From: Dave Hart Date: Sun, 2 Jan 2011 05:13:56 +0000 (+0000) Subject: Remove nearly all strcpy() and most strcat() from NTP distribution. X-Git-Tag: NTP_4_2_7P109~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4ae5df63074abbfff7af42c426d1980bb6ba739a;p=thirdparty%2Fntp.git Remove nearly all strcpy() and most strcat() from NTP distribution. One major pocket remains in ntp_crypto.c. libopts & libisc also have (safe) uses of strcpy() and strcat() remaining bk: 4d200994pfUzhN4SQzXt1XJxF9q11A --- diff --git a/include/ntpd.h b/include/ntpd.h index ddbb8c702..1ad147e9f 100644 --- a/include/ntpd.h +++ b/include/ntpd.h @@ -46,6 +46,8 @@ extern int change_logfile (const char *, int); extern void setup_logfile (int); extern void process_control (struct recvbuf *, int); extern void report_event (int, struct peer *, const char *); +extern int mprintf_event (int, struct peer *, const char *, ...) + __attribute__((__format__(__printf__, 3, 4))); /* ntp_control.c */ /* diff --git a/libntp/findconfig.c b/libntp/findconfig.c index 562c01764..44e6b07ed 100644 --- a/libntp/findconfig.c +++ b/libntp/findconfig.c @@ -22,7 +22,7 @@ FindConfig( struct utsname unamebuf; /* All keyed by initial target being a directory */ - (void) strcpy(result, base); + strncpy(result, base, sizeof(result)); if (stat(result, &sbuf) == 0) { if (S_ISDIR(sbuf.st_mode)) { @@ -49,7 +49,9 @@ FindConfig( if (stat(result, &sbuf) == 0) { goto outahere; } else { - (void) strcpy(result, "/not/found"); + strncpy(result, + "/not/found", + sizeof(result)); } } } diff --git a/libntp/statestr.c b/libntp/statestr.c index 0dbf2abc0..71dc7cad6 100644 --- a/libntp/statestr.c +++ b/libntp/statestr.c @@ -18,14 +18,13 @@ */ struct codestring { int code; - const char *string; + const char * const string; }; /* * Leap status (leap) */ -static -struct codestring leap_codes[] = { +static const struct codestring leap_codes[] = { { LEAP_NOWARNING, "leap_none" }, { LEAP_ADDSECOND, "leap_add_sec" }, { LEAP_DELSECOND, "leap_del_sec" }, @@ -36,8 +35,7 @@ struct codestring leap_codes[] = { /* * Clock source status (sync) */ -static -struct codestring sync_codes[] = { +static const struct codestring sync_codes[] = { { CTL_SST_TS_UNSPEC, "sync_unspec" }, { CTL_SST_TS_ATOM, "sync_pps" }, { CTL_SST_TS_LF, "sync_lf_radio" }, @@ -54,8 +52,7 @@ struct codestring sync_codes[] = { /* * Peer selection status (sel) */ -static -struct codestring select_codes[] = { +static const struct codestring select_codes[] = { { CTL_PST_SEL_REJECT, "sel_reject" }, { CTL_PST_SEL_SANE, "sel_falsetick" }, { CTL_PST_SEL_CORRECT, "sel_excess" }, @@ -70,8 +67,7 @@ struct codestring select_codes[] = { /* * Clock status (clk) */ -static -struct codestring clock_codes[] = { +static const struct codestring clock_codes[] = { { CTL_CLK_OKAY, "clk_unspec" }, { CTL_CLK_NOREPLY, "clk_no_reply" }, { CTL_CLK_BADFORMAT, "clk_bad_format" }, @@ -87,8 +83,7 @@ struct codestring clock_codes[] = { /* * Flash bits -- see ntpq.c tstflags & tstflagnames */ -static -struct codestring flash_codes[] = { +static const struct codestring flash_codes[] = { { TEST1, "pkt_dup" }, { TEST2, "pkt_bogus" }, { TEST3, "pkt_unsync" }, @@ -110,8 +105,7 @@ struct codestring flash_codes[] = { /* * System events (sys) */ -static -struct codestring sys_codes[] = { +static const struct codestring sys_codes[] = { { EVNT_UNSPEC, "unspecified" }, { EVNT_NSET, "freq_not_set" }, { EVNT_FSET, "freq_set" }, @@ -135,8 +129,7 @@ struct codestring sys_codes[] = { /* * Peer events (peer) */ -static -struct codestring peer_codes[] = { +static const struct codestring peer_codes[] = { { PEVNT_MOBIL & ~PEER_EVENT, "mobilize" }, { PEVNT_DEMOBIL & ~PEER_EVENT, "demobilize" }, { PEVNT_UNREACH & ~PEER_EVENT, "unreachable" }, @@ -159,8 +152,7 @@ struct codestring peer_codes[] = { /* * Crypto events (cryp) */ -static -struct codestring crypto_codes[] = { +static const struct codestring crypto_codes[] = { { XEVNT_OK & ~CRPT_EVENT, "success" }, { XEVNT_LEN & ~CRPT_EVENT, "bad_field_format_or_length" }, { XEVNT_TSP & ~CRPT_EVENT, "bad_timestamp" }, @@ -182,26 +174,30 @@ struct codestring crypto_codes[] = { #endif /* AUTOKEY */ /* Forwards */ -static const char *getcode (int, struct codestring *); -static const char *getevents (int); +static const char * getcode(int, const struct codestring *); +static const char * getevents(int); +static const char * peer_st_flags(u_char pst); /* * getcode - return string corresponding to code */ static const char * getcode( - int code, - struct codestring *codetab + int code, + const struct codestring * codetab ) { - static char buf[30]; + char * buf; while (codetab->code != -1) { if (codetab->code == code) return codetab->string; codetab++; } - snprintf(buf, sizeof(buf), "%s_%d", codetab->string, code); + + LIB_GETBUF(buf); + snprintf(buf, LIB_BUFLENGTH, "%s_%d", codetab->string, code); + return buf; } @@ -213,15 +209,60 @@ getevents( int cnt ) { - static char buf[20]; + char * buf; if (cnt == 0) return "no events"; - snprintf(buf, sizeof(buf), "%d event%s", cnt, (cnt==1) ? "" : - "s"); + + LIB_GETBUF(buf); + snprintf(buf, LIB_BUFLENGTH, "%d event%s", cnt, + (1 == cnt) + ? "" + : "s"); + return buf; } + +static const char * +peer_st_flags(u_char pst) +{ + static const char toosmall[] = "buffer too small!"; + static const char csp[] = ", "; + const char * sep; + char * buf; + char * pch; + char * lim; + int rc; + + LIB_GETBUF(buf); + pch = buf; + lim = buf + LIB_BUFLENGTH; + sep = ""; + +#define EXPAND_PEERST_BIT(b, text) \ +do { \ + if ((b) & pst) { \ + rc = snprintf(pch, (lim - pch), "%s" text, sep);\ + if (rc < 0) \ + return toosmall; \ + pch += (u_int)rc; \ + if (pch >= lim) \ + return toosmall; \ + sep = csp; \ + } \ +} while (0) + + EXPAND_PEERST_BIT(CTL_PST_CONFIG, "conf"); + EXPAND_PEERST_BIT(CTL_PST_AUTHENABLE, "authenb"); + EXPAND_PEERST_BIT(CTL_PST_AUTHENTIC, "auth"); + EXPAND_PEERST_BIT(CTL_PST_REACH, "reach"); + EXPAND_PEERST_BIT(CTL_PST_BCAST, "bcast"); + + return buf; +} + + /* * statustoa - return a descriptive string for a peer status */ @@ -231,78 +272,43 @@ statustoa( int st ) { - char *cb; - u_char pst; + char * cb; + char * cc; + u_char pst; LIB_GETBUF(cb); switch (type) { case TYPE_SYS: - strcpy(cb, getcode(CTL_SYS_LI(st), leap_codes)); - strcat(cb, ", "); - strcat(cb, getcode(CTL_SYS_SOURCE(st), sync_codes)); - strcat(cb, ", "); - strcat(cb, getevents(CTL_SYS_NEVNT(st))); - strcat(cb, ", "); - strcat(cb, getcode(CTL_SYS_EVENT(st), sys_codes)); + snprintf(cb, LIB_BUFLENGTH, "%s, %s, %s, %s", + getcode(CTL_SYS_LI(st), leap_codes), + getcode(CTL_SYS_SOURCE(st), sync_codes), + getevents(CTL_SYS_NEVNT(st)), + getcode(CTL_SYS_EVENT(st), sys_codes)); break; case TYPE_PEER: - /* - * Handcraft the bits - */ - pst = (u_char) CTL_PEER_STATVAL(st); - if (pst & CTL_PST_CONFIG) - strcpy(cb, "conf"); - if (pst & CTL_PST_AUTHENABLE) { - if (pst & CTL_PST_CONFIG) - strcat(cb, ", authenb"); - else - strcat(cb, "authenb"); - } - if (pst & CTL_PST_AUTHENTIC) { - if (pst & (CTL_PST_CONFIG | CTL_PST_AUTHENABLE)) - strcat(cb, ", auth"); - else - strcat(cb, "auth"); - } - if (pst & CTL_PST_REACH) { - if (pst & (CTL_PST_CONFIG | CTL_PST_AUTHENABLE | - CTL_PST_AUTHENTIC)) - strcat(cb, ", reach"); - else - strcat(cb, "reach"); - } - if (pst & CTL_PST_BCAST) { - if (pst & (CTL_PST_CONFIG | CTL_PST_AUTHENABLE | - CTL_PST_AUTHENTIC | CTL_PST_REACH)) - strcat(cb, ", bcst"); - else - strcat(cb, "bcst"); - } - - /* - * Now the codes - */ - strcat(cb, ", "); - strcat(cb, getcode(pst & 0x7, select_codes)); - strcat(cb, ", "); - strcat(cb, getevents(CTL_PEER_NEVNT(st))); + pst = (u_char)CTL_PEER_STATVAL(st); + snprintf(cb, LIB_BUFLENGTH, "%s, %s, %s", + peer_st_flags(pst), + getcode(pst & 0x7, select_codes), + getevents(CTL_PEER_NEVNT(st))); if (CTL_PEER_EVENT(st) != EVNT_UNSPEC) { - strcat(cb, ", "); - strcat(cb, getcode(CTL_PEER_EVENT(st), - peer_codes)); + cc = cb + strlen(cb); + snprintf(cc, LIB_BUFLENGTH - (cc - cb), ", %s", + getcode(CTL_PEER_EVENT(st), + peer_codes)); } break; case TYPE_CLOCK: - strcat(cb, ", "); - strcat(cb, getevents(CTL_SYS_NEVNT(st))); - strcat(cb, ", "); - strcat(cb, getcode((st) & 0xf, clock_codes)); + snprintf(cb, LIB_BUFLENGTH, "%s, %s", + getevents(CTL_SYS_NEVNT(st)), + getcode((st) & 0xf, clock_codes)); break; } + return cb; } diff --git a/libntp/systime.c b/libntp/systime.c index b52058a65..e29f535a1 100644 --- a/libntp/systime.c +++ b/libntp/systime.c @@ -281,10 +281,10 @@ step_systime( #endif #ifdef HAVE_UTMP_H - memset((char *)&ut, 0, sizeof(ut)); + memset(&ut, 0, sizeof(ut)); #endif #ifdef HAVE_UTMPX_H - memset((char *)&utx, 0, sizeof(utx)); + memset(&utx, 0, sizeof(utx)); #endif /* UTMP */ @@ -292,12 +292,12 @@ step_systime( #ifdef UPDATE_UTMP # ifdef HAVE_PUTUTLINE ut.ut_type = OLD_TIME; - (void)strcpy(ut.ut_line, OTIME_MSG); + strncpy(ut.ut_line, OTIME_MSG, sizeof(ut.ut_line)); ut.ut_time = oldtimetv.tv_sec; pututline(&ut); setutent(); ut.ut_type = NEW_TIME; - (void)strcpy(ut.ut_line, NTIME_MSG); + strncpy(ut.ut_line, NTIME_MSG, sizeof(ut.ut_line)); ut.ut_time = timetv.tv_sec; pututline(&ut); endutent(); @@ -310,12 +310,12 @@ step_systime( #ifdef UPDATE_UTMPX # ifdef HAVE_PUTUTXLINE utx.ut_type = OLD_TIME; - (void)strcpy(utx.ut_line, OTIME_MSG); + strncpy(utx.ut_line, OTIME_MSG, sizeof(utx.ut_line)); utx.ut_tv = oldtimetv; pututxline(&utx); setutxent(); utx.ut_type = NEW_TIME; - (void)strcpy(utx.ut_line, NTIME_MSG); + strncpy(utx.ut_line, NTIME_MSG, sizeof(utx.ut_line)); utx.ut_tv = timetv; pututxline(&utx); endutxent(); @@ -329,11 +329,11 @@ step_systime( # ifdef HAVE_PUTUTLINE utmpname(WTMP_FILE); ut.ut_type = OLD_TIME; - (void)strcpy(ut.ut_line, OTIME_MSG); + strncpy(ut.ut_line, OTIME_MSG, sizeof(ut.ut_line)); ut.ut_time = oldtimetv.tv_sec; pututline(&ut); ut.ut_type = NEW_TIME; - (void)strcpy(ut.ut_line, NTIME_MSG); + strncpy(ut.ut_line, NTIME_MSG, sizeof(ut.ut_line)); ut.ut_time = timetv.tv_sec; pututline(&ut); endutent(); @@ -347,7 +347,7 @@ step_systime( # ifdef HAVE_PUTUTXLINE utx.ut_type = OLD_TIME; utx.ut_tv = oldtimetv; - (void)strcpy(utx.ut_line, OTIME_MSG); + strncpy(utx.ut_line, OTIME_MSG, sizeof(utx.ut_line)); # ifdef HAVE_UPDWTMPX updwtmpx(WTMPX_FILE, &utx); # else /* not HAVE_UPDWTMPX */ @@ -357,7 +357,7 @@ step_systime( # ifdef HAVE_PUTUTXLINE utx.ut_type = NEW_TIME; utx.ut_tv = timetv; - (void)strcpy(utx.ut_line, NTIME_MSG); + strncpy(utx.ut_line, NTIME_MSG, sizeof(utx.ut_line)); # ifdef HAVE_UPDWTMPX updwtmpx(WTMPX_FILE, &utx); # else /* not HAVE_UPDWTMPX */ diff --git a/ntpd/ntp_control.c b/ntpd/ntp_control.c index 4d48f2a0e..2040053b4 100644 --- a/ntpd/ntp_control.c +++ b/ntpd/ntp_control.c @@ -1641,9 +1641,10 @@ kstatus_to_text( # define XLATE_KST_BIT(bitval, text) \ do { \ - if (((bitval) & status) && pch + sizeof(text) <= lim) { \ + if (((bitval) & status) && \ + (pch + sizeof(text) <= lim)) { \ memcpy(pch, (text), sizeof(text)); \ - pch += sizeof(text) - 1; \ + pch += (u_int)(sizeof(text) - 1); \ } \ } while (0) @@ -3132,8 +3133,13 @@ write_variables( const struct ctl_var *v; int ext_var; char *valuep; - long val = 0; + long val; + size_t octets; + char *vareqv; + const char *t; + char *tt; + val = 0; /* * If he's trying to write into a peer tell him no way */ @@ -3180,30 +3186,19 @@ write_variables( } if (ext_var) { - char *s = (char *)emalloc(strlen(v->text) + - strlen(valuep) + 2); - const char *t; - char *tt = s; - + octets = strlen(v->text) + strlen(valuep) + 2; + vareqv = emalloc(octets); + tt = vareqv; t = v->text; while (*t && *t != '=') *tt++ = *t++; - *tt++ = '='; - strcat(tt, valuep); - set_sys_var(s, strlen(s)+1, v->flags); - free(s); + memcpy(tt, valuep, 1 + strlen(valuep)); + set_sys_var(vareqv, 1 + strlen(vareqv), v->flags); + free(vareqv); } else { - /* - * This one seems sane. Save it. - */ - switch(v->code) { - - case CS_LEAP: - default: - ctl_error(CERR_UNSPEC); /* really */ - return; - } + ctl_error(CERR_UNSPEC); /* really */ + return; } } @@ -4512,6 +4507,30 @@ report_event( } +/* + * mprintf_event - printf-style varargs variant of report_event() + */ +int +mprintf_event( + int evcode, /* event code */ + struct peer * p, /* may be NULL */ + const char * fmt, /* msnprintf format */ + ... + ) +{ + va_list ap; + int rc; + char msg[512]; + + va_start(ap, fmt); + rc = mvsnprintf(msg, sizeof(msg), fmt, ap); + va_end(ap); + report_event(evcode, p, msg); + + return rc; +} + + /* * ctl_clr_stats - clear stat counters */ diff --git a/ntpd/ntp_peer.c b/ntpd/ntp_peer.c index 34cf00f9d..5cb2ffa43 100644 --- a/ntpd/ntp_peer.c +++ b/ntpd/ntp_peer.c @@ -509,10 +509,7 @@ unpeer( struct peer *peer ) { - char tbuf[80]; - - snprintf(tbuf, sizeof(tbuf), "assoc %u", peer->associd); - report_event(PEVNT_DEMOBIL, peer, tbuf); + mprintf_event(PEVNT_DEMOBIL, peer, "assoc %u", peer->associd); restrict_source(&peer->srcadr, 1, 0); set_peerdstadr(peer, NULL); peer_demobilizations++; @@ -793,7 +790,6 @@ newpeer( { struct peer *peer; u_int hash; - char tbuf[80]; #ifdef AUTOKEY /* @@ -976,8 +972,7 @@ newpeer( LINK_SLIST(peer_list, peer, p_link); restrict_source(&peer->srcadr, 0, 0); - snprintf(tbuf, sizeof(tbuf), "assoc %d", peer->associd); - report_event(PEVNT_MOBIL, peer, tbuf); + mprintf_event(PEVNT_MOBIL, peer, "assoc %d", peer->associd); DPRINTF(1, ("newpeer: %s->%s mode %u vers %u poll %u %u flags 0x%x 0x%x ttl %u key %08x\n", latoa(peer->dstadr), stoa(&peer->srcadr), peer->hmode, peer->version, peer->minpoll, peer->maxpoll, peer->flags, diff --git a/ntpd/ntp_util.c b/ntpd/ntp_util.c index ed422129c..db8bf80f6 100644 --- a/ntpd/ntp_util.c +++ b/ntpd/ntp_util.c @@ -12,6 +12,7 @@ #include "ntp_stdlib.h" #include "ntp_assert.h" #include "ntp_calendar.h" +#include "lib_strbuf.h" #include #include @@ -349,8 +350,6 @@ stats_config( FILE *fp; const char *value; int len; - char tbuf[80]; - char str1[20], str2[20]; double old_drift; #ifndef VMS const char temp_ext[] = ".TEMP"; @@ -366,31 +365,36 @@ stats_config( char newvalue[MAX_PATH], parameter[MAX_PATH]; if (!ExpandEnvironmentStrings(invalue, newvalue, MAX_PATH)) { - switch(item) { - case STATS_FREQ_FILE: - strcpy(parameter,"STATS_FREQ_FILE"); + switch (item) { + case STATS_FREQ_FILE: + strncpy(parameter, "STATS_FREQ_FILE", + sizeof(parameter)); break; - case STATS_LEAP_FILE: - strcpy(parameter,"STATS_LEAP_FILE"); + case STATS_LEAP_FILE: + strncpy(parameter, "STATS_LEAP_FILE", + sizeof(parameter)); break; - case STATS_STATSDIR: - strcpy(parameter,"STATS_STATSDIR"); + case STATS_STATSDIR: + strncpy(parameter, "STATS_STATSDIR", + sizeof(parameter)); break; - case STATS_PID_FILE: - strcpy(parameter,"STATS_PID_FILE"); + case STATS_PID_FILE: + strncpy(parameter, "STATS_PID_FILE", + sizeof(parameter)); break; - default: - strcpy(parameter,"UNKNOWN"); + default: + strncpy(parameter, "UNKNOWN", + sizeof(parameter)); break; } value = invalue; msyslog(LOG_ERR, - "ExpandEnvironmentStrings(%s) failed: %m\n", - parameter); + "ExpandEnvironmentStrings(%s) failed: %m\n", + parameter); } else { value = newvalue; } @@ -398,7 +402,7 @@ stats_config( value = invalue; #endif /* SYS_WINNT */ - switch(item) { + switch (item) { /* * Open and read frequency file. @@ -545,18 +549,15 @@ stats_config( break; } - if (leap_file(fp) < 0) { + if (leap_file(fp) < 0) msyslog(LOG_ERR, "format error leapseconds file %s", value); - } else { - strcpy(str1, fstostr(leap_sec)); - strcpy(str2, fstostr(leap_expire)); - snprintf(tbuf, sizeof(tbuf), - "%d leap %s expire %s", leap_tai, str1, - str2); - report_event(EVNT_TAI, NULL, tbuf); - } + else + mprintf_event(EVNT_TAI, NULL, + "%d leap %s expire %s", leap_tai, + fstostr(leap_sec), + fstostr(leap_expire)); fclose(fp); break; @@ -1063,21 +1064,25 @@ char * fstostr( time_t ntp_stamp ) { - static char str[20]; + char * buf; struct tm * tm; time_t unix_stamp; + LIB_GETBUF(buf); unix_stamp = ntp_stamp - JAN_1970; tm = gmtime(&unix_stamp); - if (NULL != tm) - snprintf(str, sizeof(str), - "%04d%02d%02d%02d%02d", - tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, - tm->tm_hour, tm->tm_min); + if (NULL == tm) +#ifdef WAIT_FOR_NTP_CRYPTO_C_CALLERS_ABLE_TO_HANDLE_MORE_THAN_20_CHARS + msnprintf(buf, LIB_BUFLENGTH, "gmtime: %m"); +#else + strncpy(buf, "gmtime() error", LIB_BUFLENGTH); +#endif else - strcpy(str, "gmtime() error"); + snprintf(buf, LIB_BUFLENGTH, "%04d%02d%02d%02d%02d", + tm->tm_year + 1900, tm->tm_mon + 1, + tm->tm_mday, tm->tm_hour, tm->tm_min); - return str; + return buf; } diff --git a/ntpd/refclock_arbiter.c b/ntpd/refclock_arbiter.c index 8e92c0fbf..e7ef6433a 100644 --- a/ntpd/refclock_arbiter.c +++ b/ntpd/refclock_arbiter.c @@ -289,7 +289,8 @@ arb_receive( return; } else if (!strncmp(tbuf, "SR", 2)) { - strcpy(up->status, tbuf + 2); + strncpy(up->status, tbuf + 2, + sizeof(up->status)); if (pp->sloppyclockflag & CLK_FLAG4) write(pp->io.fd, "LA", 2); else @@ -297,7 +298,7 @@ arb_receive( return; } else if (!strncmp(tbuf, "LA", 2)) { - strcpy(up->latlon, tbuf + 2); + strncpy(up->latlon, tbuf + 2, sizeof(up->latlon)); write(pp->io.fd, "LO", 2); return; diff --git a/ntpd/refclock_as2201.c b/ntpd/refclock_as2201.c index 163c2afee..c72662b8a 100644 --- a/ntpd/refclock_as2201.c +++ b/ntpd/refclock_as2201.c @@ -233,6 +233,7 @@ as2201_receive( struct refclockproc *pp; struct peer *peer; l_fp trtmp; + size_t octets; /* * Initialize pointers and read the timecode and timestamp. @@ -267,7 +268,7 @@ as2201_receive( if ((int)(up->lastptr - up->stats + pp->lencode) > SMAX - 2) return; *up->lastptr++ = ' '; - (void)strcpy(up->lastptr, pp->a_lastcode); + memcpy(up->lastptr, pp->a_lastcode, 1 + pp->lencode); up->lastptr += pp->lencode; return; } else { @@ -328,13 +329,17 @@ as2201_receive( * send the next command. If not, simply write the timecode to * the clockstats file. */ + if ((int)(up->lastptr - up->stats + pp->lencode) > SMAX - 2) + return; (void)strcpy(up->lastptr, pp->a_lastcode); up->lastptr += pp->lencode; if (pp->sloppyclockflag & CLK_FLAG4) { + octets = strlen(stat_command[up->index]); + if ((int)(up->lastptr - up->stats + octets) > SMAX - 2) + return; *up->lastptr++ = ' '; - (void)strcpy(up->lastptr, stat_command[up->index]); - up->lastptr += strlen(stat_command[up->index]); - up->lastptr--; + memcpy(up->lastptr, stat_command[up->index], octets); + up->lastptr += octets - 1; *up->lastptr = '\0'; (void)write(pp->io.fd, stat_command[up->index], strlen(stat_command[up->index])); diff --git a/ntpd/refclock_chu.c b/ntpd/refclock_chu.c index ca14dc600..c14bc71cd 100644 --- a/ntpd/refclock_chu.c +++ b/ntpd/refclock_chu.c @@ -527,7 +527,7 @@ chu_start( */ peer->precision = PRECISION; pp->clockdesc = DESCRIPTION; - strcpy(up->ident, "CHU"); + strncpy(up->ident, "CHU", sizeof(up->ident)); memcpy(&pp->refid, up->ident, 4); DTOLFP(CHAR, &up->charstamp); #ifdef HAVE_AUDIO diff --git a/ntpd/refclock_hpgps.c b/ntpd/refclock_hpgps.c index 5867a1d7b..38dadfb43 100644 --- a/ntpd/refclock_hpgps.c +++ b/ntpd/refclock_hpgps.c @@ -300,7 +300,7 @@ hpgps_receive( if (up->linecnt-- > 0) { if ((int)(pp->lencode + 2) <= (SMAX - (up->lastptr - up->statscrn))) { *up->lastptr++ = '\n'; - (void)strcpy(up->lastptr, pp->a_lastcode); + memcpy(up->lastptr, pp->a_lastcode, pp->lencode); up->lastptr += pp->lencode; } if (up->linecnt == 0) @@ -333,7 +333,7 @@ hpgps_receive( * */ - (void)strcpy(prompt,pp->a_lastcode); + strncpy(prompt, pp->a_lastcode, sizeof(prompt)); tcp = strrchr(pp->a_lastcode,'>'); if (tcp == NULL) tcp = pp->a_lastcode; diff --git a/ntpd/refclock_neoclock4x.c b/ntpd/refclock_neoclock4x.c index fe6592f82..059ee4221 100644 --- a/ntpd/refclock_neoclock4x.c +++ b/ntpd/refclock_neoclock4x.c @@ -317,10 +317,10 @@ neoclock4x_start(int unit, up->leap_status = 0; up->unit = unit; - strcpy(up->firmware, "?"); + strncpy(up->firmware, "?", sizeof(up->firmware)); up->firmwaretag = '?'; - strcpy(up->serial, "?"); - strcpy(up->radiosignal, "?"); + strncpy(up->serial, "?", sizeof(up->serial)); + strncpy(up->radiosignal, "?", sizeof(up->radiosignal)); up->timesource = '?'; up->dststatus = '?'; up->quarzstatus = '?'; @@ -336,7 +336,8 @@ neoclock4x_start(int unit, #if defined(NEOCLOCK4X_FIRMWARE) #if NEOCLOCK4X_FIRMWARE == NEOCLOCK4X_FIRMWARE_VERSION_A - strcpy(up->firmware, "(c) 2002 NEOL S.A. FRANCE / L0.01 NDF:A:* (compile time)"); + strncpy(up->firmware, "(c) 2002 NEOL S.A. FRANCE / L0.01 NDF:A:* (compile time)", + sizeof(up->firmware)); up->firmwaretag = 'A'; #else msyslog(LOG_EMERG, "NeoClock4X(%d): unknown firmware defined at compile time for NeoClock4X", @@ -931,13 +932,13 @@ neol_query_firmware(int fd, if(read_errors > 5) { msyslog(LOG_ERR, "NeoClock4X(%d): can't read firmware version (timeout)", unit); - strcpy(tmpbuf, "unknown due to timeout"); + strncpy(tmpbuf, "unknown due to timeout", sizeof(tmpbuf)); break; } if(chars_read > 500) { msyslog(LOG_ERR, "NeoClock4X(%d): can't read firmware version (garbage)", unit); - strcpy(tmpbuf, "unknown due to garbage input"); + strncpy(tmpbuf, "unknown due to garbage input", sizeof(tmpbuf)); break; } if(-1 == read(fd, &c, 1)) @@ -963,7 +964,7 @@ neol_query_firmware(int fd, if(0xA9 != c) /* wait for (c) char in input stream */ continue; - strcpy(tmpbuf, "(c)"); + strncpy(tmpbuf, "(c)", sizeof(tmpbuf)); len = 3; init = 0; continue; @@ -1008,7 +1009,7 @@ neol_query_firmware(int fd, else { msyslog(LOG_ERR, "NeoClock4X(%d): can't query firmware version", unit); - strcpy(tmpbuf, "unknown error"); + strncpy(tmpbuf, "unknown error", sizeof(tmpbuf)); } strncpy(firmware, tmpbuf, maxlen); firmware[maxlen] = '\0'; diff --git a/ntpd/refclock_oncore.c b/ntpd/refclock_oncore.c index a0c78340e..1a87cd997 100644 --- a/ntpd/refclock_oncore.c +++ b/ntpd/refclock_oncore.c @@ -381,7 +381,8 @@ static int oncore_checksum_ok (u_char *, int); static void oncore_compute_dH (struct instance *); static void oncore_load_almanac (struct instance *); static void oncore_log (struct instance *, int, const char *); -static int oncore_log_f (struct instance *, int, const char *, ...); +static int oncore_log_f (struct instance *, int, const char *, ...) + __attribute__((__format__(__printf__, 3, 4))); static void oncore_print_Cb (struct instance *, u_char *); /* static void oncore_print_array (u_char *, int); */ static void oncore_print_posn (struct instance *); diff --git a/ntpd/refclock_parse.c b/ntpd/refclock_parse.c index 074922a0d..e222f88d6 100644 --- a/ntpd/refclock_parse.c +++ b/ntpd/refclock_parse.c @@ -1522,13 +1522,14 @@ mkreadable( int hex ) { + static const char ellipsis[] = "..."; char *b = buffer; char *endb = NULL; if (blen < 4) return NULL; /* don't bother with mini buffers */ - endb = buffer + blen - 4; + endb = buffer + blen - sizeof(ellipsis); blen--; /* account for '\0' */ @@ -1557,7 +1558,7 @@ mkreadable( { if (*src == '\\') { - strcpy(buffer,"\\\\"); + memcpy(buffer, "\\\\", 2); buffer += 2; blen -= 2; src++; @@ -1571,7 +1572,7 @@ mkreadable( } } if (srclen && !blen && endb) /* overflow - set last chars to ... */ - strcpy(endb, "..."); + memcpy(endb, ellipsis, sizeof(ellipsis)); } *buffer = '\0'; diff --git a/ntpd/refclock_true.c b/ntpd/refclock_true.c index e2520c0dc..632992abb 100644 --- a/ntpd/refclock_true.c +++ b/ntpd/refclock_true.c @@ -367,7 +367,7 @@ true_receive( if (rd_lencode == 0) return; pp->lencode = rd_lencode; - strcpy(pp->a_lastcode, rd_lastcode); + strncpy(pp->a_lastcode, rd_lastcode, sizeof(pp->a_lastcode)); pp->lastrec = rd_tmp; true_debug(peer, "receive(%s) [%d]\n", pp->a_lastcode, pp->lencode); diff --git a/ntpdate/ntpdate.c b/ntpdate/ntpdate.c index bd7d4869b..d126a34e3 100644 --- a/ntpdate/ntpdate.c +++ b/ntpdate/ntpdate.c @@ -1366,7 +1366,7 @@ addserver( int error; /* Service name */ char service[5]; - strcpy(service, "ntp"); + strncpy(service, "ntp", sizeof(service)); /* Get host address. Looking for UDP datagram connection. */ memset(&hints, 0, sizeof(hints)); @@ -1696,7 +1696,7 @@ init_io(void) * Open the socket */ - strcpy(service, "ntp"); + strncpy(service, "ntp", sizeof(service)); /* * Init hints addrinfo structure @@ -1706,10 +1706,10 @@ init_io(void) hints.ai_flags = AI_PASSIVE; hints.ai_socktype = SOCK_DGRAM; - if(getaddrinfo(NULL, service, &hints, &res) != 0) { - msyslog(LOG_ERR, "getaddrinfo() failed: %m"); - exit(1); - /*NOTREACHED*/ + if (getaddrinfo(NULL, service, &hints, &res) != 0) { + msyslog(LOG_ERR, "getaddrinfo() failed: %m"); + exit(1); + /*NOTREACHED*/ } #ifdef SYS_WINNT diff --git a/ntpdc/ntpdc.c b/ntpdc/ntpdc.c index e7d449b79..2de9bf67b 100644 --- a/ntpdc/ntpdc.c +++ b/ntpdc/ntpdc.c @@ -426,7 +426,7 @@ openhost( * will return an "IPv4-mapped IPv6 address" address if you * give it an IPv4 address to lookup. */ - strcpy(service, "ntp"); + strncpy(service, "ntp", sizeof(service)); memset((char *)&hints, 0, sizeof(struct addrinfo)); hints.ai_family = ai_fam_templ; hints.ai_protocol = IPPROTO_UDP; @@ -481,7 +481,7 @@ openhost( (void) closesocket(sockfd); havehost = 0; } - (void) strcpy(currenthost, temphost); + strncpy(currenthost, temphost, sizeof(currenthost)); /* port maps to the same in both families */ s_port = ((struct sockaddr_in6 *)ai->ai_addr)->sin6_port; diff --git a/ntpdc/ntpdc_ops.c b/ntpdc/ntpdc_ops.c index 4d4b3704e..9f31e565b 100644 --- a/ntpdc/ntpdc_ops.c +++ b/ntpdc/ntpdc_ops.c @@ -1786,7 +1786,7 @@ again: } if (flagstr[0] == '\0') - strcpy(flagstr, "none"); + strncpy(flagstr, "none", sizeof(flagstr)); if (!skip) fprintf(fp, "%-15.15s %-15.15s %9lu %s\n", diff --git a/ntpq/ntpq.c b/ntpq/ntpq.c index 19d540454..e0403e10f 100644 --- a/ntpq/ntpq.c +++ b/ntpq/ntpq.c @@ -595,7 +595,7 @@ openhost( (void) closesocket(sockfd); havehost = 0; } - (void) strcpy(currenthost, temphost); + strncpy(currenthost, temphost, sizeof(currenthost)); /* port maps to the same location in both families */ s_port = ((struct sockaddr_in6 *)ai->ai_addr)->sin6_port; diff --git a/ports/winnt/libntp/randfile.c b/ports/winnt/libntp/randfile.c index 5e196a825..7de80b80d 100644 --- a/ports/winnt/libntp/randfile.c +++ b/ports/winnt/libntp/randfile.c @@ -41,8 +41,7 @@ init_randfile() homedir = getenv("HOME"); if (homedir != NULL && (strlen(homedir) + 5 /* \.rnd */) < sizeof(tmp)) { - strncpy(tmp, homedir, sizeof(tmp)); - strcat(tmp, "\\.rnd"); + snprintf(tmp, sizeof(tmp), "%s\\.rnd", homedir); rf = fopen(tmp, "rb"); if (rf != NULL) { fclose(rf);