Permalink
Browse files

Use strlcpy() instead of strncpyz()

 Patch by: michaelortmann

strncpyz() was a macro using strncpy(). We dont want strncpy due to its zero padding. strncpyz() was replaced with strlcpy() 
* if the operating system / libc provides strlcpy() we will use it.
* if it doesn't we will use our new src/compat/strlcpy, which is a copy of the bsd implementation
* enable compat strlcpy() also for modules if needed, enable strncpyz() for modules for backward compatibility
  • Loading branch information...
michaelortmann authored and vanosg committed Oct 9, 2018
1 parent 79e6ec8 commit 185a93d899a9a88740fbd46bf5a114aa884521df
Showing with 352 additions and 242 deletions.
  1. +1 −1 configure.ac
  2. +1 −1 src/botcmd.c
  3. +3 −3 src/botnet.c
  4. +7 −7 src/chanprog.c
  5. +11 −11 src/cmds.c
  6. +10 −9 src/compat/Makefile.in
  7. +1 −0 src/compat/compat.h
  8. +74 −0 src/compat/strlcpy.c
  9. +30 −0 src/compat/strlcpy.h
  10. +11 −11 src/dcc.c
  11. +1 −1 src/dns.c
  12. +1 −1 src/flags.c
  13. +1 −1 src/language.c
  14. +10 −10 src/main.c
  15. +0 −8 src/main.h
  16. +6 −6 src/misc.c
  17. +3 −3 src/mod/assoc.mod/assoc.c
  18. +1 −1 src/mod/blowfish.mod/blowfish.c
  19. +1 −1 src/mod/channels.mod/channels.c
  20. +13 −13 src/mod/channels.mod/cmdschan.c
  21. +18 −18 src/mod/channels.mod/tclchan.c
  22. +8 −8 src/mod/channels.mod/userchan.c
  23. +1 −1 src/mod/console.mod/console.c
  24. +2 −2 src/mod/filesys.mod/files.c
  25. +2 −2 src/mod/filesys.mod/filesys.c
  26. +7 −7 src/mod/irc.mod/chan.c
  27. +7 −7 src/mod/irc.mod/cmdsirc.c
  28. +2 −2 src/mod/irc.mod/irc.c
  29. +4 −4 src/mod/irc.mod/msgcmds.c
  30. +5 −0 src/mod/module.h
  31. +1 −1 src/mod/notes.mod/notes.c
  32. +1 −1 src/mod/seen.mod/seen.c
  33. +2 −2 src/mod/server.mod/cmdsserv.c
  34. +16 −16 src/mod/server.mod/server.c
  35. +8 −8 src/mod/server.mod/servmsg.c
  36. +3 −3 src/mod/server.mod/tclserv.c
  37. +2 −2 src/mod/share.mod/share.c
  38. +3 −3 src/mod/transfer.mod/transfer.c
  39. +4 −4 src/mod/transfer.mod/transferqueue.c
  40. +3 −3 src/mod/uptime.mod/uptime.c
  41. +9 −2 src/modules.c
  42. +4 −4 src/net.c
  43. +1 −1 src/tcl.c
  44. +16 −16 src/tcldcc.c
  45. +11 −11 src/tclmisc.c
  46. +6 −6 src/tcluser.c
  47. +5 −5 src/tls.c
  48. +5 −5 src/userent.c
  49. +6 −6 src/userrec.c
  50. +4 −4 src/users.c
View
@@ -109,7 +109,7 @@ EGG_CHECK_SOCKLEN_T
AX_CREATE_STDINT_H([eggint.h])
# Checks for functions and their arguments.
AC_CHECK_FUNCS([clock dprintf fsync getrandom getrusage inet_aton inet_ntop isascii mbrlen memcpy random rand lrand48 rename setpgid sigaction sigemptyset snprintf strcasecmp strncasecmp uname vsnprintf])
AC_CHECK_FUNCS([clock dprintf fsync getrandom getrusage inet_aton inet_ntop isascii mbrlen memcpy random rand lrand48 rename setpgid sigaction sigemptyset snprintf strcasecmp strlcpy strncasecmp uname vsnprintf])
AC_FUNC_SELECT_ARGTYPES
EGG_FUNC_VPRINTF
AC_FUNC_STRFTIME
View
@@ -952,7 +952,7 @@ static void bot_thisbot(int idx, char *par)
noshare = 1;
change_handle(dcc[idx].user, par);
noshare = 0;
strncpyz(dcc[idx].nick, par, sizeof dcc[idx].nick);
strlcpy(dcc[idx].nick, par, sizeof dcc[idx].nick);
}
static void bot_handshake(int idx, char *par)
View
@@ -138,7 +138,7 @@ int partysock(char *bot, char *nick)
/* Set the botnetnick and truncate as necessary */
void set_botnetnick(const char *newnick) {
strncpyz(botnetnick, newnick, sizeof botnetnick);
strlcpy(botnetnick, newnick, sizeof botnetnick);
}
/* New botnet member
@@ -304,7 +304,7 @@ void rembot(char *whoin)
/* Need to save the nick for later as it MAY be a pointer to ptr->bot, and we free(ptr) in here. */
len = strlen(whoin);
who = nmalloc(len + 1);
strncpyz(who, whoin, len + 1);
strlcpy(who, whoin, len + 1);
while (*ptr) {
if (!egg_strcasecmp((*ptr)->bot, who))
@@ -1082,7 +1082,7 @@ static void botlink_resolve_success(int i)
changeover_dcc(i, &DCC_FORK_BOT, sizeof(struct bot_info));
dcc[i].timeval = now;
strncpyz(dcc[i].u.bot->linker, linker, sizeof dcc[i].u.bot->linker);
strlcpy(dcc[i].u.bot->linker, linker, sizeof dcc[i].u.bot->linker);
strcpy(dcc[i].u.bot->version, "(primitive bot)");
dcc[i].u.bot->numver = idx;
dcc[i].u.bot->port = dcc[i].port; /* Remember where i started */
View
@@ -137,7 +137,7 @@ struct userrec *check_chanlist(const char *host)
memberlist *m;
struct chanset_t *chan;
strncpyz(buf, host, sizeof buf);
strlcpy(buf, host, sizeof buf);
uhost = buf;
nick = splitnick(&uhost);
for (chan = chanset; chan; chan = chan->next)
@@ -205,7 +205,7 @@ void set_chanlist(const char *host, struct userrec *rec)
memberlist *m;
struct chanset_t *chan;
strncpyz(buf, host, sizeof buf);
strlcpy(buf, host, sizeof buf);
uhost = buf;
nick = splitnick(&uhost);
for (chan = chanset; chan; chan = chan->next)
@@ -325,14 +325,14 @@ void tell_verbose_status(int idx)
sprintf(&s[strlen(s)], "%02d:%02d", (int) hr, (int) min);
s1[0] = 0;
if (backgrd)
strncpyz(s1, MISC_BACKGROUND, sizeof s1);
strlcpy(s1, MISC_BACKGROUND, sizeof s1);
else {
if (term_z)
strncpyz(s1, MISC_TERMMODE, sizeof s1);
strlcpy(s1, MISC_TERMMODE, sizeof s1);
else if (con_chan)
strncpyz(s1, MISC_STATMODE, sizeof s1);
strlcpy(s1, MISC_STATMODE, sizeof s1);
else
strncpyz(s1, MISC_LOGMODE, sizeof s1);
strlcpy(s1, MISC_LOGMODE, sizeof s1);
}
cputime = getcputime();
if (cputime < 0)
@@ -428,7 +428,7 @@ void reaffirm_owners()
q = owner;
p = strchr(q, ',');
while (p) {
strncpyz(s, q, (p - q) + 1);
strlcpy(s, q, (p - q) + 1);
rmspace(s);
u = get_user_by_handle(userlist, s);
if (u)
View
@@ -654,7 +654,7 @@ static void do_console(struct userrec *u, int idx, char *par, int reset)
module_entry *me;
get_user_flagrec(u, &fr, dcc[idx].u.chat->con_chan);
strncpyz(s1, par, sizeof s1);
strlcpy(s1, par, sizeof s1);
nick = newsplit(&par);
/* Check if the parameter is a handle.
* Don't remove '+' as someone couldn't have '+' in CHANMETA cause
@@ -692,7 +692,7 @@ static void do_console(struct userrec *u, int idx, char *par, int reset)
nick);
return;
}
strncpyz(dcc[dest].u.chat->con_chan, nick,
strlcpy(dcc[dest].u.chat->con_chan, nick,
sizeof dcc[dest].u.chat->con_chan);
nick[0] = 0;
if (dest != idx)
@@ -949,8 +949,8 @@ static void cmd_chhandle(struct userrec *u, int idx, char *par)
int i, atr = u ? u->flags : 0, atr2;
struct userrec *u2;
strncpyz(hand, newsplit(&par), sizeof hand);
strncpyz(newhand, newsplit(&par), sizeof newhand);
strlcpy(hand, newsplit(&par), sizeof hand);
strlcpy(newhand, newsplit(&par), sizeof newhand);
if (!hand[0] || !newhand[0]) {
dprintf(idx, "Usage: chhandle <oldhandle> <newhandle>\n");
@@ -996,7 +996,7 @@ static void cmd_handle(struct userrec *u, int idx, char *par)
char oldhandle[HANDLEN + 1], newhandle[HANDLEN + 1];
int i;
strncpyz(newhandle, newsplit(&par), sizeof newhandle);
strlcpy(newhandle, newsplit(&par), sizeof newhandle);
if (!newhandle[0]) {
dprintf(idx, "Usage: handle <new-handle>\n");
@@ -1017,7 +1017,7 @@ static void cmd_handle(struct userrec *u, int idx, char *par)
else if (!egg_strcasecmp(newhandle, botnetnick))
dprintf(idx, "Hey! That's MY name!\n");
else {
strncpyz(oldhandle, dcc[idx].nick, sizeof oldhandle);
strlcpy(oldhandle, dcc[idx].nick, sizeof oldhandle);
if (change_handle(u, newhandle)) {
putlog(LOG_CMDS, "*", "#%s# handle %s", oldhandle, newhandle);
dprintf(idx, "Okay, changed.\n");
@@ -1353,13 +1353,13 @@ void cmd_die(struct userrec *u, int idx, char *par)
egg_snprintf(s1, sizeof s1, "BOT SHUTDOWN (%s: %s)", dcc[idx].nick, par);
egg_snprintf(s2, sizeof s2, "DIE BY %s!%s (%s)", dcc[idx].nick,
dcc[idx].host, par);
strncpyz(quit_msg, par, 1024);
strlcpy(quit_msg, par, 1024);
} else {
egg_snprintf(s1, sizeof s1, "BOT SHUTDOWN (Authorized by %s)",
dcc[idx].nick);
egg_snprintf(s2, sizeof s2, "DIE BY %s!%s (request)", dcc[idx].nick,
dcc[idx].host);
strncpyz(quit_msg, dcc[idx].nick, 1024);
strlcpy(quit_msg, dcc[idx].nick, 1024);
}
kill_bot(s1, s2);
}
@@ -2404,7 +2404,7 @@ static void cmd_su(struct userrec *u, int idx, char *par)
dcc[idx].u.chat->su_nick = get_data_ptr(strlen(dcc[idx].nick) + 1);
strcpy(dcc[idx].u.chat->su_nick, dcc[idx].nick);
dcc[idx].user = u;
strncpyz(dcc[idx].nick, par, sizeof dcc[idx].nick);
strlcpy(dcc[idx].nick, par, sizeof dcc[idx].nick);
dcc_chatter(idx);
}
}
@@ -2515,7 +2515,7 @@ static void cmd_set(struct userrec *u, int idx, char *msg)
dumplots(idx, "Global vars: ", tcl_resultstring());
return;
}
strncpyz(s + 4, msg, sizeof s - 4);
strlcpy(s + 4, msg, sizeof s - 4);
code = Tcl_Eval(interp, s);
/* properly convert string to system encoding. */
@@ -2663,7 +2663,7 @@ static void cmd_mns_ignore(struct userrec *u, int idx, char *par)
dprintf(idx, "Usage: -ignore <hostmask | ignore #>\n");
return;
}
strncpyz(buf, par, sizeof buf);
strlcpy(buf, par, sizeof buf);
if (delignore(buf)) {
putlog(LOG_CMDS, "*", "#%s# -ignore %s", dcc[idx].nick, buf);
dprintf(idx, "No longer ignoring: %s\n", buf);
View
@@ -18,7 +18,7 @@ CFLAGS = @CFLAGS@ -I../.. -I$(top_srcdir) -I$(top_srcdir)/src @SSL_INCLUDES@ @DE
CPPFLAGS = @CPPFLAGS@
OBJS = gethostbyname2.o in6.o inet_aton.o inet_ntop.o inet_pton.o snprintf.o \
memcpy.o strcasecmp.o strftime.o
memcpy.o strcasecmp.o strftime.o strlcpy.o
doofus:
@echo ""
@@ -50,7 +50,7 @@ gethostbyname2.o: gethostbyname2.c gethostbyname2.h ../../src/main.h \
../../src/compat/snprintf.h ../../src/compat/memcpy.h \
../../src/compat/strcasecmp.h ../../src/compat/strftime.h \
../../src/compat/inet_ntop.h ../../src/compat/inet_pton.h \
../../src/compat/gethostbyname2.h
../../src/compat/gethostbyname2.h ../../src/compat/strlcpy.h
gnu_strftime.o: gnu_strftime.c ../../config.h
in6.o: in6.c in6.h
inet_aton.o: inet_aton.c ../../src/main.h ../../config.h ../../eggint.h \
@@ -61,7 +61,7 @@ inet_aton.o: inet_aton.c ../../src/main.h ../../config.h ../../eggint.h \
../../src/main.h ../../src/compat/snprintf.h ../../src/compat/memcpy.h \
../../src/compat/strcasecmp.h ../../src/compat/strftime.h \
../../src/compat/inet_ntop.h ../../src/compat/inet_pton.h \
../../src/compat/gethostbyname2.h inet_aton.h
../../src/compat/gethostbyname2.h ../../src/compat/strlcpy.h inet_aton.h
inet_ntop.o: inet_ntop.c inet_ntop.h ../../src/main.h ../../config.h \
../../eggint.h ../../lush.h ../../src/lang.h ../../src/eggdrop.h \
../../src/compat/in6.h ../../src/flags.h ../../src/proto.h \
@@ -71,7 +71,7 @@ inet_ntop.o: inet_ntop.c inet_ntop.h ../../src/main.h ../../config.h \
../../src/compat/snprintf.h ../../src/compat/memcpy.h \
../../src/compat/strcasecmp.h ../../src/compat/strftime.h \
../../src/compat/inet_ntop.h ../../src/compat/inet_pton.h \
../../src/compat/gethostbyname2.h
../../src/compat/gethostbyname2.h ../../src/compat/strlcpy.h
inet_pton.o: inet_pton.c inet_pton.h ../../src/main.h ../../config.h \
../../eggint.h ../../lush.h ../../src/lang.h ../../src/eggdrop.h \
../../src/compat/in6.h ../../src/flags.h ../../src/proto.h \
@@ -81,7 +81,7 @@ inet_pton.o: inet_pton.c inet_pton.h ../../src/main.h ../../config.h \
../../src/compat/snprintf.h ../../src/compat/memcpy.h \
../../src/compat/strcasecmp.h ../../src/compat/strftime.h \
../../src/compat/inet_ntop.h ../../src/compat/inet_pton.h \
../../src/compat/gethostbyname2.h
../../src/compat/gethostbyname2.h ../../src/compat/strlcpy.h
memcpy.o: memcpy.c ../../src/main.h ../../config.h ../../eggint.h \
../../lush.h ../../src/lang.h ../../src/eggdrop.h ../../src/compat/in6.h \
../../src/flags.h ../../src/proto.h ../../src/misc_file.h \
@@ -90,7 +90,7 @@ memcpy.o: memcpy.c ../../src/main.h ../../config.h ../../eggint.h \
../../src/main.h ../../src/compat/snprintf.h ../../src/compat/memcpy.h \
../../src/compat/strcasecmp.h ../../src/compat/strftime.h \
../../src/compat/inet_ntop.h ../../src/compat/inet_pton.h \
../../src/compat/gethostbyname2.h memcpy.h
../../src/compat/gethostbyname2.h ../../src/compat/strlcpy.h memcpy.h
snprintf.o: snprintf.c ../../src/main.h ../../config.h ../../eggint.h \
../../lush.h ../../src/lang.h ../../src/eggdrop.h ../../src/compat/in6.h \
../../src/flags.h ../../src/proto.h ../../src/misc_file.h \
@@ -99,7 +99,7 @@ snprintf.o: snprintf.c ../../src/main.h ../../config.h ../../eggint.h \
../../src/main.h ../../src/compat/snprintf.h ../../src/compat/memcpy.h \
../../src/compat/strcasecmp.h ../../src/compat/strftime.h \
../../src/compat/inet_ntop.h ../../src/compat/inet_pton.h \
../../src/compat/gethostbyname2.h snprintf.h
../../src/compat/gethostbyname2.h ../../src/compat/strlcpy.h snprintf.h
strcasecmp.o: strcasecmp.c ../../src/main.h ../../config.h ../../eggint.h \
../../lush.h ../../src/lang.h ../../src/eggdrop.h ../../src/compat/in6.h \
../../src/flags.h ../../src/proto.h ../../src/misc_file.h \
@@ -108,7 +108,7 @@ strcasecmp.o: strcasecmp.c ../../src/main.h ../../config.h ../../eggint.h \
../../src/main.h ../../src/compat/snprintf.h ../../src/compat/memcpy.h \
../../src/compat/strcasecmp.h ../../src/compat/strftime.h \
../../src/compat/inet_ntop.h ../../src/compat/inet_pton.h \
../../src/compat/gethostbyname2.h memcpy.h
../../src/compat/gethostbyname2.h ../../src/compat/strlcpy.h memcpy.h
strftime.o: strftime.c ../../src/main.h ../../config.h ../../eggint.h \
../../lush.h ../../src/lang.h ../../src/eggdrop.h ../../src/compat/in6.h \
../../src/flags.h ../../src/proto.h ../../src/misc_file.h \
@@ -117,4 +117,5 @@ strftime.o: strftime.c ../../src/main.h ../../config.h ../../eggint.h \
../../src/compat/snprintf.h ../../src/compat/memcpy.h \
../../src/compat/strcasecmp.h ../../src/compat/strftime.h \
../../src/compat/inet_ntop.h ../../src/compat/inet_pton.h \
../../src/compat/gethostbyname2.h strftime.h
../../src/compat/gethostbyname2.h ../../src/compat/strlcpy.h strftime.h
strlcpy.o: strlcpy.c
View
@@ -31,5 +31,6 @@
#include "inet_ntop.h"
#include "inet_pton.h"
#include "gethostbyname2.h"
#include "strlcpy.h"
#endif /* !__EGG_COMPAT_COMPAT_H */
View
@@ -0,0 +1,74 @@
/*
* strlcpy.c -- provides strlcpy() if necessary
*/
/*
* Copyright (C) 2010 - 2018 Eggheads Development Team
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
#include "../../config.h"
#ifndef HAVE_STRLCPY
/* $OpenBSD: strlcpy.c,v 1.12 2015/01/15 03:54:12 millert Exp $ */
/*
* Copyright (c) 1998, 2015 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stddef.h>
/*
* Copy string src to buffer dst of size dsize. At most dsize-1
* chars will be copied. Always NUL terminates (unless dsize == 0).
* Returns strlen(src); if retval >= dsize, truncation occurred.
*/
size_t
strlcpy(char * __restrict dst, const char * __restrict src, size_t dsize)
{
const char *osrc = src;
size_t nleft = dsize;
/* Copy as many bytes as will fit. */
if (nleft != 0) {
while (--nleft != 0) {
if ((*dst++ = *src++) == '\0')
break;
}
}
/* Not enough room in dst, add NUL and traverse rest of src. */
if (nleft == 0) {
if (dsize != 0)
*dst = '\0'; /* NUL-terminate dst */
while (*src++)
;
}
return(src - osrc - 1); /* count does not include NUL */
}
#endif /* HAVE_STRLCPY */
View
@@ -0,0 +1,30 @@
/*
* strlcpy.h
* prototypes for strlcpy.c
*/
/*
* Copyright (C) 2010 - 2018 Eggheads Development Team
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
#ifndef _EGG_COMPAT_STRLCPY_H_
#define _EGG_COMPAT_STRLCPY_H_
#ifndef HAVE_STRLCPY
size_t strlcpy(char * __restrict, const char * __restrict, size_t);
#endif /* HAVE_STRLCPY */
#endif /* _EGG_COMPAT_STRLCPY_H_ */
Oops, something went wrong.

0 comments on commit 185a93d

Please sign in to comment.