Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/netstat snprintf length audit. from openbsd
details: https://anonhg.NetBSD.org/src/rev/d77aa7f81ad6
branches: trunk
changeset: 513969:d77aa7f81ad6
user: itojun <itojun%NetBSD.org@localhost>
date: Sun Aug 19 02:01:24 2001 +0000
description:
snprintf length audit. from openbsd
diffstat:
usr.bin/netstat/atalk.c | 25 +++++++++++++++++++------
usr.bin/netstat/route.c | 33 ++++++++++++++++++++++++++-------
2 files changed, 45 insertions(+), 13 deletions(-)
diffs (129 lines):
diff -r 49bb10d1f316 -r d77aa7f81ad6 usr.bin/netstat/atalk.c
--- a/usr.bin/netstat/atalk.c Sun Aug 19 01:37:39 2001 +0000
+++ b/usr.bin/netstat/atalk.c Sun Aug 19 02:01:24 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: atalk.c,v 1.6 2000/10/11 14:46:14 is Exp $ */
+/* $NetBSD: atalk.c,v 1.7 2001/08/19 02:01:24 itojun Exp $ */
/*
* Copyright (c) 1983, 1988, 1993
@@ -38,7 +38,7 @@
#if 0
static char sccsid[] = "from @(#)atalk.c 1.1 (Whistle) 6/6/96";
#else
-__RCSID("$NetBSD: atalk.c,v 1.6 2000/10/11 14:46:14 is Exp $");
+__RCSID("$NetBSD: atalk.c,v 1.7 2001/08/19 02:01:24 itojun Exp $");
#endif
#endif /* not lint */
@@ -205,7 +205,7 @@
const struct sockaddr *mask;
int what;
{
- int n;
+ size_t n, l;
static char buf[100];
struct sockaddr_at *sat1, *sat2;
struct sockaddr_at thesockaddr;
@@ -218,15 +218,28 @@
thesockaddr.sat_addr.s_net = sat1->sat_addr.s_net &
sat2->sat_addr.s_net;
n = snprintf(buf, sizeof(buf), "%s", atalk_print(sa2, 1 | (what & 8)));
+ if (n >= sizeof(buf))
+ n = sizeof(buf) - 1;
+ else if (n == -1)
+ n = 0; /* What else can be done ? */
if (sat2->sat_addr.s_net != 0xFFFF) {
thesockaddr.sat_addr.s_net = sat1->sat_addr.s_net |
~sat2->sat_addr.s_net;
- n += snprintf(buf + n, sizeof(buf) - n,
+ l = snprintf(buf + n, sizeof(buf) - n,
"-%s", atalk_print(sa2, 1 | (what & 8)));
+ if (l >= sizeof(buf) - n)
+ l = sizeof(buf) - n - 1;
+ if (l > 0)
+ n += l;
}
- if (what & 2)
- n += snprintf(buf + n, sizeof(buf) - n, ".%s",
+ if (what & 2) {
+ l = snprintf(buf + n, sizeof(buf) - n, ".%s",
atalk_print(sa, what & (~1)));
+ if (l >= sizeof(buf) - n)
+ l = sizeof(buf) - n - 1;
+ if (l > 0)
+ n += l;
+ }
return (buf);
}
diff -r 49bb10d1f316 -r d77aa7f81ad6 usr.bin/netstat/route.c
--- a/usr.bin/netstat/route.c Sun Aug 19 01:37:39 2001 +0000
+++ b/usr.bin/netstat/route.c Sun Aug 19 02:01:24 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: route.c,v 1.56 2001/05/28 04:22:56 assar Exp $ */
+/* $NetBSD: route.c,v 1.57 2001/08/19 02:01:25 itojun Exp $ */
/*
* Copyright (c) 1983, 1988, 1993
@@ -38,7 +38,7 @@
#if 0
static char sccsid[] = "from: @(#)route.c 8.3 (Berkeley) 3/9/94";
#else
-__RCSID("$NetBSD: route.c,v 1.56 2001/05/28 04:22:56 assar Exp $");
+__RCSID("$NetBSD: route.c,v 1.57 2001/08/19 02:01:25 itojun Exp $");
#endif
#endif /* not lint */
@@ -423,6 +423,7 @@
char workbuf[128], *cplim;
char *cp = workbuf;
char *ep = workbuf + sizeof(workbuf);
+ int n;
switch(sa->sa_family) {
case AF_INET:
@@ -511,8 +512,13 @@
cplim = "";
for (i = 0; i < alen; i++, lla++) {
/* XXX */
- cp += snprintf(cp, ep - cp,
+ n = snprintf(cp, ep - cp,
"%s%02x", cplim, *lla);
+ if (n < 0)
+ continue;
+ if (n >= ep - cp)
+ n = ep - cp - 1;
+ cp += n;
cplim = ":";
}
cp = workbuf;
@@ -531,11 +537,24 @@
slim = sa->sa_len + (u_char *) sa;
cplim = cp + sizeof(workbuf) - 6;
- cp += snprintf(cp, ep - cp, "(%d)", sa->sa_family);
+ n = snprintf(cp, ep - cp, "(%d)", sa->sa_family);
+ if (n >= ep - cp)
+ n = ep - cp - 1;
+ if (n > 0)
+ cp += n;
while (s < slim && cp < cplim) {
- cp += snprintf(cp, ep - cp, " %02x", *s++);
- if (s < slim)
- cp += snprintf(cp, ep - cp, "%02x", *s++);
+ n = snprintf(cp, ep - cp, " %02x", *s++);
+ if (n >= ep - cp)
+ n = ep - cp - 1;
+ if (n > 0)
+ cp += n;
+ if (s < slim) {
+ n = snprintf(cp, ep - cp, "%02x", *s++);
+ if (n >= ep - cp)
+ n = ep - cp - 1;
+ if (n > 0)
+ cp += n;
+ }
}
cp = workbuf;
}
Home |
Main Index |
Thread Index |
Old Index