char *ignetcfg = NULL;
char *ignetmap = NULL;
int at = 0;
- char node[SIZ];
- char testnode[SIZ];
+ char node[64];
+ char testnode[64];
char buf[SIZ];
striplt(name);
remove_any_whitespace_to_the_left_or_right_of_at_symbol(name);
/* figure out the delivery mode */
- extract_token(node, name, 1, '@');
+ extract_token(node, name, 1, '@', sizeof node);
/* If there are one or more dots in the nodename, we assume that it
* is an FQDN and will attempt SMTP delivery to the Internet.
*/
ignetcfg = CtdlGetSysConfig(IGNETCFG);
for (i=0; i<num_tokens(ignetcfg, '\n'); ++i) {
- extract_token(buf, ignetcfg, i, '\n');
- extract_token(testnode, buf, 0, '|');
+ extract_token(buf, ignetcfg, i, '\n', sizeof buf);
+ extract_token(testnode, buf, 0, '|', sizeof testnode);
if (!strcasecmp(node, testnode)) {
free(ignetcfg);
return(MES_IGNET);
*/
ignetmap = CtdlGetSysConfig(IGNETMAP);
for (i=0; i<num_tokens(ignetmap, '\n'); ++i) {
- extract_token(buf, ignetmap, i, '\n');
- extract_token(testnode, buf, 0, '|');
+ extract_token(buf, ignetmap, i, '\n', sizeof buf);
+ extract_token(testnode, buf, 0, '|', sizeof testnode);
if (!strcasecmp(node, testnode)) {
free(ignetmap);
return(MES_IGNET);
int with_template = 0;
struct CtdlMessage *template = NULL;
- extract(which, cmdbuf, 0);
+ extract_token(which, cmdbuf, 0, '|', sizeof which);
cm_ref = extract_int(cmdbuf, 1);
with_template = extract_int(cmdbuf, 2);
malloc(sizeof(struct CtdlMessage));
memset(template, 0, sizeof(struct CtdlMessage));
while(client_getln(buf, sizeof buf), strcmp(buf,"000")) {
- extract(tfield, buf, 0);
- extract(tvalue, buf, 1);
+ extract_token(tfield, buf, 0, '|', sizeof tfield);
+ extract_token(tvalue, buf, 1, '|', sizeof tvalue);
for (i='A'; i<='Z'; ++i) if (msgkeys[i]!=NULL) {
if (!strcasecmp(tfield, msgkeys[i])) {
template->cm_fields[i] =
struct cdbdata *dmsgtext;
struct CtdlMessage *ret = NULL;
char *mptr;
+ char *upper_bound;
cit_uint8_t ch;
cit_uint8_t field_header;
- size_t field_length;
lprintf(CTDL_DEBUG, "CtdlFetchMessage(%ld, %d)\n", msgnum, with_body);
return NULL;
}
mptr = dmsgtext->ptr;
+ upper_bound = mptr + dmsgtext->len;
/* Parse the three bytes that begin EVERY message on disk.
* The first is always 0xFF, the on-disk magic number.
* have just processed the 'M' (message text) field.
*/
do {
- field_length = strlen(mptr);
- if (field_length == 0)
+ if (mptr >= upper_bound) {
break;
+ }
field_header = *mptr++;
- ret->cm_fields[field_header] = malloc(field_length + 1);
- strcpy(ret->cm_fields[field_header], mptr);
+ ret->cm_fields[field_header] = strdup(mptr);
while (*mptr++ != 0); /* advance to next field */
- } while ((field_length > 0) && (field_header != 'M'));
+ } while ((mptr < upper_bound) && (field_header != 'M'));
cdb_free(dmsgtext);
void *content, char *cbtype, size_t length, char *encoding,
void *cbuserdata)
{
- char buf[SIZ];
+ char buf[1024];
int i;
struct ma_info *ma;
if (ma->is_ma > 0) {
for (i=0; i<num_tokens(CC->preferred_formats, '|'); ++i) {
- extract(buf, CC->preferred_formats, i);
+ extract_token(buf, CC->preferred_formats, i, '|', sizeof buf);
if (!strcasecmp(buf, cbtype)) {
strcpy(ma->chosen_part, partnum);
}
* list, we can simply output it verbatim.
*/
for (i=0; i<num_tokens(CC->preferred_formats, '|'); ++i) {
- extract(buf, CC->preferred_formats, i);
+ extract_token(buf, CC->preferred_formats, i, '|', sizeof buf);
if (!strcasecmp(buf, cbtype)) {
/* Yeah! Go! W00t!! */
int i, k;
char buf[SIZ];
cit_uint8_t ch;
- char allkeys[SIZ];
- char display_name[SIZ];
+ char allkeys[30];
+ char display_name[256];
char *mptr;
char *nl; /* newline string */
int suppress_f = 0;
int subject_found = 0;
struct ma_info *ma;
- /* buffers needed for RFC822 translation */
- char suser[SIZ];
- char luser[SIZ];
- char fuser[SIZ];
- char snode[SIZ];
- char lnode[SIZ];
- char mid[SIZ];
- char datestamp[SIZ];
- /* */
+ /* Buffers needed for RFC822 translation. These are all filled
+ * using functions that are bounds-checked, and therefore we can
+ * make them substantially smaller than SIZ.
+ */
+ char suser[100];
+ char luser[100];
+ char fuser[100];
+ char snode[100];
+ char lnode[100];
+ char mid[100];
+ char datestamp[100];
lprintf(CTDL_DEBUG, "CtdlOutputPreLoadedMsg(TheMessage=%s, %ld, %d, %d, %d, %d\n",
((TheMessage == NULL) ? "NULL" : "not null"),
if ((mode == MT_CITADEL) || (mode == MT_MIME)) {
- strcpy(display_name, "<unknown>");
+ safestrncpy(display_name, "<unknown>", sizeof display_name);
if (TheMessage->cm_fields['A']) {
strcpy(buf, TheMessage->cm_fields['A']);
if (TheMessage->cm_anon_type == MES_ANONONLY) {
- strcpy(display_name, "****");
+ safestrncpy(display_name, "****", sizeof display_name);
}
else if (TheMessage->cm_anon_type == MES_ANONOPT) {
- strcpy(display_name, "anonymous");
+ safestrncpy(display_name, "anonymous", sizeof display_name);
}
else {
- strcpy(display_name, buf);
+ safestrncpy(display_name, buf, sizeof display_name);
}
if ((is_room_aide())
&& ((TheMessage->cm_anon_type == MES_ANONONLY)
}
/* Now spew the header fields in the order we like them. */
- strcpy(allkeys, FORDER);
+ safestrncpy(allkeys, FORDER, sizeof allkeys);
for (i=0; i<strlen(allkeys); ++i) {
k = (int) allkeys[i];
if (k != 'M') {
void cmd_opna(char *cmdbuf)
{
long msgid;
- char desired_section[SIZ];
+ char desired_section[128];
msgid = extract_long(cmdbuf, 0);
- extract(desired_section, cmdbuf, 1);
+ extract_token(desired_section, cmdbuf, 1, '|', sizeof desired_section);
safestrncpy(CC->download_desired_section, desired_section, sizeof CC->download_desired_section);
-
CtdlOutputMsg(msgid, MT_DOWNLOAD, 0, 1, 1);
}
long send_message(struct CtdlMessage *msg) {
long newmsgid;
long retval;
- char msgidbuf[SIZ];
+ char msgidbuf[256];
struct ser_ret smr;
int is_bigmsg = 0;
char *holdM = NULL;
struct recptypes *recps, /* recipients (if mail) */
char *force /* force a particular room? */
) {
- char aaa[SIZ];
+ char submit_filename[128];
+ char generated_timestamp[32];
char hold_rm[ROOMNAMELEN];
char actual_rm[ROOMNAMELEN];
char force_room[ROOMNAMELEN];
*/
if (msg->cm_fields['T'] == NULL) {
lprintf(CTDL_DEBUG, "Generating timestamp\n");
- snprintf(aaa, sizeof aaa, "%ld", (long)time(NULL));
- msg->cm_fields['T'] = strdup(aaa);
+ snprintf(generated_timestamp, sizeof generated_timestamp, "%ld", (long)time(NULL));
+ msg->cm_fields['T'] = strdup(generated_timestamp);
}
/* If this message has no path, we generate one.
if (recps != NULL)
if (recps->num_room > 0)
for (i=0; i<num_tokens(recps->recp_room, '|'); ++i) {
- extract(recipient, recps->recp_room, i);
+ extract_token(recipient, recps->recp_room, i, '|', sizeof recipient);
lprintf(CTDL_DEBUG, "Delivering to local room <%s>\n", recipient);
CtdlSaveMsgPointerInRoom(recipient, newmsgid, 0);
}
if (recps != NULL)
if (recps->num_local > 0)
for (i=0; i<num_tokens(recps->recp_local, '|'); ++i) {
- extract(recipient, recps->recp_local, i);
+ extract_token(recipient, recps->recp_local, i, '|', sizeof recipient);
lprintf(CTDL_DEBUG, "Delivering private local mail to <%s>\n",
recipient);
if (getuser(&userbuf, recipient) == 0) {
if (recps != NULL)
if (recps->num_ignet > 0)
for (i=0; i<num_tokens(recps->recp_ignet, '|'); ++i) {
- extract(recipient, recps->recp_ignet, i);
+ extract_token(recipient, recps->recp_ignet, i, '|', sizeof recipient);
hold_R = msg->cm_fields['R'];
hold_D = msg->cm_fields['D'];
msg->cm_fields['R'] = malloc(SIZ);
- msg->cm_fields['D'] = malloc(SIZ);
- extract_token(msg->cm_fields['R'], recipient, 0, '@');
- extract_token(msg->cm_fields['D'], recipient, 1, '@');
+ msg->cm_fields['D'] = malloc(128);
+ extract_token(msg->cm_fields['R'], recipient, 0, '@', SIZ);
+ extract_token(msg->cm_fields['D'], recipient, 1, '@', 128);
serialize_message(&smr, msg);
if (smr.len > 0) {
- snprintf(aaa, sizeof aaa,
+ snprintf(submit_filename, sizeof submit_filename,
"./network/spoolin/netmail.%04lx.%04x.%04x",
(long) getpid(), CC->cs_pid, ++seqnum);
- network_fp = fopen(aaa, "wb+");
+ network_fp = fopen(submit_filename, "wb+");
if (network_fp != NULL) {
fwrite(smr.ser, smr.len, 1, network_fp);
fclose(network_fp);
for (i=0; i<num_tokens(recps->recp_internet, '|'); ++i) {
size_t tmp = strlen(instr);
- extract(recipient, recps->recp_internet, i);
+ extract_token(recipient, recps->recp_internet, i, '|', sizeof recipient);
snprintf(&instr[tmp], SIZ * 2 - tmp,
"remote|%s|0||\n", recipient);
}
exist is ALWAYS freed */
int crlf /* CRLF newlines instead of LF */
) {
- char buf[SIZ];
+ char buf[1024];
int linelen;
size_t message_len = 0;
size_t buffer_len = 0;
/* read in the lines of message text one by one */
do {
- if (client_getln(buf, sizeof buf) < 1) finished = 1;
+ if (client_getln(buf, (sizeof buf - 3)) < 1) finished = 1;
if (!strcmp(buf, terminator)) finished = 1;
if (crlf) {
strcat(buf, "\r\n");
}
if (num_recps > 0) for (i=0; i<num_recps; ++i) {
- extract_token(this_recp, recipients, i, ',');
+ extract_token(this_recp, recipients, i, ',', sizeof this_recp);
striplt(this_recp);
lprintf(CTDL_DEBUG, "Evaluating recipient #%d <%s>\n", i, this_recp);
mailtype = alias(this_recp);
unbuffer_output();
post = extract_int(entargs, 0);
- extract(recp, entargs, 1);
+ extract_token(recp, entargs, 1, '|', sizeof recp);
anon_flag = extract_int(entargs, 2);
format_type = extract_int(entargs, 3);
- extract(subject, entargs, 4);
+ extract_token(subject, entargs, 4, '|', sizeof subject);
do_confirm = extract_int(entargs, 6);
/* first check to make sure the request is valid. */
ERROR + HIGHER_ACCESS_REQUIRED);
return;
}
- extract(newusername, entargs, 5);
+ extract_token(newusername, entargs, 5, '|', sizeof newusername);
memset(CC->fake_postname, 0, sizeof(CC->fake_postname) );
safestrncpy(CC->fake_postname, newusername,
sizeof(CC->fake_postname) );
void cmd_move(char *args)
{
long num;
- char targ[SIZ];
+ char targ[ROOMNAMELEN];
struct ctdlroom qtemp;
int err;
int is_copy = 0;
int permit = 0;
num = extract_long(args, 0);
- extract(targ, args, 1);
+ extract_token(targ, args, 1, '|', sizeof targ);
targ[ROOMNAMELEN - 1] = 0;
is_copy = extract_int(args, 2);
getroom(&CC->room, hold_rm);
if (conf != NULL) do {
- extract_token(buf, conf, 0, '\n');
+ extract_token(buf, conf, 0, '\n', sizeof buf);
strcpy(conf, &conf[strlen(buf)+1]);
} while ( (strlen(conf)>0) && (strlen(buf)>0) );
/*
* Determine whether a given Internet address belongs to the current user
*/
-int CtdlIsMe(char *addr) {
+int CtdlIsMe(char *addr, int addr_buf_len)
+{
struct recptypes *recp;
int i;
}
for (i=0; i<recp->num_local; ++i) {
- extract(addr, recp->recp_local, i);
+ extract_token(addr, recp->recp_local, i, '|', addr_buf_len);
if (!strcasecmp(addr, CC->user.fullname)) {
free(recp);
return(1);
* Citadel protocol command to do the same
*/
void cmd_isme(char *argbuf) {
- char addr[SIZ];
+ char addr[256];
if (CtdlAccessCheck(ac_logged_in)) return;
- extract(addr, argbuf, 0);
+ extract_token(addr, argbuf, 0, '|', sizeof addr);
- if (CtdlIsMe(addr)) {
+ if (CtdlIsMe(addr, sizeof addr)) {
cprintf("%d %s\n", CIT_OK, addr);
}
else {