* strcpy() --> safestrncpy() in a few other random places

diff --git a/citadel/ChangeLog b/citadel/ChangeLog
index fa693039f2082ea6be9308631d9a9e8d12abe8a5..dcc1265ec2aad4f2e3335b5e3753c4dce191b066 100644 (file)
--- a/citadel/ChangeLog
+++ b/citadel/ChangeLog
@@ -1,4 +1,7 @@
  $Log$
+ Revision 607.23  2003/07/14 17:26:42  ajc
+ * strcpy() --> safestrncpy() in a few other random places
+
  Revision 607.22  2003/07/14 17:12:28  ajc
  * Replaced strcpy() with safestrcpy() in cmd_setp()
 
@@ -4862,3 +4865,4 @@ Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
 
 Fri Jul 10 1998 Art Cancro <ajc@uncensored.citadel.org>
        * Initial CVS import
+

diff --git a/citadel/room_ops.c b/citadel/room_ops.c
index e2a3310489ff1ff2a7429d1a2f788149f3bb37f6..058b3ac4503fbc94c074fc95a774551e65b5d679 100644 (file)
--- a/citadel/room_ops.c
+++ b/citadel/room_ops.c
@@ -305,7 +305,8 @@ void getfloor(struct floor *flbuf, int floor_num)
                cdb_free(cdbfl);
        } else {
                if (floor_num == 0) {
-                       strcpy(flbuf->f_name, "Main Floor");
+                       safestrncpy(flbuf->f_name, "Main Floor", 
+                               sizeof flbuf->f_name);
                        flbuf->f_flags = F_INUSE;
                        flbuf->f_ref_count = 3;
                }
@@ -750,7 +751,7 @@ void usergoto(char *where, int display_result, int transiently,
         * we can skip the extra database fetch.
         */
        if (where != NULL) {
-               strcpy(CC->room.QRname, where);
+               safestrncpy(CC->room.QRname, where, sizeof CC->room.QRname);
                getroom(&CC->room, where);
        }
 

diff --git a/citadel/user_ops.c b/citadel/user_ops.c
index cd8085cc2b85b50f3268f344df9edbe429bcdae1..4b9b00858f3a5bdf080066766adb5e4bcd2c05cd 100644 (file)
--- a/citadel/user_ops.c
+++ b/citadel/user_ops.c
@@ -365,7 +365,8 @@ int CtdlLoginExistingUser(char *trythisname)
                if (((CC->nologin)) && (CC->user.axlevel < 6)) {
                        return login_too_many_users;
                } else {
-                       strcpy(CC->curr_user, CC->user.fullname);
+                       safestrncpy(CC->curr_user, CC->user.fullname,
+                                       sizeof CC->curr_user);
                        return login_ok;
                }
        }
@@ -736,7 +737,7 @@ int create_user(char *newusername, int become_user)
        char mailboxname[ROOMNAMELEN];
        uid_t uid;
 
-       strcpy(username, newusername);
+       safestrncpy(username, newusername, sizeof username);
        strproc(username);
 
 #ifdef ENABLE_AUTOLOGIN
@@ -757,7 +758,7 @@ int create_user(char *newusername, int become_user)
 
        /* Go ahead and initialize a new user record */
        memset(&usbuf, 0, sizeof(struct ctdluser));
-       strcpy(usbuf.fullname, username);
+       safestrncpy(usbuf.fullname, username, sizeof usbuf.fullname);
        strcpy(usbuf.password, "");
        usbuf.uid = uid;
 
@@ -803,7 +804,7 @@ int create_user(char *newusername, int become_user)
        if (become_user) {
                /* Now become the user we just created */
                memcpy(&CC->user, &usbuf, sizeof(struct ctdluser));
-               strcpy(CC->curr_user, username);
+               safestrncpy(CC->curr_user, username, sizeof CC->curr_user);
                CC->logged_in = 1;
        
                /* Check to make sure we're still who we think we are */