- KNF

- use snprintf - be safe with buffers (change prompt() to take a size_t len arg for this)
1998-07-12 09:59:29 +00:00 · 1998-07-12 09:59:29 +00:00 · 923d7551ba
parent 97eafd5059
commit 923d7551ba
8 changed files with 51 additions and 35 deletions
--- a/usr.bin/tip/acu.c
+++ b/usr.bin/tip/acu.c
@ -1,4 +1,4 @@
-/*	$NetBSD: acu.c,v 1.6 1998/06/30 23:42:08 thorpej Exp $	*/
+/*	$NetBSD: acu.c,v 1.7 1998/07/12 09:59:29 mrg Exp $	*/

 /*
 * Copyright (c) 1983, 1993
@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "@(#)acu.c	8.1 (Berkeley) 6/6/93";
 #endif
-__RCSID("$NetBSD: acu.c,v 1.6 1998/06/30 23:42:08 thorpej Exp $");
+__RCSID("$NetBSD: acu.c,v 1.7 1998/07/12 09:59:29 mrg Exp $");
 #endif /* not lint */

 #include "tip.h"
@ -176,6 +176,7 @@ void
 disconnect(reason)
 	char *reason;
 {
+
 	if (!conflag) {
 		logent(value(HOST), "", DV, "call terminated");
 		return;
@ -193,6 +194,7 @@ static void
 acuabort(s)
 	int s;
 {
+
 	signal(s, SIG_IGN);
 	longjmp(jmpbuf, 1);
 }
--- a/usr.bin/tip/cmds.c
+++ b/usr.bin/tip/cmds.c
@ -1,4 +1,4 @@
-/*	$NetBSD: cmds.c,v 1.10 1998/06/30 23:42:08 thorpej Exp $	*/
+/*	$NetBSD: cmds.c,v 1.11 1998/07/12 09:59:29 mrg Exp $	*/

 /*
 * Copyright (c) 1983, 1993
@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "@(#)cmds.c	8.1 (Berkeley) 6/6/93";
 #endif
-__RCSID("$NetBSD: cmds.c,v 1.10 1998/06/30 23:42:08 thorpej Exp $");
+__RCSID("$NetBSD: cmds.c,v 1.11 1998/07/12 09:59:29 mrg Exp $");
 #endif /* not lint */

 #include "tip.h"
@ -79,7 +79,7 @@ getfl(c)
 	/*
 	 * get the UNIX receiving file's name
 	 */
-	if (prompt("Local file name? ", copyname))
+	if (prompt("Local file name? ", copyname, sizeof copyname))
 		return;
 	cp = expand(copyname);
 	if ((sfd = creat(cp, 0666)) < 0) {
@ -90,7 +90,8 @@ getfl(c)
 	/*
 	 * collect parameters
 	 */
-	if (prompt("List command for remote system? ", buf)) {
+	if (prompt("List command for remote system? ", buf,
+	    sizeof buf)) {
 		unlink(copyname);
 		return;
 	}
@ -107,7 +108,7 @@ cu_take(cc)
 	int fd, argc;
 	char line[BUFSIZ], *cp;

-	if (prompt("[take] ", copyname))
+	if (prompt("[take] ", copyname, sizeof copyname))
 		return;
 	if ((argc = args(copyname, argv)) < 1 || argc > 2) {
 		printf("usage: <take> from [to]\r\n");
@ -212,7 +213,7 @@ pipefile(dummy)
 	char buf[256];
 	int status, p;

-	if (prompt("Local command? ", buf))
+	if (prompt("Local command? ", buf, sizeof buf))
 		return;

 	if (pipe(pdes)) {
@ -224,7 +225,8 @@ pipefile(dummy)
 		printf("can't fork!\r\n");
 		return;
 	} else if (cpid) {
-		if (prompt("List command for remote system? ", buf)) {
+		if (prompt("List command for remote system? ", buf,
+		    sizeof buf)) {
 			close(pdes[0]), close(pdes[1]);
 			kill (cpid, SIGKILL);
 		} else {
@ -276,7 +278,7 @@ sendfile(cc)
 	/*
 	 * get file name
 	 */
-	if (prompt("Local file name? ", fname))
+	if (prompt("Local file name? ", fname, sizeof fname))
 		return;

 	/*
@ -404,7 +406,7 @@ cu_put(cc)
 	int argc;
 	char *copynamex;

-	if (prompt("[put] ", copyname))
+	if (prompt("[put] ", copyname, sizeof copyname))
 		return;
 	if ((argc = args(copyname, argv)) < 1 || argc > 2) {
 		printf("usage: <put> from [to]\r\n");
@ -466,6 +468,7 @@ void
 alrmtimeout(dummy)
 	int dummy;
 {
+
 	signal(SIGALRM, alrmtimeout);
 	timedout = 1;
 }
@ -483,7 +486,7 @@ pipeout(c)
 	time_t start = 0;

 	putchar(c);
-	if (prompt("Local command? ", buf))
+	if (prompt("Local command? ", buf, sizeof buf))
 		return;
 	kill(pid, SIGIOT);	/* put TIPOUT into a wait state */
 	signal(SIGINT, SIG_IGN);
@ -536,7 +539,7 @@ consh(c)
 	time_t start = 0;

 	putchar(c);
-	if (prompt("Local command? ", buf))
+	if (prompt("Local command? ", buf, sizeof buf))
 		return;
 	kill(pid, SIGIOT);	/* put TIPOUT into a wait state */
 	signal(SIGINT, SIG_IGN);
@ -650,7 +653,7 @@ chdirectory(dummy)
 	char dirname[80];
 	char *cp = dirname;

-	if (prompt("[cd] ", dirname)) {
+	if (prompt("[cd] ", dirname, sizeof dirname)) {
 		if (stoprompt)
 			return;
 		cp = value(HOME);
@ -694,6 +697,7 @@ void
 intcopy(dummy)
 	int dummy;
 {
+
 	raw();
 	quit = 1;
 	longjmp(intbuf, 1);
@ -764,7 +768,7 @@ variable(dummy)
 {
 	char	buf[256];

-	if (prompt("[set] ", buf))
+	if (prompt("[set] ", buf, sizeof buf))
 		return;
 	vlex(buf);
 	if (vtable[BEAUTIFY].v_access&CHANGED) {
--- a/usr.bin/tip/hunt.c
+++ b/usr.bin/tip/hunt.c
@ -1,4 +1,4 @@
-/*	$NetBSD: hunt.c,v 1.8 1997/11/22 07:28:43 lukem Exp $	*/
+/*	$NetBSD: hunt.c,v 1.9 1998/07/12 09:59:30 mrg Exp $	*/

 /*
 * Copyright (c) 1983, 1993
@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "@(#)hunt.c	8.1 (Berkeley) 6/6/93";
 #endif
-__RCSID("$NetBSD: hunt.c,v 1.8 1997/11/22 07:28:43 lukem Exp $");
+__RCSID("$NetBSD: hunt.c,v 1.9 1998/07/12 09:59:30 mrg Exp $");
 #endif /* not lint */

 #include "tip.h"
@ -52,6 +52,7 @@ void
 dead(dummy)
 	int dummy;
 {
+
 	deadfl = 1;
 	longjmp(deadline, 1);
 }
--- a/usr.bin/tip/tip.c
+++ b/usr.bin/tip/tip.c
@ -1,4 +1,4 @@
-/*	$NetBSD: tip.c,v 1.20 1998/06/30 23:42:08 thorpej Exp $	*/
+/*	$NetBSD: tip.c,v 1.21 1998/07/12 09:59:30 mrg Exp $	*/

 /*
 * Copyright (c) 1983, 1993
@ -43,7 +43,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 1993\n\
 #if 0
 static char sccsid[] = "@(#)tip.c	8.1 (Berkeley) 6/6/93";
 #endif
-__RCSID("$NetBSD: tip.c,v 1.20 1998/06/30 23:42:08 thorpej Exp $");
+__RCSID("$NetBSD: tip.c,v 1.21 1998/07/12 09:59:30 mrg Exp $");
 #endif /* not lint */

 /*
@ -137,6 +137,7 @@ main(argc, argv)
 		exit(1);
 	}
 	strncpy(PNbuf, system, sizeof PNbuf - 1);
+	PNbuf[sizeof PNbuf - 1] = '\0';
 	for (p = system; *p; p++)
 		*p = '\0';
 	PN = PNbuf;
@ -284,6 +285,7 @@ static int uidswapped;
 void
 user_uid()
 {
+
 	if (uidswapped == 0) {
 		seteuid(uid);
 		uidswapped = 1;
@ -303,6 +305,7 @@ daemon_uid()
 void
 shell_uid()
 {
+
 	seteuid(uid);
 }

@ -312,6 +315,7 @@ shell_uid()
 void
 raw()
 {
+
 	tcsetattr(0, TCSADRAIN, &term);
 }

@ -322,6 +326,7 @@ raw()
 void
 unraw()
 {
+
 	tcsetattr(0, TCSADRAIN, &defterm);
 }

@ -333,9 +338,10 @@ static	jmp_buf promptbuf;
 *  normal erase and kill characters.
 */
 int
-prompt(s, p)
+prompt(s, p, l)
 	char *s;
 	char *p;
+	size_t l;
 {
 	int c;
 	char *b = p;
@ -351,7 +357,8 @@ prompt(s, p)
 	unraw();
 	printf("%s", s);
 	if (setjmp(promptbuf) == 0)
-		while ((c = getchar()) != -1 && (*p = c) != '\n')
+		while ((c = getchar()) != -1 && (*p = c) != '\n' &&
+		    b + l > p)
 			p++;
 	*p = '\0';

@ -463,6 +470,7 @@ int
 any(c, p)
 	char c, *p;
 {
+
 	while (p && *p)
 		if (*p++ == c)
 			return (1);
@ -476,7 +484,7 @@ interp(s)
 	static char buf[256];
 	char *p = buf, c, *q;

-	while ((c = *s++) != 0) {
+	while ((c = *s++) != 0 && buf + sizeof buf - p > 2) {
 		for (q = "\nn\rr\tt\ff\033E\bb"; *q; q++)
 			if (*q++ == c) {
 				*p++ = '\\'; *p++ = *q;
--- a/usr.bin/tip/tip.h
+++ b/usr.bin/tip/tip.h
@ -1,4 +1,4 @@
-/*	$NetBSD: tip.h,v 1.10 1998/06/30 23:42:08 thorpej Exp $	*/
+/*	$NetBSD: tip.h,v 1.11 1998/07/12 09:59:30 mrg Exp $	*/

 /*
 * Copyright (c) 1989, 1993
@ -297,7 +297,7 @@ void	logent __P((char *, char *, char *, char *));
 void	loginit __P((void));
 void	pipefile __P((char));
 void	pipeout __P((char));
-int	prompt __P((char *, char *));
+int	prompt __P((char *, char *, size_t));
 void	xpwrite __P((int, char *, int));
 void	raw __P((void));
 void	send __P((char));
--- a/usr.bin/tip/tipout.c
+++ b/usr.bin/tip/tipout.c
@ -1,4 +1,4 @@
-/*	$NetBSD: tipout.c,v 1.6 1997/11/22 07:28:48 lukem Exp $	*/
+/*	$NetBSD: tipout.c,v 1.7 1998/07/12 09:59:30 mrg Exp $	*/

 /*
 * Copyright (c) 1983, 1993
@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "@(#)tipout.c	8.1 (Berkeley) 6/6/93";
 #endif
-__RCSID("$NetBSD: tipout.c,v 1.6 1997/11/22 07:28:48 lukem Exp $");
+__RCSID("$NetBSD: tipout.c,v 1.7 1998/07/12 09:59:30 mrg Exp $");
 #endif /* not lint */

 #include "tip.h"
@ -83,7 +83,7 @@ intEMT(dummy)
 	char reply;

 	read(fildes[0], &c, 1);
-	while (c != '\n') {
+	while (c != '\n' && line + sizeof line - pline > 0) {
 		*pline++ = c;
 		read(fildes[0], &c, 1);
 	}
--- a/usr.bin/tip/uucplock.c
+++ b/usr.bin/tip/uucplock.c
@ -1,4 +1,4 @@
-/*	$NetBSD: uucplock.c,v 1.9 1997/11/22 07:28:49 lukem Exp $	*/
+/*	$NetBSD: uucplock.c,v 1.10 1998/07/12 09:59:30 mrg Exp $	*/

 /*
 * Copyright (c) 1988, 1993
@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "@(#)uucplock.c	8.1 (Berkeley) 6/6/93";
 #endif
-__RCSID("$NetBSD: uucplock.c,v 1.9 1997/11/22 07:28:49 lukem Exp $");
+__RCSID("$NetBSD: uucplock.c,v 1.10 1998/07/12 09:59:30 mrg Exp $");
 #endif /* not lint */

 #include "pathnames.h"
--- a/usr.bin/tip/value.c
+++ b/usr.bin/tip/value.c
@ -1,4 +1,4 @@
-/*	$NetBSD: value.c,v 1.8 1997/11/23 04:03:05 mrg Exp $	*/
+/*	$NetBSD: value.c,v 1.9 1998/07/12 09:59:30 mrg Exp $	*/

 /*
 * Copyright (c) 1983, 1993
@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "@(#)value.c	8.1 (Berkeley) 6/6/93";
 #endif
-__RCSID("$NetBSD: value.c,v 1.8 1997/11/23 04:03:05 mrg Exp $");
+__RCSID("$NetBSD: value.c,v 1.9 1998/07/12 09:59:30 mrg Exp $");
 #endif /* not lint */

 #include "tip.h"
@ -260,6 +260,7 @@ static int
 vaccess(mode, rw)
 	unsigned mode, rw;
 {
+
 	if (mode & (rw<<PUBLIC))
 		return (1);
 	if (mode & (rw<<PRIVATE))