Use strlcpy, not strcpy.

svn:r2610
This commit is contained in:
Nick Mathewson 2004-10-27 06:48:16 +00:00
parent 44d4516155
commit 6980929e64
11 changed files with 24 additions and 21 deletions

View File

@ -1847,13 +1847,12 @@ get_uname(void)
#ifdef HAVE_UNAME #ifdef HAVE_UNAME
if (uname(&u) != -1) { if (uname(&u) != -1) {
/* (linux says 0 is success, solaris says 1 is success) */ /* (linux says 0 is success, solaris says 1 is success) */
tor_snprintf(uname_result, 255, "%s %s %s", tor_snprintf(uname_result, sizeof(uname_result), "%s %s %s",
u.sysname, u.nodename, u.machine); u.sysname, u.nodename, u.machine);
uname_result[255] = '\0';
} else } else
#endif #endif
{ {
strcpy(uname_result, "Unknown platform"); strlcpy(uname_result, "Unknown platform", sizeof(uname_result));
} }
uname_result_is_set = 1; uname_result_is_set = 1;
} }

View File

@ -506,7 +506,7 @@ int fetch_from_buf_socks(buf_t *buf, socks_request_t *req) {
(int)strlen(tmpbuf)+1,(int)MAX_SOCKS_ADDR_LEN); (int)strlen(tmpbuf)+1,(int)MAX_SOCKS_ADDR_LEN);
return -1; return -1;
} }
strcpy(req->address,tmpbuf); strlcpy(req->address,tmpbuf,sizeof(req->address));
req->port = ntohs(*(uint16_t*)(buf->mem+8)); req->port = ntohs(*(uint16_t*)(buf->mem+8));
buf_remove_from_front(buf, 10); buf_remove_from_front(buf, 10);
if(!have_warned_about_unsafe_socks) { if(!have_warned_about_unsafe_socks) {
@ -594,7 +594,8 @@ int fetch_from_buf_socks(buf_t *buf, socks_request_t *req) {
} }
} }
log_fn(LOG_DEBUG,"socks4: Everything is here. Success."); log_fn(LOG_DEBUG,"socks4: Everything is here. Success.");
strcpy(req->address, socks4_prot == socks4 ? tmpbuf : startaddr); strlcpy(req->address, socks4_prot == socks4 ? tmpbuf : startaddr,
sizeof(req->address));
/* XXX on very old netscapes (socks4) the next line triggers an /* XXX on very old netscapes (socks4) the next line triggers an
* assert, because next-buf->mem+1 is greater than buf->datalen. * assert, because next-buf->mem+1 is greater than buf->datalen.
*/ */
@ -605,7 +606,7 @@ int fetch_from_buf_socks(buf_t *buf, socks_request_t *req) {
case 'H': /* head */ case 'H': /* head */
case 'P': /* put/post */ case 'P': /* put/post */
case 'C': /* connect */ case 'C': /* connect */
strcpy(req->reply, strlcpy(req->reply,
"HTTP/1.0 501 Tor is not an HTTP Proxy\r\n" "HTTP/1.0 501 Tor is not an HTTP Proxy\r\n"
"Content-Type: text/html; charset=iso-8859-1\r\n\r\n" "Content-Type: text/html; charset=iso-8859-1\r\n\r\n"
"<html>\n" "<html>\n"
@ -625,7 +626,7 @@ int fetch_from_buf_socks(buf_t *buf, socks_request_t *req) {
"</p>\n" "</p>\n"
"</body>\n" "</body>\n"
"</html>\n" "</html>\n"
); , MAX_SOCKS_REPLY_LEN);
req->replylen = strlen(req->reply)+1; req->replylen = strlen(req->reply)+1;
/* fall through */ /* fall through */
default: /* version is not socks4 or socks5 */ default: /* version is not socks4 or socks5 */

View File

@ -717,7 +717,7 @@ circuit_get_open_circ_or_launch(connection_t *conn,
if(circ && if(circ &&
(desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL)) { (desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL)) {
/* then write the service_id into circ */ /* then write the service_id into circ */
strcpy(circ->rend_query, conn->rend_query); strlcpy(circ->rend_query, conn->rend_query, sizeof(circ->rend_query));
} }
} }
if(!circ) if(!circ)

View File

@ -419,7 +419,7 @@ static int connection_ap_handshake_process_socks(connection_t *conn) {
return 0; return 0;
} }
strcpy(conn->rend_query, socks->address); /* this strcpy is safe -RD */ strlcpy(conn->rend_query, socks->address, sizeof(conn->rend_query));
log_fn(LOG_INFO,"Got a hidden service request for ID '%s'", conn->rend_query); log_fn(LOG_INFO,"Got a hidden service request for ID '%s'", conn->rend_query);
/* see if we already have it cached */ /* see if we already have it cached */
r = rend_cache_lookup_entry(conn->rend_query, &entry); r = rend_cache_lookup_entry(conn->rend_query, &entry);
@ -594,7 +594,8 @@ int connection_ap_make_bridge(char *address, uint16_t port) {
/* leave version at zero, so the socks_reply is empty */ /* leave version at zero, so the socks_reply is empty */
conn->socks_request->socks_version = 0; conn->socks_request->socks_version = 0;
conn->socks_request->has_finished = 0; /* waiting for 'connected' */ conn->socks_request->has_finished = 0; /* waiting for 'connected' */
strcpy(conn->socks_request->address, address); strlcpy(conn->socks_request->address, address,
sizeof(conn->socks_request->address));
conn->socks_request->port = port; conn->socks_request->port = port;
conn->socks_request->command = SOCKS_COMMAND_CONNECT; conn->socks_request->command = SOCKS_COMMAND_CONNECT;
@ -775,7 +776,8 @@ int connection_exit_begin_conn(cell_t *cell, circuit_t *circ) {
log_fn(LOG_DEBUG,"begin is for rendezvous. configuring stream."); log_fn(LOG_DEBUG,"begin is for rendezvous. configuring stream.");
n_stream->address = tor_strdup("(rendezvous)"); n_stream->address = tor_strdup("(rendezvous)");
n_stream->state = EXIT_CONN_STATE_CONNECTING; n_stream->state = EXIT_CONN_STATE_CONNECTING;
strcpy(n_stream->rend_query, circ->rend_query); strlcpy(n_stream->rend_query, circ->rend_query,
sizeof(n_stream->rend_query));
tor_assert(connection_edge_is_rendezvous_stream(n_stream)); tor_assert(connection_edge_is_rendezvous_stream(n_stream));
assert_circuit_ok(circ); assert_circuit_ok(circ);
if(rend_service_set_connection_addr_port(n_stream, circ) < 0) { if(rend_service_set_connection_addr_port(n_stream, circ) < 0) {

View File

@ -429,9 +429,8 @@ parse_http_url(char *headers, char **url)
if(s-start < 5 || strcmpstart(start,"/tor/")) { /* need to rewrite it */ if(s-start < 5 || strcmpstart(start,"/tor/")) { /* need to rewrite it */
*url = tor_malloc(s - start + 5); *url = tor_malloc(s - start + 5);
strcpy(*url,"/tor"); strlcpy(*url,"/tor", s-start+5);
strlcpy((*url)+4, start, s-start+1); strlcat((*url)+4, start, s-start+1);
(*url)[s-start+4] = 0; /* null terminate it */
} else { } else {
*url = tor_strndup(start, s-start); *url = tor_strndup(start, s-start);
} }

View File

@ -476,7 +476,7 @@ list_single_server_status(descriptor_entry_t *desc, int is_live,
*cp++ = '!'; *cp++ = '!';
} }
if (desc->verified) { if (desc->verified) {
strcpy(cp, desc->nickname); strlcpy(cp, desc->nickname, sizeof(buf)-(cp-buf));
cp += strlen(cp); cp += strlen(cp);
if (!rr_format) if (!rr_format)
*cp++ = '='; *cp++ = '=';

View File

@ -159,7 +159,7 @@ static void send_resolved_cell(connection_t *conn, uint8_t answer_type)
case RESOLVED_TYPE_ERROR_TRANSIENT: case RESOLVED_TYPE_ERROR_TRANSIENT:
case RESOLVED_TYPE_ERROR: case RESOLVED_TYPE_ERROR:
buf[1] = 24; /* length of "error resolving hostname" */ buf[1] = 24; /* length of "error resolving hostname" */
strcpy(buf+2, "error resolving hostname"); strlcpy(buf+2, "error resolving hostname", buf-2);
buflen = 26; buflen = 26;
break; break;
default: default:

View File

@ -68,7 +68,7 @@ rend_encode_service_descriptor(rend_service_descriptor_t *desc,
cp += 2; cp += 2;
for (i=0; i < desc->n_intro_points; ++i) { for (i=0; i < desc->n_intro_points; ++i) {
ipoint = (char*)desc->intro_points[i]; ipoint = (char*)desc->intro_points[i];
strcpy(cp, ipoint); strlcpy(cp, ipoint, *len_out-(cp-*str_out));
cp += strlen(ipoint)+1; cp += strlen(ipoint)+1;
} }
i = crypto_pk_private_sign_digest(key, *str_out, cp-*str_out, cp); i = crypto_pk_private_sign_digest(key, *str_out, cp-*str_out, cp);

View File

@ -459,7 +459,8 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
memcpy(launched->rend_pk_digest, circuit->rend_pk_digest, memcpy(launched->rend_pk_digest, circuit->rend_pk_digest,
DIGEST_LEN); DIGEST_LEN);
memcpy(launched->rend_cookie, r_cookie, REND_COOKIE_LEN); memcpy(launched->rend_cookie, r_cookie, REND_COOKIE_LEN);
strcpy(launched->rend_query, service->service_id); strlcpy(launched->rend_query, service->service_id,
sizeof(launched->rend_query));
launched->build_state->pending_final_cpath = cpath = launched->build_state->pending_final_cpath = cpath =
tor_malloc_zero(sizeof(crypt_path_t)); tor_malloc_zero(sizeof(crypt_path_t));
@ -539,7 +540,8 @@ rend_service_launch_establish_intro(rend_service_t *service, const char *nicknam
nickname); nickname);
return -1; return -1;
} }
strcpy(launched->rend_query, service->service_id); strlcpy(launched->rend_query, service->service_id,
sizeof(launched->rend_query));
memcpy(launched->rend_pk_digest, service->pk_digest, DIGEST_LEN); memcpy(launched->rend_pk_digest, service->pk_digest, DIGEST_LEN);
return 0; return 0;

View File

@ -267,7 +267,7 @@ void rep_hist_dump_stats(time_t now, int severity)
upt, upt+downt, uptime*100.0); upt, upt+downt, uptime*100.0);
if (!strmap_isempty(or_history->link_history_map)) { if (!strmap_isempty(or_history->link_history_map)) {
strcpy(buffer, " Good extend attempts: "); strlcpy(buffer, " Good extend attempts: ", sizeof(buffer));
len = strlen(buffer); len = strlen(buffer);
for (lhist_it = strmap_iter_init(or_history->link_history_map); for (lhist_it = strmap_iter_init(or_history->link_history_map);
!strmap_iter_done(lhist_it); !strmap_iter_done(lhist_it);

View File

@ -1115,7 +1115,7 @@ int routers_update_status_from_entry(smartlist_t *routers,
strlen(cp), s); strlen(cp), s);
return -1; return -1;
} }
strcpy(hexdigest, cp); strlcpy(hexdigest, cp, sizeof(hexdigest));
if (base16_decode(digest, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0) { if (base16_decode(digest, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0) {
log_fn(LOG_WARN, "Invalid digest in router status entry (%s)", s); log_fn(LOG_WARN, "Invalid digest in router status entry (%s)", s);
return -1; return -1;