$Log$
+ Revision 590.137 2002/03/11 05:42:46 nbryant
+ removed all references to sprintf from several files (not all files yet)
+ and replace with snprintf
+
Revision 590.136 2002/03/11 04:16:20 nbryant
warning fixes on sparc-sun-solaris2.8 with gcc 3.0.4, mostly for *printf
format strings
Fri Jul 10 1998 Art Cancro <ajc@uncensored.citadel.org>
* Initial CVS import
-
serv_gets(aaa);
if (nonce[0])
{
- sprintf(aaa, "PAS2 %s", make_apop_string(password, nonce, hexstring));
+ snprintf(aaa, sizeof aaa, "PAS2 %s", make_apop_string(password, nonce, hexstring, sizeof hexstring));
}
else /* Else no APOP */
{
if (nonce[0])
{
- sprintf(aaa, "PAS2 %s", make_apop_string(password, nonce, hexstring));
+ snprintf(aaa, sizeof aaa, "PAS2 %s", make_apop_string(password, nonce, hexstring, sizeof hexstring));
}
else /* Else no APOP */
{
- snprintf(aaa, sizeof(aaa)-1, "PASS %s", password);
+ snprintf(aaa, sizeof aaa, "PASS %s", password);
}
serv_puts(aaa);
fp = tmpfile();
if (fp == NULL) return(errno);
- sprintf(fromline, "From: someone@somewhere.org");
+ snprintf(fromline, sizeof fromline, "From: someone@somewhere.org");
while (fgets(buf, 1024, stdin) != NULL) {
fprintf(fp, "%s", buf);
if (!strncasecmp(buf, "From:", 5)) strcpy(fromline, buf);
serv_gets(buf);
if (buf[0]!='2') cleanup(1);
- sprintf(buf, "MAIL %s", fromline);
+ snprintf(buf, sizeof buf, "MAIL %s", fromline);
serv_puts(buf);
serv_gets(buf);
if (buf[0]!='2') cleanup(1);
- sprintf(buf, "RCPT To: %s", argv[1]);
+ snprintf(buf, sizeof buf, "RCPT To: %s", argv[1]);
serv_puts(buf);
serv_gets(buf);
if (buf[0]!='2') cleanup(1);
if (do_lookup) {
lprintf(9, "Looking up hostname '%s'\n", from_host);
if ((addr.s_addr = inet_addr(from_host)) != -1) {
- locate_host(CC->cs_host, &addr);
+ locate_host(CC->cs_host, sizeof CC->cs_host, &addr);
}
else {
safestrncpy(CC->cs_host, from_host, sizeof CC->cs_host);
if (!CC->is_local_socket) {
if (!getpeername(con->client_socket,
(struct sockaddr *) &sin, &len))
- locate_host(con->cs_host, &sin.sin_addr);
+ locate_host(con->cs_host, sizeof con->cs_host, &sin.sin_addr);
}
else {
strcpy(con->cs_host, "");
qstate = 1;
else
qstate = 0;
- sprintf(buf, "DEXP %d", qstate);
+ snprintf(buf, sizeof buf, "DEXP %d", qstate);
serv_puts(buf);
serv_gets(buf);
if (buf[0] != '2') {
#define PWFILENAME "%s/.citadel.passwords"
-void determine_pwfilename(char *pwfile) {
+static void determine_pwfilename(char *pwfile, size_t n) {
struct passwd *p;
p = getpwuid(getuid());
if (p == NULL) strcpy(pwfile, "");
- sprintf(pwfile, PWFILENAME, p->pw_dir);
+ snprintf(pwfile, n, PWFILENAME, p->pw_dir);
}
strcpy(username, "");
strcpy(password, "");
- determine_pwfilename(pwfile);
+ determine_pwfilename(pwfile, sizeof pwfile);
if (strlen(pwfile)==0) return;
fp = fopen(pwfile, "r");
char buf64[SIZ];
char hostbuf[SIZ], portbuf[SIZ], ubuf[SIZ], pbuf[SIZ];
- determine_pwfilename(pwfile);
+ determine_pwfilename(pwfile, sizeof pwfile);
if (strlen(pwfile)==0) return;
oldfp = fopen(pwfile, "r");
if ( (strcasecmp(hostbuf, host))
|| (strcasecmp(portbuf, port)) ) {
- sprintf(buf, "%s|%s|%s|%s|",
+ snprintf(buf, sizeof buf, "%s|%s|%s|%s|",
hostbuf, portbuf, ubuf, pbuf);
encode_base64(buf64, buf);
fprintf(fp, "%s\n", buf64);
}
}
if (strlen(username) > 0) {
- sprintf(buf, "%s|%s|%s|%s|",
+ snprintf(buf, sizeof buf, "%s|%s|%s|%s|",
host, port, username, password);
encode_base64(buf64, buf);
fprintf(fp, "%s\n", buf64);
/* Arbitrary names for our tables -- we reference them by
* number, so we don't have string names for them.
*/
- sprintf(dbfilename, "cdb.%02x", i);
+ snprintf(dbfilename, sizeof dbfilename, "cdb.%02x", i);
ret = dbp[i]->open(dbp[i],
dbfilename,
if (sockpath != NULL) {
newfcn->msock = ig_uds_server(sockpath, config.c_maxsessions);
- sprintf(message, "Unix domain socket '%s': ", sockpath);
+ snprintf(message, sizeof message, "Unix domain socket '%s': ", sockpath);
}
else if (tcp_port <= 0) { /* port -1 to disable */
lprintf(7, "Service has been manually disabled, skipping\n");
}
else {
newfcn->msock = ig_tcp_server(tcp_port, config.c_maxsessions);
- sprintf(message, "TCP port %d: ", tcp_port);
+ snprintf(message, sizeof message, "TCP port %d: ", tcp_port);
}
if (newfcn->msock > 0) {
}
/* put together an upload notice */
- sprintf(upload_notice,
+ snprintf(upload_notice, sizeof upload_notice,
"NEW UPLOAD: '%s'\n %s\n",
CC->upl_file, CC->upl_comment);
quickie_message(CC->curr_user, NULL, CC->quickroom.QRname,
* Supplied with a unix timestamp, generate an RFC822-compliant textual
* time and date stamp.
*/
-void datestring(char *buf, time_t xtime, int which_format) {
+void datestring(char *buf, size_t n, time_t xtime, int which_format) {
struct tm *t;
long offset;
switch(which_format) {
case DATESTRING_RFC822:
- sprintf(buf, "%s, %02d %s %04d %02d:%02d:%02d %c%04ld",
+ snprintf(buf, n, "%s, %02d %s %04d %02d:%02d:%02d %c%04ld",
weekdays[t->tm_wday],
t->tm_mday,
months[t->tm_mon],
break;
case DATESTRING_IMAP:
- sprintf(buf, "%02d-%s-%04d %02d:%02d:%02d %c%04ld",
+ snprintf(buf, n, "%02d-%s-%04d %02d:%02d:%02d %c%04ld",
t->tm_mday,
months[t->tm_mon],
t->tm_year + 1900,
*
*/
-void datestring(char *buf, time_t xtime, int which_format);
+void datestring(char *buf, size_t n, time_t xtime, int which_format);
enum {
DATESTRING_RFC822,
msgdate = time(NULL);
}
- datestring(buf, msgdate, DATESTRING_IMAP);
+ datestring(buf, sizeof buf, msgdate, DATESTRING_IMAP);
cprintf("INTERNALDATE \"%s\"", buf);
}
fwrite(content, length, 1, imfp->output_fp);
}
- sprintf(mbuf2, "%s.MIME", partnum);
+ snprintf(mbuf2, sizeof mbuf2, "%s.MIME", partnum);
if (!strcasecmp(imfp->desired_section, mbuf2)) {
fprintf(imfp->output_fp, "Content-type: %s", cbtype);
else {
msgdate = time(NULL);
}
- datestring(datestringbuf, msgdate, DATESTRING_IMAP);
+ datestring(datestringbuf, sizeof datestringbuf, msgdate, DATESTRING_IMAP);
/* Now start spewing data fields. The order is important, as it is
* defined by the protocol specification. Nonexistent fields must
extract_token(lostr, setstr, 0, ':');
if (num_tokens(setstr, ':') >= 2) {
extract_token(histr, setstr, 1, ':');
- if (!strcmp(histr, "*")) sprintf(histr, "%d", INT_MAX);
+ if (!strcmp(histr, "*")) snprintf(histr, sizeof histr, "%d", INT_MAX);
}
else {
strcpy(histr, lostr);
struct ExpressMessage *ptr, *holdptr;
char *dumpomatic = NULL;
int i;
+ size_t size, size2;
if (CC->FirstExpressMessage == NULL) {
return;
end_critical_section(S_SESSION_TABLE);
while (ptr != NULL) {
- dumpomatic = mallok(strlen(ptr->text) + SIZ);
+ size = strlen(ptr->text) + SIZ;
+ dumpomatic = mallok(size);
strcpy(dumpomatic, "");
if (ptr->flags && EM_BROADCAST)
strcat(dumpomatic, "Broadcast message ");
strcat(dumpomatic, "Please logoff now, as requested ");
else
strcat(dumpomatic, "Message ");
- sprintf(&dumpomatic[strlen(dumpomatic)],
+
+ size2 = strlen(dumpomatic);
+ snprintf(&dumpomatic[size2], size - size2,
"from %s:\n", ptr->sender);
if (ptr->text != NULL)
strcat(dumpomatic, ptr->text);
/* If we're using a unix domain socket we can do a bunch of stuff */
if (!strcmp(cithost, UDS)) {
- sprintf(sockpath, "citadel.socket");
+ snprintf(sockpath, sizeof sockpath, "citadel.socket");
serv_sock = uds_connectsock(sockpath);
if (hostbuf != NULL) strcpy(hostbuf, cithost);
if (portbuf != NULL) strcpy(portbuf, sockpath);
#include "config.h"
#include "tools.h"
-void locate_host(char *tbuf, const struct in_addr *addr)
+void locate_host(char *tbuf, size_t n, const struct in_addr *addr)
{
struct hostent *ch;
char *i;
a2 = ((*i++) & 0xff);
a3 = ((*i++) & 0xff);
a4 = ((*i++) & 0xff);
- sprintf(tbuf, "%d.%d.%d.%d", a1, a2, a3, a4);
+ snprintf(tbuf, n, "%d.%d.%d.%d", a1, a2, a3, a4);
goto end; /* because we might need to end the critical
section */
}
/* $Id$ */
-void locate_host(char *tbuf, const struct in_addr *addr);
+void locate_host(char *tbuf, size_t n, const struct in_addr *addr);
* md5 string
*/
-char *make_apop_string(char *realpass, char *nonce, char *buffer)
+char *make_apop_string(char *realpass, char *nonce, char *buffer, size_t n)
{
struct MD5Context ctx;
u_char rawdigest[MD5_DIGEST_LEN];
MD5Final(rawdigest, &ctx);
for (i=0; i<MD5_DIGEST_LEN; i++)
{
- sprintf(&buffer[i*2], "%02X", (unsigned char) (rawdigest[i] & 0xff));
+ snprintf(&buffer[i*2], n - i*2, "%02X", (unsigned char) (rawdigest[i] & 0xff));
buffer[i*2] = tolower(buffer[i*2]);
buffer[(i*2)+1] = tolower(buffer[(i*2)+1]);
}
unsigned len);
void MD5Final(unsigned char digest[16], struct MD5Context *context);
void MD5Transform(cit_uint32_t buf[4], cit_uint32_t const in[16]);
-char *make_apop_string(char *realpass, char *nonce, char *buffer);
+char *make_apop_string(char *realpass, char *nonce, char *buffer, size_t n);
/*
* This is needed to make RSAREF happy on some MS-DOS compilers.
sigcaught = 0;
sttybbs(1);
- sprintf(buf, "MSG0 %ld|%d", num, (pagin == READ_HEADER ? 1 : 0));
+ snprintf(buf, sizeof buf, "MSG0 %ld|%d", num, (pagin == READ_HEADER ? 1 : 0));
serv_puts(buf);
serv_gets(buf);
if (buf[0] != '1') {
header[0] = 0;
if (room_flags & QR_ANONONLY && !recipient) {
- sprintf(&header[strlen(header)], " ****");
+ snprintf(header, sizeof header, " ****");
}
else {
- sprintf(&header[strlen(header)],
+ snprintf(header, sizeof header,
" %s from %s", datestr, fullname);
if (strlen(recipient) > 0) {
- sprintf(&header[strlen(header)],
+ size_t tmp = strlen(header);
+ snprintf(&header[tmp], sizeof header - tmp,
" to %s", recipient);
}
}
* First, check to see if we have permission to enter a message in
* this room. The server will return an error code if we can't.
*/
- sprintf(cmd, "ENT0 0||0|%d", mode);
+ snprintf(cmd, sizeof cmd, "ENT0 0||0|%d", mode);
serv_puts(cmd);
serv_gets(cmd);
/* If it's mail, we've got to check the validity of the recipient... */
if (strlen(buf) > 0) {
- sprintf(cmd, "ENT0 0|%s|%d|%d|%s", buf, b, mode, subject);
+ snprintf(cmd, sizeof cmd, "ENT0 0|%s|%d|%d|%s", buf, b, mode, subject);
serv_puts(cmd);
serv_gets(cmd);
if (cmd[0] != '2') {
}
/* Transmit message to the server */
- sprintf(cmd, "ENT0 1|%s|%d|%d|%s|", buf, b, mode, subject);
+ snprintf(cmd, sizeof cmd, "ENT0 1|%s|%d|%d|%s|", buf, b, mode, subject);
serv_puts(cmd);
serv_gets(cmd);
if (cmd[0] != '4') {
if ((i = num_urls) != 1)
i = intprompt("Display which one", 1, 1, num_urls);
- sprintf(cmd, rc_url_cmd, urls[i - 1]);
+ snprintf(cmd, sizeof cmd, rc_url_cmd, urls[i - 1]);
system(cmd);
scr_printf("\n");
}
strcat(cmd, "OLD");
break;
case 3:
- sprintf(&cmd[strlen(cmd)], "LAST|%d", q);
+ snprintf(&cmd[5], sizeof cmd - 5, "LAST|%d", q);
break;
}
serv_puts(cmd);
newprompt("Enter target room: ",
targ, ROOMNAMELEN - 1);
if (strlen(targ) > 0) {
- sprintf(cmd, "MOVE %ld|%s|%d",
+ snprintf(cmd, sizeof cmd, "MOVE %ld|%s|%d",
msg_arr[a], targ,
(e == 'c' ? 1 : 0));
serv_puts(cmd);
case 'd':
scr_printf("*** Delete this message? ");
if (yesno() == 1) {
- sprintf(cmd, "DELE %ld", msg_arr[a]);
+ snprintf(cmd, sizeof cmd, "DELE %ld", msg_arr[a]);
serv_puts(cmd);
serv_gets(cmd);
scr_printf("%s\n", &cmd[4]);
char buf[SIZ];
int founda = 0;
- sprintf(buf, "MSG0 %ld|%d", msg_arr[finda], 1); /* read the header so we can get 'from=' */
+ snprintf(buf, sizeof buf, "MSG0 %ld|%d", msg_arr[finda], 1); /* read the header so we can get 'from=' */
serv_puts(buf);
serv_gets(buf);
while (serv_gets(buf), strcmp(buf, "000"))
char read_cmd[64];
char write_cmd[64];
- sprintf(desc, "system message '%s'", which_message);
- sprintf(read_cmd, "MESG %s", which_message);
- sprintf(write_cmd, "EMSG %s", which_message);
+ snprintf(desc, sizeof desc, "system message '%s'", which_message);
+ snprintf(read_cmd, sizeof read_cmd, "MESG %s", which_message);
+ snprintf(write_cmd, sizeof write_cmd, "EMSG %s", which_message);
do_edit(desc, read_cmd, "NOOP", write_cmd);
}
logoff(atoi(buf));
}
- sprintf(buf, "IPGM %d", config.c_ipgm_secret);
+ snprintf(buf, sizeof buf, "IPGM %d", config.c_ipgm_secret);
serv_puts(buf);
serv_gets(buf);
fprintf(stderr, "%s\n", &buf[4]);
fprintf(nodefp, "%s|", buf);
printf("Enter host name/IP : ");
gets(buf);
- if (buf[0] == 0) sprintf(buf, "%s.citadel.org",
+ if (buf[0] == 0) snprintf(buf, sizeof buf, "%s.citadel.org",
d->d_name);
fprintf(nodefp, "%s|", buf);
printf("Enter port number : ");
/* Set up the node table */
printf("Creating neighbor node table\n");
- sprintf(buf, "CONF putsys|%s", IGNETCFG);
+ snprintf(buf, sizeof buf, "CONF putsys|%s", IGNETCFG);
serv_puts(buf);
serv_gets(buf);
if (buf[0] == '4') {
/* Now go through the table looking for node names to enter */
- sprintf(buf, "cat %s |awk -F \"|\" '{ print $2 }' |sort -f |uniq -i",
+ snprintf(buf, sizeof buf, "cat %s |awk -F \"|\" '{ print $2 }' |sort -f |uniq -i",
roomfilename);
roomfp = popen(buf, "r");
if (roomfp == NULL) {
while (mn != NULL) {
printf("Room <%s>\n", mn->roomname);
- sprintf(buf, "GOTO %s", mn->roomname);
+ snprintf(buf, sizeof buf, "GOTO %s", mn->roomname);
serv_puts(buf);
serv_gets(buf);
printf("%s\n", &buf[4]);
serv_gets(buf);
if (buf[0] != '4') goto roomerror;
- sprintf(buf, "lastsent|%ld", highest);
+ snprintf(buf, sizeof buf, "lastsent|%ld", highest);
serv_puts(buf);
roomfp = fopen(roomfilename, "r");
extract(node, buf, 0);
extract(room, buf, 1);
if (!strcasecmp(room, mn->roomname)) {
- sprintf(buf,
+ snprintf(buf, sizeof buf,
"ignet_push_share|%s", node);
serv_puts(buf);
}
else if (i == 'R')
cprintf("To: %s%s", mptr, nl);
else if (i == 'T') {
- datestring(datestamp, atol(mptr),
+ datestring(datestamp, sizeof datestamp, atol(mptr),
DATESTRING_RFC822 );
cprintf("Date: %s%s", datestamp, nl);
}
return;
}
- make_apop_string(CC->usersupp.password, CC->cs_nonce, hexstring);
+ make_apop_string(CC->usersupp.password, CC->cs_nonce, hexstring, sizeof hexstring);
if (!strcmp(hexstring, pw))
{
return;
}
- make_apop_string(CC->usersupp.password, CC->cs_nonce, realdigest);
+ make_apop_string(CC->usersupp.password, CC->cs_nonce, realdigest, sizeof realdigest);
if (!strncasecmp(realdigest, userdigest, MD5_HEXSTRING_SIZE-1))
{
do_login();
cprintf("354 Transmit message now; terminate with '.' by itself\r\n");
- datestring(nowstamp, time(NULL), DATESTRING_RFC822);
+ datestring(nowstamp, sizeof nowstamp, time(NULL), DATESTRING_RFC822);
body = mallok(4096);
/* FIXME