From c5764a20c160ac401a4b9aa2f5b97efa27660584 Mon Sep 17 00:00:00 2001
From: Art Cancro <ajc@citadel.org>
Date: Wed, 1 Dec 2004 21:34:17 +0000
Subject: [PATCH] * Numerous memory management bugfixes.

---
 webcit/ChangeLog      |  4 +++-
 webcit/context_loop.c |  6 +++---
 webcit/subst.c        | 11 +++++------
 webcit/tcp_sockets.c  |  2 +-
 webcit/webcit.c       |  9 ++++-----
 webcit/webserver.c    | 33 +++------------------------------
 6 files changed, 19 insertions(+), 46 deletions(-)

diff --git a/webcit/ChangeLog b/webcit/ChangeLog
index 3cae42833..5b74b85f8 100644
--- a/webcit/ChangeLog
+++ b/webcit/ChangeLog
@@ -1,4 +1,7 @@
 $Log$
+Revision 525.3  2004/12/01 21:34:17  ajc
+* Numerous memory management bugfixes.
+
 Revision 525.2  2004/12/01 16:48:24  ajc
 * tools.c: don't crash when striplt() is called with a zero-length string
 
@@ -2115,4 +2118,3 @@ Sun Dec  6 19:50:55 EST 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
 
 1998-12-03 Nathan Bryant <bryant@cs.usm.maine.edu>
 	* webserver.c: warning fix
-
diff --git a/webcit/context_loop.c b/webcit/context_loop.c
index 41a468e7a..482dcfaba 100644
--- a/webcit/context_loop.c
+++ b/webcit/context_loop.c
@@ -169,7 +169,7 @@ int req_gets(int sock, char *buf, char *hold)
 		a = client_gets(sock, buf);
 		if (a<1) return(-1);
 	} else {
-		strcpy(buf, hold);
+		safestrncpy(buf, hold, SIZ);
 	}
 	strcpy(hold, "");
 
@@ -287,11 +287,11 @@ void context_loop(int sock)
 		hptr->next = NULL;
 		last = hptr;
 
-		strcpy(hptr->line, buf);
+		safestrncpy(hptr->line, buf, sizeof hptr->line);
 
 	} while (strlen(buf) > 0);
 
-	strcpy(buf, req->line);
+	safestrncpy(buf, req->line, sizeof buf);
 	lprintf(5, "HTTP: %s\n", buf);
 
 	/* Check for bogus requests */
diff --git a/webcit/subst.c b/webcit/subst.c
index 0e9b4e37c..c70477713 100644
--- a/webcit/subst.c
+++ b/webcit/subst.c
@@ -58,12 +58,12 @@ void clear_local_substs(void) {
 void svprintf(char *keyname, int keytype, const char *format,...)
 {
 	va_list arg_ptr;
-	char wbuf[1024];
+	char wbuf[4096];
 	struct wcsubst *ptr = NULL;
 	struct wcsubst *scan;
 
 	va_start(arg_ptr, format);
-	vsprintf(wbuf, format, arg_ptr);
+	vsnprintf(wbuf, sizeof wbuf, format, arg_ptr);
 	va_end(arg_ptr);
 
 	/* First scan through to see if we're doing a replacement of
@@ -80,13 +80,12 @@ void svprintf(char *keyname, int keytype, const char *format,...)
 	if (ptr == NULL) {
 		ptr = (struct wcsubst *) malloc(sizeof(struct wcsubst));
 		ptr->next = WC->vars;
+		strcpy(ptr->wcs_key, keyname);
+		WC->vars = ptr;
 	}
 
 	ptr->wcs_type = keytype;
-	strcpy(ptr->wcs_key, keyname);
-	ptr->wcs_value = malloc(strlen(wbuf)+1);
-	strcpy(ptr->wcs_value, wbuf);
-	WC->vars = ptr;
+	ptr->wcs_value = strdup(wbuf);
 }
 
 /*
diff --git a/webcit/tcp_sockets.c b/webcit/tcp_sockets.c
index 77867fc4a..42df6b96f 100644
--- a/webcit/tcp_sockets.c
+++ b/webcit/tcp_sockets.c
@@ -224,7 +224,7 @@ void serv_printf(const char *format,...)
 	char buf[SIZ];
 
 	va_start(arg_ptr, format);
-	vsprintf(buf, format, arg_ptr);
+	vsnprintf(buf, sizeof buf, format, arg_ptr);
 	va_end(arg_ptr);
 
 	strcat(buf, "\n");
diff --git a/webcit/webcit.c b/webcit/webcit.c
index 780bf4806..17177b559 100644
--- a/webcit/webcit.c
+++ b/webcit/webcit.c
@@ -158,7 +158,7 @@ void wprintf(const char *format,...)
 	char wbuf[4096];
 
 	va_start(arg_ptr, format);
-	vsprintf(wbuf, format, arg_ptr);
+	vsnprintf(wbuf, sizeof wbuf, format, arg_ptr);
 	va_end(arg_ptr);
 
 	client_write(wbuf, strlen(wbuf));
@@ -386,9 +386,9 @@ void output_headers(int controlcode)
 			WC->wc_password, WC->wc_roomname);
 
 	if (print_standard_html_head == 2) {
-		wprintf("Set-cookie: webcit=%s\n", unset);
+		wprintf("Set-cookie: webcit=%s; path=/\n", unset);
 	} else {
-		wprintf("Set-cookie: webcit=%s\n", cookie);
+		wprintf("Set-cookie: webcit=%s; path=/\n", cookie);
 		if (server_cookie != NULL) {
 			wprintf("%s\n", server_cookie);
 		}
@@ -516,7 +516,6 @@ void output_static(char *what)
 	char *bigbuffer;
 	char content_type[SIZ];
 
-	lprintf(9, "output_static(%s)\n", what);
 	sprintf(buf, "static/%s", what);
 	fp = fopen(buf, "rb");
 	if (fp == NULL) {
@@ -558,7 +557,7 @@ void output_static(char *what)
 
 		fstat(fileno(fp), &statbuf);
 		bytes = statbuf.st_size;
-		lprintf(3, "Static: %s, %ld bytes\n", what, bytes);
+		lprintf(3, "Static: %s, (%s; %ld bytes)\n", what, content_type, bytes);
 		bigbuffer = malloc(bytes + 2);
 		fread(bigbuffer, bytes, 1, fp);
 		fclose(fp);
diff --git a/webcit/webserver.c b/webcit/webserver.c
index a79d1b868..a0fc24698 100644
--- a/webcit/webserver.c
+++ b/webcit/webserver.c
@@ -436,38 +436,11 @@ void worker_entry(void) {
 int lprintf(int loglevel, const char *format, ...)
 {
 	va_list ap;
-	char buf[32768];
-
-	va_start(ap, format);
-	vsprintf(buf, format, ap);
-	va_end(ap);
 
 	if (loglevel <= verbosity) {
-		struct timeval tv;
-		struct tm *tim;
-		int sess = 0;
-
-		gettimeofday(&tv, NULL);
-		tim = localtime((time_t *)&(tv.tv_sec));
-
-		if (WC) if (WC->wc_session) sess = 1;
-		if (sess) {
-			fprintf(stderr,
-				"%04d/%02d/%02d %2d:%02d:%02d.%03ld [%ld:%d] %s",
-				tim->tm_year + 1900, tim->tm_mon + 1,
-				tim->tm_mday, tim->tm_hour, tim->tm_min,
-				tim->tm_sec, (long)tv.tv_usec / 1000,
-				(long)pthread_self(),
-				WC->wc_session, buf);
-		} else {
-			fprintf(stderr,
-				"%04d/%02d/%02d %2d:%02d:%02d.%03ld [%ld] %s",
-				tim->tm_year + 1900, tim->tm_mon + 1,
-				tim->tm_mday, tim->tm_hour, tim->tm_min,
-				tim->tm_sec, (long)tv.tv_usec / 1000,
-				(long)pthread_self(),
-				buf);
-		}
+		va_start(ap, format);
+		vfprintf(stderr, format, ap);
+		va_end(ap);
 		fflush(stderr);
 	}
 	return 1;
-- 
2.30.2