From: Art Cancro Date: Wed, 23 Mar 2005 20:43:51 +0000 (+0000) Subject: * Began an effort to eliminate SIZ wherever possible, and use string X-Git-Tag: v7.86~4966 X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=63cb2f4bcd0510c1c5052d477095c25e034a960e * Began an effort to eliminate SIZ wherever possible, and use string variables of smaller, appropriate lengths. This of course requires the use of bounds-checked string functions, which I am also making an effort to switch to wherever possible. --- diff --git a/citadel/citserver.c b/citadel/citserver.c index 909bdfd24..cb73a2ad6 100644 --- a/citadel/citserver.c +++ b/citadel/citserver.c @@ -446,7 +446,7 @@ void cmd_mesg(char *mname) } cprintf("%d %s\n",LISTING_FOLLOWS,buf); - while (fgets(buf, (SIZ-1), mfp)!=NULL) { + while (fgets(buf, (sizeof buf - 1), mfp) != NULL) { buf[strlen(buf)-1] = 0; do_help_subst(buf); cprintf("%s\n",buf); @@ -821,7 +821,7 @@ void citproto_begin_session() { * This loop recognizes all server commands. */ void do_command_loop(void) { - char cmdbuf[SIZ]; + char cmdbuf[1024]; time(&CC->lastcmd); memset(cmdbuf, 0, sizeof cmdbuf); /* Clear it, just in case */ @@ -851,8 +851,7 @@ void do_command_loop(void) { && (strncasecmp(cmdbuf, "PEXP", 4)) && (strncasecmp(cmdbuf, "GEXP", 4)) ) { strcpy(CC->lastcmdname, " "); - safestrncpy(CC->lastcmdname, cmdbuf, - sizeof(CC->lastcmdname) ); + safestrncpy(CC->lastcmdname, cmdbuf, sizeof(CC->lastcmdname)); time(&CC->lastidle); } @@ -863,11 +862,11 @@ void do_command_loop(void) { CC->cs_flags &= ~CS_POSTING; } - if (!strncasecmp(cmdbuf,"NOOP",4)) { + if (!strncasecmp(cmdbuf, "NOOP", 4)) { cprintf("%d%cok\n", CIT_OK, CtdlCheckExpress() ); } - else if (!strncasecmp(cmdbuf,"QNOP",4)) { + else if (!strncasecmp(cmdbuf, "QNOP", 4)) { /* do nothing, this command returns no response */ } diff --git a/citadel/msgbase.c b/citadel/msgbase.c index 0ac568575..7e4830858 100644 --- a/citadel/msgbase.c +++ b/citadel/msgbase.c @@ -1138,23 +1138,25 @@ int CtdlOutputPreLoadedMsg( int i, k; char buf[SIZ]; cit_uint8_t ch; - char allkeys[SIZ]; - char display_name[SIZ]; + char allkeys[30]; + char display_name[256]; char *mptr; char *nl; /* newline string */ int suppress_f = 0; int subject_found = 0; struct ma_info *ma; - /* buffers needed for RFC822 translation */ - char suser[SIZ]; - char luser[SIZ]; - char fuser[SIZ]; - char snode[SIZ]; - char lnode[SIZ]; - char mid[SIZ]; - char datestamp[SIZ]; - /* */ + /* Buffers needed for RFC822 translation. These are all filled + * using functions that are bounds-checked, and therefore we can + * make them substantially smaller than SIZ. + */ + char suser[100]; + char luser[100]; + char fuser[100]; + char snode[100]; + char lnode[100]; + char mid[100]; + char datestamp[100]; lprintf(CTDL_DEBUG, "CtdlOutputPreLoadedMsg(TheMessage=%s, %ld, %d, %d, %d, %d\n", ((TheMessage == NULL) ? "NULL" : "not null"), @@ -1223,17 +1225,17 @@ int CtdlOutputPreLoadedMsg( if ((mode == MT_CITADEL) || (mode == MT_MIME)) { - strcpy(display_name, ""); + safestrncpy(display_name, "", sizeof display_name); if (TheMessage->cm_fields['A']) { strcpy(buf, TheMessage->cm_fields['A']); if (TheMessage->cm_anon_type == MES_ANONONLY) { - strcpy(display_name, "****"); + safestrncpy(display_name, "****", sizeof display_name); } else if (TheMessage->cm_anon_type == MES_ANONOPT) { - strcpy(display_name, "anonymous"); + safestrncpy(display_name, "anonymous", sizeof display_name); } else { - strcpy(display_name, buf); + safestrncpy(display_name, buf, sizeof display_name); } if ((is_room_aide()) && ((TheMessage->cm_anon_type == MES_ANONONLY) @@ -1256,7 +1258,7 @@ int CtdlOutputPreLoadedMsg( } /* Now spew the header fields in the order we like them. */ - strcpy(allkeys, FORDER); + safestrncpy(allkeys, FORDER, sizeof allkeys); for (i=0; icm_fields['T'] == NULL) { lprintf(CTDL_DEBUG, "Generating timestamp\n"); - snprintf(aaa, sizeof aaa, "%ld", (long)time(NULL)); - msg->cm_fields['T'] = strdup(aaa); + snprintf(generated_timestamp, sizeof generated_timestamp, "%ld", (long)time(NULL)); + msg->cm_fields['T'] = strdup(generated_timestamp); } /* If this message has no path, we generate one. @@ -2132,10 +2135,10 @@ long CtdlSubmitMsg(struct CtdlMessage *msg, /* message to save */ serialize_message(&smr, msg); if (smr.len > 0) { - snprintf(aaa, sizeof aaa, + snprintf(submit_filename, sizeof submit_filename, "./network/spoolin/netmail.%04lx.%04x.%04x", (long) getpid(), CC->cs_pid, ++seqnum); - network_fp = fopen(aaa, "wb+"); + network_fp = fopen(submit_filename, "wb+"); if (network_fp != NULL) { fwrite(smr.ser, smr.len, 1, network_fp); fclose(network_fp); @@ -2235,7 +2238,7 @@ char *CtdlReadMessageBody(char *terminator, /* token signalling EOT */ exist is ALWAYS freed */ int crlf /* CRLF newlines instead of LF */ ) { - char buf[SIZ]; + char buf[1024]; int linelen; size_t message_len = 0; size_t buffer_len = 0; @@ -2267,7 +2270,7 @@ char *CtdlReadMessageBody(char *terminator, /* token signalling EOT */ /* read in the lines of message text one by one */ do { - if (client_getln(buf, sizeof buf) < 1) finished = 1; + if (client_getln(buf, (sizeof buf - 3)) < 1) finished = 1; if (!strcmp(buf, terminator)) finished = 1; if (crlf) { strcat(buf, "\r\n"); diff --git a/citadel/server.h b/citadel/server.h index 32362acf7..b6fba598e 100644 --- a/citadel/server.h +++ b/citadel/server.h @@ -44,11 +44,12 @@ struct CitContext { struct CitContext *prev; /* Link to previous session in list */ struct CitContext *next; /* Link to next session in the list */ - struct ctdluser user; /* Database record buffers */ - struct ctdlroom room; - int state; /* thread state (see CON_ values below) */ int kill_me; /* Set to nonzero to flag for termination */ + int client_socket; + int cs_pid; /* session ID */ + time_t lastcmd; /* time of last command executed */ + time_t lastidle; /* For computing idle time */ char curr_user[USERNAME_SIZE]; /* name of current user */ int logged_in; /* logged in */ @@ -59,10 +60,6 @@ struct CitContext { int curr_view; /* The view type for the current user/room */ char net_node[PATH_MAX];/* Is the client another Citadel server? */ - int client_socket; - int cs_pid; /* session ID */ - time_t lastcmd; /* time of last command executed */ - time_t lastidle; /* For computing idle time */ time_t previous_login; /* Date/time of previous login */ char lastcmdname[5]; /* name of last command executed */ unsigned cs_flags; /* miscellaneous flags */ @@ -93,6 +90,9 @@ struct CitContext { char dl_is_net; char upload_type; + struct ctdluser user; /* Database record buffers */ + struct ctdlroom room; + /* Beginning of cryptography - session nonce */ char cs_nonce[NONCE_SIZE]; /* The nonce for this session's next auth transaction */ diff --git a/citadel/sysdep.c b/citadel/sysdep.c index 1380be84e..c6c96ac09 100644 --- a/citadel/sysdep.c +++ b/citadel/sysdep.c @@ -581,7 +581,7 @@ void client_write(char *buf, int nbytes) */ void cprintf(const char *format, ...) { va_list arg_ptr; - char buf[SIZ]; + char buf[1024]; va_start(arg_ptr, format); if (vsnprintf(buf, sizeof buf, format, arg_ptr) == -1)