mode);
/* Logging implementation, depending on server or client */
void do_log(LogLevel level, const char *fmt, va_list args);
void do_log(LogLevel level, const char *fmt, va_list args)
__attribute__((format(printf, 2, 0)));
/* name to facility/level */
SyslogFacility log_facility_number(const char *name);