From bb87eaf6d061ecd1ca3451da5384939922f06f5b Mon Sep 17 00:00:00 2001 From: Ari Johnson Date: Wed, 7 Dec 2022 18:53:54 -0500 Subject: [PATCH] Improve memory safety in light of newer compiler warnings --- src/bsd.c | 2 +- src/conf.c | 4 +++- src/db.c | 2 +- src/extchat.c | 12 ++++++++---- src/fundb.c | 2 +- src/funstr.c | 8 ++++---- src/game.c | 24 ++++++++++++++++-------- src/ident.c | 2 +- src/pcre.c | 2 +- src/prog.c | 6 +++--- 10 files changed, 39 insertions(+), 25 deletions(-) diff --git a/src/bsd.c b/src/bsd.c index 49ea6a4..93bbe26 100644 --- a/src/bsd.c +++ b/src/bsd.c @@ -880,7 +880,7 @@ static const char *empabb(dbref player) { bad_empabb_value: - strncpy(str, "---", 3); + strncpy(str, "---", 4); return str; } diff --git a/src/conf.c b/src/conf.c index c32aa36..0782ae4 100644 --- a/src/conf.c +++ b/src/conf.c @@ -812,6 +812,7 @@ cf_flag(const char *opt, const char *val, void *loc, int maxval, int source) { size_t len = strlen(val); size_t total = strlen((char *) loc); + char temp[BUFFER_LEN]; /* truncate if necessary */ if (len + total + 1 >= (size_t) maxval) { @@ -824,7 +825,8 @@ cf_flag(const char *opt, const char *val, void *loc, int maxval, int source) if (source == 0) do_rawlog(LT_ERR, T("CONFIG: option %s value truncated\n"), opt); } - sprintf((char *) loc, "%s %s", (char *) loc, val); + snprintf(temp, sizeof temp, "%s %s", (char *) loc, val); + strncpy(loc, temp, maxval); return 1; } diff --git a/src/db.c b/src/db.c index 94dd9cd..7b38e53 100644 --- a/src/db.c +++ b/src/db.c @@ -860,7 +860,7 @@ db_paranoid_write_object(FILE * f, dbref i, int flag) count = 0; do { name[BUFFER_LEN - 6] = '\0'; - sprintf(tbuf1, "%s%d", name, count); + snprintf(tbuf1, sizeof tbuf1, "%.1018s%d", name, count); count++; } while (count < 10000 && atr_get_noparent(i, tbuf1)); strcpy(name, tbuf1); diff --git a/src/extchat.c b/src/extchat.c index 3f2a461..c4abdff 100644 --- a/src/extchat.c +++ b/src/extchat.c @@ -3088,16 +3088,20 @@ const char * channel_description(dbref player) { static char buf[BUFFER_LEN]; + char *bp; CHANLIST *c; - *buf = '\0'; + bp = buf; if (Chanlist(player)) { - strcpy(buf, T("Channels:")); + safe_str(T("Channels:"), buf, &bp); for (c = Chanlist(player); c; c = c->next) - sprintf(buf, "%s %s", buf, ChanName(c->chan)); + safe_chr(' ', buf, &bp); + safe_str(ChanName(c->chan), buf, &bp); } else if (IsPlayer(player)) - strcpy(buf, T("Channels: *NONE*")); + safe_str(T("Channels: *NONE*"), buf, &bp); + + *bp = '\0'; return buf; } diff --git a/src/fundb.c b/src/fundb.c index d25821a..3fabecf 100644 --- a/src/fundb.c +++ b/src/fundb.c @@ -1891,7 +1891,7 @@ FUNCTION(fun_link) safe_str(T(e_perm), buff, bp); return; } - do_link(executor, args[0], args[1], args[2] && args[2] != '\0' ? parse_boolean(args[2]) : 0 ); + do_link(executor, args[0], args[1], args[2] && *args[2] != '\0' ? parse_boolean(args[2]) : 0 ); } /* ARGSUSED */ diff --git a/src/funstr.c b/src/funstr.c index 69d8a32..00af11b 100644 --- a/src/funstr.c +++ b/src/funstr.c @@ -2153,7 +2153,7 @@ FUNCTION(fun_speak) ENTER_OOREF; if (nargs > 3) { - if (args[3] != '\0') { + if (*args[3] != '\0') { /* we have a transform attr */ transform = 1; if (!fetch_ufun_attrib(args[3], executor, &transufun, 1)) { @@ -2162,7 +2162,7 @@ FUNCTION(fun_speak) return; } if (nargs > 4) { - if (args[4] != '\0') { + if (*args[4] != '\0') { /* we have an attr to use when transform returns an empty string */ null = 1; if (!fetch_ufun_attrib(args[4], executor, &nullufun, 1)) { @@ -2175,11 +2175,11 @@ FUNCTION(fun_speak) } } - if (nargs < 6 || args[5] == '\0') + if (nargs < 6 || *args[5] == '\0') open = (char *) "\""; else open = args[5]; - if (nargs < 7 || args[6] == '\0') + if (nargs < 7 || *args[6] == '\0') close = open; else close = args[6]; diff --git a/src/game.c b/src/game.c index 0ed5c15..55c06cd 100644 --- a/src/game.c +++ b/src/game.c @@ -358,9 +358,11 @@ dump_database_internal(void) paranoid_checkpt = 1; #endif if(options.flagdb[0] != '\0') { - sprintf(realdumpfile, "%s%s", options.flagdb, options.compresssuff); + snprintf(realdumpfile, sizeof realdumpfile, "%.1790s%s", options.flagdb, + options.compresssuff); strcpy(tmpfl, make_new_epoch_file(options.flagdb, epoch)); - sprintf(realtmpfl, "%s%s", tmpfl, options.compresssuff); + snprintf(realtmpfl, sizeof realtmpfl, "%.1790s%s", tmpfl, + options.compresssuff); if((f = db_open_write(tmpfl)) != NULL) { use_flagfile = 1; db_write_flag_db(f); @@ -378,9 +380,11 @@ dump_database_internal(void) } } - sprintf(realdumpfile, "%s%s", globals.dumpfile, options.compresssuff); + snprintf(realdumpfile, sizeof realdumpfile, "%.1790s%s", globals.dumpfile, + options.compresssuff); strcpy(tmpfl, make_new_epoch_file(globals.dumpfile, epoch)); - sprintf(realtmpfl, "%s%s", tmpfl, options.compresssuff); + snprintf(realtmpfl, sizeof realtmpfl, "%.1790s%s", tmpfl, + options.compresssuff); if ((f = db_open_write(tmpfl)) != NULL) { switch (globals.paranoid_dump) { @@ -412,9 +416,11 @@ dump_database_internal(void) longjmp(db_err, 1); } #ifdef USE_MAILER - sprintf(realdumpfile, "%s%s", options.mail_db, options.compresssuff); + snprintf(realdumpfile, sizeof realdumpfile, "%.1790s%s", options.mail_db, + options.compresssuff); strcpy(tmpfl, make_new_epoch_file(options.mail_db, epoch)); - sprintf(realtmpfl, "%s%s", tmpfl, options.compresssuff); + snprintf(realtmpfl, sizeof realtmpfl, "%.1790s%s", tmpfl, + options.compresssuff); if (mdb_top >= 0) { if ((f = db_open_write(tmpfl)) != NULL) { dump_mail(f); @@ -433,9 +439,11 @@ dump_database_internal(void) } #endif #ifdef CHAT_SYSTEM - sprintf(realdumpfile, "%s%s", options.chatdb, options.compresssuff); + snprintf(realdumpfile, sizeof realdumpfile, "%.1790s%s", options.chatdb, + options.compresssuff); strcpy(tmpfl, make_new_epoch_file(options.chatdb, epoch)); - sprintf(realtmpfl, "%s%s", tmpfl, options.compresssuff); + snprintf(realtmpfl, sizeof realtmpfl, "%.1790s%s", tmpfl, + options.compresssuff); if ((f = db_open_write(tmpfl)) != NULL) { save_chatdb(f); db_close(f); diff --git a/src/ident.c b/src/ident.c index 0ee9f58..21be8ba 100644 --- a/src/ident.c +++ b/src/ident.c @@ -334,7 +334,7 @@ id_query(ident_t * id, struct sockaddr *laddr, socklen_t llen, getnameinfo(faddr, flen, NULL, 0, port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV); strncat(buf, port, sizeof(buf)); - strncat(buf, "\r\n", sizeof(buf)); + strncat(buf, "\r\n", sizeof(buf) - 1); if (timeout) { time_t now, after; diff --git a/src/pcre.c b/src/pcre.c index 6d66d2e..5c24c21 100644 --- a/src/pcre.c +++ b/src/pcre.c @@ -1821,7 +1821,7 @@ the pcre module can use all the optimization it can get). */ for (c = 0; c < 16; c++) start_bits[c] |= tcode[c]; for (c = 128; c < 256; c++) { - if ((tcode[c / 8] && (1 << (c & 7))) != 0) { + if (tcode[c / 8] && ((1 << (c & 7)) != 0)) { int d = (c >> 6) | 0xc0; /* Set bit for this starter */ start_bits[d / 8] |= (1 << (d & 7)); /* and then skip on to the */ c = (c & 0xc0) + 0x40 - 1; /* next relevant character. */ diff --git a/src/prog.c b/src/prog.c index 8f185f6..9415bf7 100644 --- a/src/prog.c +++ b/src/prog.c @@ -682,13 +682,13 @@ prog_load_desc(DESC * d) *rbp = '\0'; if (PromptConnection(d)) { if (ShowAnsiColor(d->player)) - snprintf(buf, BUFFER_LEN - 1, "%s %c%c", rbuf, IAC, GOAHEAD); + snprintf(buf, BUFFER_LEN - 1, "%.2045s %c%c", rbuf, IAC, GOAHEAD); else - snprintf(buf, BUFFER_LEN - 1, "%s %c%c", + snprintf(buf, BUFFER_LEN - 1, "%.2045s %c%c", remove_markup(rbuf, NULL), IAC, GOAHEAD); } else { if (ShowAnsiColor(d->player)) - snprintf(buf, BUFFER_LEN - 1, "%s\r\n", rbuf); + snprintf(buf, BUFFER_LEN - 1, "%.2045s\r\n", rbuf); else snprintf(buf, BUFFER_LEN - 1, "%s\r\n", remove_markup(rbuf, NULL)); } -- 2.30.2