* Use safestrncpy() instead of strncpy() where appropriate

* Fixed a memory allocation bug in the vCard parser

diff --git a/webcit/ChangeLog b/webcit/ChangeLog
index 5a6d027af3f9035d7b5cb4e64791b03df72ed9f8..847f34c2c020fddb5e24404c6aa3996053b2a7f5 100644 (file)
--- a/webcit/ChangeLog
+++ b/webcit/ChangeLog
@@ -1,4 +1,8 @@
 $Log$
+Revision 323.39  2002/06/15 20:34:39  ajc
+* Use safestrncpy() instead of strncpy() where appropriate
+* Fixed a memory allocation bug in the vCard parser
+
 Revision 323.38  2002/05/23 03:40:05  ajc
 * Brought over a utility function I'll need later
 
@@ -831,4 +835,3 @@ Sun Dec  6 19:50:55 EST 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
 
 1998-12-03 Nathan Bryant <bryant@cs.usm.maine.edu>
        * webserver.c: warning fix
-

diff --git a/webcit/locate_host.c b/webcit/locate_host.c
index 68715d49f898a02c18bd147f09f192e66ba9dc16..fce39363afd63d96a5d95bd23bef8598be6658e9 100644 (file)
--- a/webcit/locate_host.c
+++ b/webcit/locate_host.c
@@ -50,6 +50,6 @@ void locate_host(char *tbuf, int client_socket)
                sprintf(tbuf, "%d.%d.%d.%d", a1, a2, a3, a4);
                return;
        }
-       strncpy(tbuf, ch->h_name, 64);
+       safestrncpy(tbuf, ch->h_name, 64);
        tbuf[63] = 0;
 }

diff --git a/webcit/messages.c b/webcit/messages.c
index 198cc4b58acd6df14fdcf2875f7f2521106408ad..d70184a2e206e3e4cf9afdeb08705e1b8e52ebc4 100644 (file)
--- a/webcit/messages.c
+++ b/webcit/messages.c
@@ -69,11 +69,10 @@ char buf[];
                        end = pos;
        }
 
-       strncpy(urlbuf, &buf[start], end - start);
+       safestrncpy(urlbuf, &buf[start], end - start);
        urlbuf[end - start] = 0;
 
-
-       strncpy(outbuf, buf, start);
+       safestrncpy(outbuf, buf, start);
        sprintf(&outbuf[start], "%cA HREF=%c%s%c TARGET=%c%s%c%c%s%c/A%c",
                LB, QU, urlbuf, QU, QU, TARGET, QU, RB, urlbuf, LB, RB);
        strcat(outbuf, &buf[end]);

diff --git a/webcit/snprintf.c b/webcit/snprintf.c
index 7db792c20827fea32b19e8a5dbd3fa51f3549dd2..7c8f2b92cd4bb008465b20d0f983b1654c36d600 100644 (file)
--- a/webcit/snprintf.c
+++ b/webcit/snprintf.c
@@ -57,7 +57,7 @@ int vsnprintf(char *buf, size_t max, const char *fmt, va_list argp)
        if ((size = vsprintf(p, fmt, argp)) >= max)
                size = -1;
 
-       strncpy(buf, p, max);
+       safestrncpy(buf, p, max);
        buf[max - 1] = 0;
        free(p);
        return size;

diff --git a/webcit/subst.c b/webcit/subst.c
index 095e414a169769cff408e12d16ff40b2d68a877f..f5014eb504334974f76562dcba315853ebfe7576 100644 (file)
--- a/webcit/subst.c
+++ b/webcit/subst.c
@@ -183,7 +183,7 @@ void do_template(void *templatename) {
                                strcpy(inbuf, "");
                        }
                        else {
-                               strncpy(outbuf, inbuf, pos);
+                               safestrncpy(outbuf, inbuf, pos);
                                outbuf[pos] = 0;
                                wprintf("%s", outbuf);
                                strcpy(inbuf, &inbuf[pos]);
@@ -191,7 +191,7 @@ void do_template(void *templatename) {
                                for (i=strlen(inbuf); i>=0; --i) {
                                        if (inbuf[i]=='>') pos = i;
                                }
-                               strncpy(key, &inbuf[2], pos-2);
+                               safestrncpy(key, &inbuf[2], pos-2);
                                key[pos-2] = 0;
                                print_value_of(key);
                                strcpy(inbuf, &inbuf[pos+1]);

diff --git a/webcit/tcp_sockets.c b/webcit/tcp_sockets.c
index 9c32b71588a744752ec4fea7101838e329ad309f..bb20bbd2ff1d91622e2b1b88cf2f5a1971bb8596 100644 (file)
--- a/webcit/tcp_sockets.c
+++ b/webcit/tcp_sockets.c
@@ -54,7 +54,7 @@ int uds_connectsock(char *sockpath)
 
        memset(&addr, 0, sizeof(addr));
        addr.sun_family = AF_UNIX;
-       strncpy(addr.sun_path, sockpath, sizeof addr.sun_path);
+       safestrncpy(addr.sun_path, sockpath, sizeof addr.sun_path);
 
        s = socket(AF_UNIX, SOCK_STREAM, 0);
        if (s < 0) {

diff --git a/webcit/vcard.c b/webcit/vcard.c
index 362dbe6b660133a49c888cb79f130dbc1c9e5f5f..6b04215951ad358568839b0cf78bb5d6b935905f 100644 (file)
--- a/webcit/vcard.c
+++ b/webcit/vcard.c
@@ -89,12 +89,12 @@ struct vCard *vcard_load(char *vtext) {
                colonpos = pattern2(ptr, ":");
                nlpos = pattern2(ptr, "\n");
 
-               if (nlpos > colonpos > 0) {
+               if ((nlpos > colonpos) && (colonpos > 0)) {
                        namebuf = malloc(colonpos + 1);
                        valuebuf = malloc(nlpos - colonpos + 1);
-                       strncpy(namebuf, ptr, colonpos);
+                       safestrncpy(namebuf, ptr, colonpos);
                        namebuf[colonpos] = 0;
-                       strncpy(valuebuf, &ptr[colonpos+1], nlpos-colonpos-1);
+                       safestrncpy(valuebuf, &ptr[colonpos+1], nlpos-colonpos-1);
                        valuebuf[nlpos-colonpos-1] = 0;
 
                        if ( (!strcasecmp(namebuf, "end"))

diff --git a/webcit/webcit.c b/webcit/webcit.c
index bbd183813cb48cdcdc03ab7e165115b8f721ac7a..fb222755cbb6b33d30d705b101c124a3486e421e 100644 (file)
--- a/webcit/webcit.c
+++ b/webcit/webcit.c
@@ -74,7 +74,7 @@ void addurls(char *url)
        while (strlen(up) > 0) {
 
                /* locate the = sign */
-               strncpy(buf, up, 255);
+               safestrncpy(buf, up, sizeof buf);
                b = (-1);
                for (a = 255; a >= 0; --a)
                        if (buf[a] == '=')

diff --git a/webcit/webcit.h b/webcit/webcit.h
index f8cb1e5edd4c19245eb8b78f73ca291c7be2b202..516aff864f597775a281462d9e7f1344c11a4498 100644 (file)
--- a/webcit/webcit.h
+++ b/webcit/webcit.h
@@ -308,3 +308,4 @@ void get_preference(char *key, char *value);
 void set_preference(char *key, char *value);
 void knrooms(void);
 int is_msg_in_mset(char *mset, long msgnum);
+char *safestrncpy(char *dest, const char *src, size_t n);