Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/make PR/8259: Chris Demetriou: Fix stack overflow bu...
details: https://anonhg.NetBSD.org/src/rev/92b61263dd21
branches: trunk
changeset: 476032:92b61263dd21
user: christos <christos%NetBSD.org@localhost>
date: Sat Sep 04 04:21:28 1999 +0000
description:
PR/8259: Chris Demetriou: Fix stack overflow bugs exposed by the glibc-2.1.1
Makefile. Use snprintf everywhere.
diffstat:
usr.bin/make/arch.c | 37 +++++++++++++++++++++++++------------
usr.bin/make/job.c | 18 ++++++++++--------
usr.bin/make/main.c | 25 +++++++++++++++++--------
usr.bin/make/util.c | 24 +++++++++++++-----------
4 files changed, 65 insertions(+), 39 deletions(-)
diffs (truncated from 374 to 300 lines):
diff -r 644f892d6e07 -r 92b61263dd21 usr.bin/make/arch.c
--- a/usr.bin/make/arch.c Sat Sep 04 03:58:13 1999 +0000
+++ b/usr.bin/make/arch.c Sat Sep 04 04:21:28 1999 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: arch.c,v 1.29 1998/11/11 19:37:06 christos Exp $ */
+/* $NetBSD: arch.c,v 1.30 1999/09/04 04:21:28 christos Exp $ */
/*
* Copyright (c) 1988, 1989, 1990, 1993
@@ -39,14 +39,14 @@
*/
#ifdef MAKE_BOOTSTRAP
-static char rcsid[] = "$NetBSD: arch.c,v 1.29 1998/11/11 19:37:06 christos Exp $";
+static char rcsid[] = "$NetBSD: arch.c,v 1.30 1999/09/04 04:21:28 christos Exp $";
#else
#include <sys/cdefs.h>
#ifndef lint
#if 0
static char sccsid[] = "@(#)arch.c 8.2 (Berkeley) 1/2/94";
#else
-__RCSID("$NetBSD: arch.c,v 1.29 1998/11/11 19:37:06 christos Exp $");
+__RCSID("$NetBSD: arch.c,v 1.30 1999/09/04 04:21:28 christos Exp $");
#endif
#endif /* not lint */
#endif
@@ -205,7 +205,7 @@
GNode *gn; /* New node */
char *libName; /* Library-part of specification */
char *memName; /* Member-part of specification */
- char nameBuf[MAKE_BSIZE]; /* temporary place for node name */
+ char *nameBuf; /* temporary place for node name */
char saveChar; /* Ending delimiter of member-name */
Boolean subLibName; /* TRUE if libName should have/had
* variable substitution performed on it */
@@ -318,6 +318,7 @@
char *buf;
char *sacrifice;
char *oldMemName = memName;
+ size_t sz;
memName = Var_Subst(NULL, memName, ctxt, TRUE);
@@ -326,9 +327,10 @@
* variables and multi-word variable values.... The results
* are just placed at the end of the nodeLst we're returning.
*/
- buf = sacrifice = emalloc(strlen(memName)+strlen(libName)+3);
+ sz = strlen(memName)+strlen(libName)+3;
+ buf = sacrifice = emalloc(sz);
- sprintf(buf, "%s(%s)", libName, memName);
+ snprintf(buf, sz, "%s(%s)", libName, memName);
if (strchr(memName, '$') && strcmp(memName, oldMemName) == 0) {
/*
@@ -360,15 +362,21 @@
} else if (Dir_HasWildcards(memName)) {
Lst members = Lst_Init(FALSE);
char *member;
+ size_t sz = MAXPATHLEN, nsz;
+ nameBuf = emalloc(sz);
Dir_Expand(memName, dirSearchPath, members);
while (!Lst_IsEmpty(members)) {
member = (char *)Lst_DeQueue(members);
+ nsz = strlen(libName) + strlen(member) + 3;
+ if (sz > nsz)
+ nameBuf = erealloc(nameBuf, sz = nsz * 2);
- sprintf(nameBuf, "%s(%s)", libName, member);
+ snprintf(nameBuf, sz, "%s(%s)", libName, member);
free(member);
gn = Targ_FindNode (nameBuf, TARG_CREATE);
if (gn == NILGNODE) {
+ free(nameBuf);
return (FAILURE);
} else {
/*
@@ -383,9 +391,13 @@
}
}
Lst_Destroy(members, NOFREE);
+ free(nameBuf);
} else {
- sprintf(nameBuf, "%s(%s)", libName, memName);
+ size_t sz = strlen(libName) + strlen(memName) + 3;
+ nameBuf = emalloc(sz);
+ snprintf(nameBuf, sz, "%s(%s)", libName, memName);
gn = Targ_FindNode (nameBuf, TARG_CREATE);
+ free(nameBuf);
if (gn == NILGNODE) {
return (FAILURE);
} else {
@@ -951,7 +963,7 @@
free(p1);
if (p2)
free(p2);
- sprintf(arh.ar_date, "%-12ld", (long) now);
+ snprintf(arh.ar_date, sizeof(arh.ar_date), "%-12ld", (long) now);
if (arch != (FILE *) NULL) {
(void)fwrite ((char *)&arh, sizeof (struct ar_hdr), 1, arch);
@@ -984,7 +996,7 @@
struct utimbuf times; /* Times for utime() call */
arch = ArchFindMember (gn->path, RANLIBMAG, &arh, "r+");
- sprintf(arh.ar_date, "%-12ld", (long) now);
+ snprintf(arh.ar_date, sizeof(arh.ar_date), "%-12ld", (long) now);
if (arch != (FILE *) NULL) {
(void)fwrite ((char *)&arh, sizeof (struct ar_hdr), 1, arch);
@@ -1122,9 +1134,10 @@
Lst path; /* Search path */
{
char *libName; /* file name for archive */
+ size_t sz = strlen(gn->name) + 6 - 2;
- libName = (char *)emalloc (strlen (gn->name) + 6 - 2);
- sprintf(libName, "lib%s.a", &gn->name[2]);
+ libName = (char *)emalloc(sz);
+ snprintf(libName, sz, "lib%s.a", &gn->name[2]);
gn->path = Dir_FindFile (libName, path);
diff -r 644f892d6e07 -r 92b61263dd21 usr.bin/make/job.c
--- a/usr.bin/make/job.c Sat Sep 04 03:58:13 1999 +0000
+++ b/usr.bin/make/job.c Sat Sep 04 04:21:28 1999 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: job.c,v 1.28 1999/07/16 05:38:20 christos Exp $ */
+/* $NetBSD: job.c,v 1.29 1999/09/04 04:21:28 christos Exp $ */
/*
* Copyright (c) 1988, 1989, 1990 The Regents of the University of California.
@@ -39,14 +39,14 @@
*/
#ifdef MAKE_BOOTSTRAP
-static char rcsid[] = "$NetBSD: job.c,v 1.28 1999/07/16 05:38:20 christos Exp $";
+static char rcsid[] = "$NetBSD: job.c,v 1.29 1999/09/04 04:21:28 christos Exp $";
#else
#include <sys/cdefs.h>
#ifndef lint
#if 0
static char sccsid[] = "@(#)job.c 8.2 (Berkeley) 3/19/94";
#else
-__RCSID("$NetBSD: job.c,v 1.28 1999/07/16 05:38:20 christos Exp $");
+__RCSID("$NetBSD: job.c,v 1.29 1999/09/04 04:21:28 christos Exp $");
#endif
#endif /* not lint */
#endif
@@ -1383,7 +1383,7 @@
* Bourne shell thinks its second argument is a file to source.
* Grrrr. Note the ten-character limitation on the combined arguments.
*/
- (void)sprintf(args, "-%s%s",
+ (void)snprintf(args, sizeof(args), "-%s%s",
((job->flags & JOB_IGNERR) ? "" :
(commandShell->exit ? commandShell->exit : "")),
((job->flags & JOB_SILENT) ? "" :
@@ -1519,7 +1519,7 @@
* 'echo' flag of the commandShell is used to get it to start echoing
* as soon as it starts processing commands.
*/
- char *argv[4];
+ char *argv[10];
JobMakeArgv(job, argv);
@@ -1680,7 +1680,7 @@
* if any. */
{
register Job *job; /* new job descriptor */
- char *argv[4]; /* Argument vector to shell */
+ char *argv[10]; /* Argument vector to shell */
static int jobno = 0; /* job number of catching output in a file */
Boolean cmdsOK; /* true if the nodes commands were all right */
Boolean local; /* Set true if the job was run locally */
@@ -1902,7 +1902,8 @@
} else {
(void) fprintf(stdout, "Remaking `%s'\n", gn->name);
(void) fflush(stdout);
- sprintf(job->outFile, "%s%02d", tfile, jobno);
+ (void)snprintf(job->outFile, sizeof(job->outFile), "%s%02d", tfile,
+ jobno);
jobno = (jobno + 1) % 100;
job->outFd = open(job->outFile,O_WRONLY|O_CREAT|O_APPEND,0600);
(void) fcntl(job->outFd, F_SETFD, 1);
@@ -2422,7 +2423,8 @@
{
GNode *begin; /* node for commands to do at the very start */
- (void) sprintf(tfile, "/tmp/make%05ld", (unsigned long)getpid());
+ (void) snprintf(tfile, sizeof(tfile), "/tmp/make%05ld",
+ (unsigned long)getpid());
jobs = Lst_Init(FALSE);
stoppedJobs = Lst_Init(FALSE);
diff -r 644f892d6e07 -r 92b61263dd21 usr.bin/make/main.c
--- a/usr.bin/make/main.c Sat Sep 04 03:58:13 1999 +0000
+++ b/usr.bin/make/main.c Sat Sep 04 04:21:28 1999 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.47 1999/08/02 17:23:58 hubertf Exp $ */
+/* $NetBSD: main.c,v 1.48 1999/09/04 04:21:28 christos Exp $ */
/*
* Copyright (c) 1988, 1989, 1990, 1993
@@ -39,7 +39,7 @@
*/
#ifdef MAKE_BOOTSTRAP
-static char rcsid[] = "$NetBSD: main.c,v 1.47 1999/08/02 17:23:58 hubertf Exp $";
+static char rcsid[] = "$NetBSD: main.c,v 1.48 1999/09/04 04:21:28 christos Exp $";
#else
#include <sys/cdefs.h>
#ifndef lint
@@ -51,7 +51,7 @@
#if 0
static char sccsid[] = "@(#)main.c 8.3 (Berkeley) 3/19/94";
#else
-__RCSID("$NetBSD: main.c,v 1.47 1999/08/02 17:23:58 hubertf Exp $");
+__RCSID("$NetBSD: main.c,v 1.48 1999/09/04 04:21:28 christos Exp $");
#endif
#endif /* not lint */
#endif
@@ -390,6 +390,7 @@
char *args; /* Space used by the args */
char *buf, *p1;
char *argv0 = Var_Value(".MAKE", VAR_GLOBAL, &p1);
+ size_t len;
if (line == NULL)
return;
@@ -398,8 +399,8 @@
if (!*line)
return;
- buf = emalloc(strlen(line) + strlen(argv0) + 2);
- (void)sprintf(buf, "%s %s", argv0, line);
+ buf = emalloc(len = strlen(line) + strlen(argv0) + 2);
+ (void)snprintf(buf, len, "%s %s", argv0, line);
if (p1)
free(p1);
@@ -874,7 +875,8 @@
char *fname = p; /* makefile to read */
extern Lst parseIncPath;
FILE *stream;
- char *name, path[MAXPATHLEN + 1];
+ size_t len = MAXPATHLEN;
+ char *name, *path = emalloc(len);
if (!strcmp(fname, "-")) {
Parse_File("(stdin)", stdin);
@@ -884,7 +886,11 @@
goto found;
/* if we've chdir'd, rebuild the path name */
if (curdir != objdir && *fname != '/') {
- (void)sprintf(path, "%s/%s", curdir, fname);
+ size_t plen = strlen(curdir) + strlen(fname) + 2;
+ if (len < plen)
+ path = erealloc(path, len = 2 * plen);
+
+ (void)snprintf(path, len, "%s/%s", curdir, fname);
if ((stream = fopen(path, "r")) != NULL) {
fname = path;
goto found;
@@ -894,8 +900,10 @@
name = Dir_FindFile(fname, parseIncPath);
if (!name)
name = Dir_FindFile(fname, sysIncPath);
- if (!name || !(stream = fopen(name, "r")))
+ if (!name || !(stream = fopen(name, "r"))) {
+ free(path);
return(FALSE);
+ }
fname = name;
/*
* set the MAKEFILE variable desired by System V fans -- the
@@ -906,6 +914,7 @@
Parse_File(fname, stream);
(void)fclose(stream);
}
+ free(path);
return(TRUE);
}
diff -r 644f892d6e07 -r 92b61263dd21 usr.bin/make/util.c
--- a/usr.bin/make/util.c Sat Sep 04 03:58:13 1999 +0000
+++ b/usr.bin/make/util.c Sat Sep 04 04:21:28 1999 +0000
@@ -1,15 +1,15 @@
-/* $NetBSD: util.c,v 1.22 1999/08/27 00:47:25 simonb Exp $ */
+/* $NetBSD: util.c,v 1.23 1999/09/04 04:21:28 christos Exp $ */
/*
* Missing stuff from OS's
*/
#ifdef MAKE_BOOTSTRAP
-static char rcsid[] = "$NetBSD: util.c,v 1.22 1999/08/27 00:47:25 simonb Exp $";
Home |
Main Index |
Thread Index |
Old Index