From: Sami Kerola Date: Mon, 29 Aug 2016 17:25:27 +0000 (+0100) Subject: reliability: ensure string copy results to a null determined string X-Git-Tag: v0.88~26^2~21 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a7084526dbd95e4dbadf116e0343aa3ebbd655b7;p=thirdparty%2Fmtr.git reliability: ensure string copy results to a null determined string Copying strings is much harder than it superficially looks, see reference for further information, Reference: http://meyering.net/crusade-to-eliminate-strncpy/ --- diff --git a/asn.c b/asn.c index bb2bca1..a8491c4 100644 --- a/asn.c +++ b/asn.c @@ -45,7 +45,7 @@ #include "mtr.h" #include "asn.h" - +#include "utils.h" //#define IIDEBUG #ifdef IIDEBUG @@ -138,7 +138,7 @@ static char *ipinfo_lookup(const char *domain) { txt = (char*)txtrec; pt++; - strncpy(txt, (char*) pt, txtlen); + xstrncpy(txt, (char*) pt, txtlen); txt[txtlen] = 0; if (iihash) diff --git a/curses.c b/curses.c index 1f7d634..001d3a7 100644 --- a/curses.c +++ b/curses.c @@ -60,6 +60,7 @@ #include "dns.h" #include "asn.h" #include "display.h" +#include "utils.h" #endif @@ -268,15 +269,16 @@ extern int mtr_curses_keyaction(struct mtr_ctl *ctl) } } buf[i] = '\0'; - if ( strlen( buf ) > 0 ) strcpy( ctl->fld_active, buf ); + if ( strlen( buf ) > 0 ) + xstrncpy(ctl->fld_active, buf, 2 * MAXFLD); return ActionNone; } if (tolower(c) == 'j') { if( strchr(ctl->fld_active, 'N') ) { - strcpy(ctl->fld_active, "DR AGJMXI"); /* GeoMean and jitter */ + xstrncpy(ctl->fld_active, "DR AGJMXI", 2 * MAXFLD); /* GeoMean and jitter */ } else { - strcpy(ctl->fld_active, "LS NABWV"); /* default */ + xstrncpy(ctl->fld_active, "LS NABWV", 2 * MAXFLD); /* default */ } return ActionNone; } diff --git a/mtr.c b/mtr.c index 2f6ea21..99f4cb0 100644 --- a/mtr.c +++ b/mtr.c @@ -464,7 +464,7 @@ static void parse_arg (struct mtr_ctl *ctl, int argc, char **argv) error(EXIT_FAILURE, 0, "Unknown field identifier: %c", optarg[i]); } } - strcpy ((char*)ctl->fld_active, optarg); + xstrncpy(ctl->fld_active, optarg, 2 * MAXFLD); break; case 'B': ctl->bitpattern = strtonum_or_err(optarg, "invalid argument", STRTO_INT); @@ -637,7 +637,7 @@ extern int main(int argc, char **argv) ctl.maxTTL = 30; ctl.maxUnknown = 12; ctl.tcp_timeout = 10 * 1000000; - strcpy(ctl.fld_active, "LS NABWV"); + xstrncpy(ctl.fld_active, "LS NABWV", 2 * MAXFLD); /* Get the raw sockets first thing, so we can drop to user euid immediately */ @@ -689,7 +689,7 @@ extern int main(int argc, char **argv) ctl.Hostname = names->name; // if (Hostname == NULL) Hostname = "localhost"; // no longer necessary. if (gethostname(ctl.LocalHostname, sizeof(ctl.LocalHostname))) { - strcpy(ctl.LocalHostname, "UNKNOWNHOST"); + xstrncpy(ctl.LocalHostname, "UNKNOWNHOST", sizeof(ctl.LocalHostname)); } if (net_preopen_result != 0) { diff --git a/net.c b/net.c index eb9bd5e..1227017 100644 --- a/net.c +++ b/net.c @@ -52,6 +52,7 @@ #include "net.h" #include "display.h" #include "dns.h" +#include "utils.h" static int packetsize; /* packet size used by ping */ static int spacketsize; /* packet size used by sendto */ @@ -1707,7 +1708,7 @@ static void sockaddrtop( struct sockaddr * saddr, char * strptr, size_t len ) { switch ( saddr->sa_family ) { case AF_INET: sa4 = (struct sockaddr_in *) saddr; - strncpy( strptr, inet_ntoa( sa4->sin_addr ), len - 1 ); + xstrncpy( strptr, inet_ntoa( sa4->sin_addr ), len - 1 ); strptr[ len - 1 ] = '\0'; return; #ifdef ENABLE_IPV6 diff --git a/split.c b/split.c index 7917a3f..0df27c3 100644 --- a/split.c +++ b/split.c @@ -34,6 +34,7 @@ #include "net.h" #include "split.h" +#include "utils.h" #ifdef HAVE_NCURSES # if defined(HAVE_NCURSES_H) @@ -116,7 +117,7 @@ extern void split_redraw(struct mtr_ctl *ctl) } else { printf("%d %s\n", at+1, newLine); fflush(stdout); - strcpy(Lines[at], newLine); + xstrncpy(Lines[at], newLine, MAX_LINE_SIZE); if (LineCount < (at+1)) { LineCount = at+1; } @@ -133,7 +134,7 @@ extern void split_open(void) #endif LineCount = -1; for (i=0; i