Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/external/bsd/ntp/dist/ntpd Homogenize all strn{cpy, cat} and ...
details: https://anonhg.NetBSD.org/src/rev/8b833797931f
branches: trunk
changeset: 780868:8b833797931f
user: christos <christos%NetBSD.org@localhost>
date: Fri Aug 10 08:22:49 2012 +0000
description:
Homogenize all strn{cpy,cat} and snprintf() to a single append function to
prevent incorrect usage and buffer overflow.
diffstat:
external/bsd/ntp/dist/ntpd/refclock_parse.c | 355 +++++++++++++--------------
1 files changed, 174 insertions(+), 181 deletions(-)
diffs (truncated from 835 to 300 lines):
diff -r 9208a3ab522c -r 8b833797931f external/bsd/ntp/dist/ntpd/refclock_parse.c
--- a/external/bsd/ntp/dist/ntpd/refclock_parse.c Fri Aug 10 05:22:22 2012 +0000
+++ b/external/bsd/ntp/dist/ntpd/refclock_parse.c Fri Aug 10 08:22:49 2012 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: refclock_parse.c,v 1.5 2012/02/01 07:46:22 kardel Exp $ */
+/* $NetBSD: refclock_parse.c,v 1.6 2012/08/10 08:22:49 christos Exp $ */
/*
* /src/NTP/REPOSITORY/ntp4-dev/ntpd/refclock_parse.c,v 4.81 2009/05/01 10:15:29 kardel RELEASE_20090105_A
@@ -2418,6 +2418,20 @@
** support routines
**/
+static char *
+ap(char *buffer, size_t len, char *pos, const char *fmt, ...)
+{
+ va_list va;
+ int l;
+
+ va_start(va, fmt);
+ l = vsnprintf(pos, len - (pos - buffer), fmt, va);
+ va_end(va);
+ if (l != -1)
+ pos += l;
+ return pos;
+}
+
/*--------------------------------------------------
* convert a flag field to a string
*/
@@ -2464,8 +2478,6 @@
int i;
char *s, *t;
-
- *buffer = '\0';
s = t = buffer;
i = 0;
@@ -2474,9 +2486,8 @@
if (flagstrings[i].bit & lstate)
{
if (s != t)
- strncpy(t, "; ", BUFFER_SIZES(buffer, t, size));
- strncat(t, flagstrings[i].name, BUFFER_SIZES(buffer, t, size));
- t += strlen(t);
+ t = ap(buffer, size, t, "; ");
+ t = ap(buffer, size, t, "%s", flagstrings[i].name);
}
i++;
}
@@ -2484,13 +2495,11 @@
if (lstate & (PARSEB_S_LEAP|PARSEB_S_ANTENNA|PARSEB_S_PPS|PARSEB_S_POSITION))
{
if (s != t)
- strncpy(t, "; ", BUFFER_SIZES(buffer, t, size));
-
- t += strlen(t);
-
- strncpy(t, "(", BUFFER_SIZES(buffer, t, size));
-
- s = t = t + strlen(t);
+ t = ap(buffer, size, t, "; ");
+
+ t = ap(buffer, size, t, "(");
+
+ s = t;
i = 0;
while (sflagstrings[i].bit)
@@ -2499,16 +2508,15 @@
{
if (t != s)
{
- strncpy(t, "; ", BUFFER_SIZES(buffer, t, size));
- t += 2;
+ t = ap(buffer, size, t, "; ");
}
- strncpy(t, sflagstrings[i].name, BUFFER_SIZES(buffer, t, size));
- t += strlen(t);
+ t = ap(buffer, size, t, "%s",
+ sflagstrings[i].name);
}
i++;
}
- strncpy(t, ")", BUFFER_SIZES(buffer, t, size));
+ t = ap(buffer, size, t, ")");
}
return buffer;
}
@@ -2539,7 +2547,9 @@
{ 0, NULL }
};
int i;
-
+ char *t;
+
+ t = buffer;
*buffer = '\0';
i = 0;
@@ -2547,9 +2557,9 @@
{
if (flagstrings[i].bit & lstate)
{
- if (buffer[0])
- strncat(buffer, "; ", size);
- strncat(buffer, flagstrings[i].name, size - 2);
+ if (t == buffer)
+ t = ap(buffer, size, t, "; ");
+ t = ap(buffer, size, t, "%s", flagstrings[i].name);
}
i++;
}
@@ -2612,10 +2622,11 @@
char *t;
buffer[0] = '\0';
+ t = buffer;
if ((tmp = delta / (60*60*24)) != 0)
{
- snprintf(buffer, BUFFER_SIZE(buffer, buffer), "%ldd+", (u_long)tmp);
+ t = ap(buffer, sizeof(buffer), t, "%ldd+", (u_long)tmp);
delta -= tmp * 60*60*24;
}
@@ -2624,10 +2635,8 @@
m = delta % 60;
delta /= 60;
- t = buffer + strlen(buffer);
-
- snprintf(t, BUFFER_SIZE(buffer, t), "%02d:%02d:%02d",
- (int)delta, (int)m, (int)s);
+ t = ap(buffer, sizeof(buffer), t, "%02d:%02d:%02d",
+ (int)delta, (int)m, (int)s);
return buffer;
}
@@ -3206,7 +3215,7 @@
return 0; /* well, ok - special initialisation broke */
}
- strncpy(tmp_ctl.parseformat.parse_buffer, parse->parse_type->cl_format, sizeof(tmp_ctl.parseformat.parse_buffer));
+ strlcpy(tmp_ctl.parseformat.parse_buffer, parse->parse_type->cl_format, sizeof(tmp_ctl.parseformat.parse_buffer));
tmp_ctl.parseformat.parse_count = strlen(tmp_ctl.parseformat.parse_buffer);
if (!PARSE_SETFMT(parse, &tmp_ctl))
@@ -3490,16 +3499,16 @@
}
start = tt = add_var(&out->kv_list, 128, RO|DEF);
- snprintf(tt, 128, "refclock_time=\"");
- tt += strlen(tt);
+ tt = ap(start, 128, tt, "refclock_time=\"");
if (parse->timedata.parse_time.fp.l_ui == 0)
{
- strncpy(tt, "<UNDEFINED>\"", BUFFER_SIZES(start, tt, 128));
+ tt = ap(start, 128, tt, "<UNDEFINED>\"");
}
else
{
- snprintf(tt, 128, "%s\"", gmprettydate(&parse->timedata.parse_time.fp));
+ tt = ap(start, 128, tt, "%s\"",
+ gmprettydate(&parse->timedata.parse_time.fp));
}
if (!PARSE_GETTIMECODE(parse, &tmpctl))
@@ -3510,8 +3519,7 @@
else
{
start = tt = add_var(&out->kv_list, 512, RO|DEF);
- snprintf(tt, 512, "refclock_status=\"");
- tt += strlen(tt);
+ tt = ap(start, 512, tt, "refclock_status=\"");
/*
* copy PPS flags from last read transaction (informational only)
@@ -3521,7 +3529,7 @@
(void) parsestate(tmpctl.parsegettc.parse_state, tt, BUFFER_SIZES(start, tt, 512));
- strncat(tt, "\"", BUFFER_SIZES(start, tt, 512));
+ tt = ap(start, 512, tt, "\"");
if (tmpctl.parsegettc.parse_count)
mkascii(outstatus+strlen(outstatus), (int)(sizeof(outstatus)- strlen(outstatus) - 1),
@@ -3538,11 +3546,14 @@
}
else
{
- tt = add_var(&out->kv_list, 80, RO|DEF);
- snprintf(tt, 80, "refclock_format=\"");
-
- strncat(tt, tmpctl.parseformat.parse_buffer, tmpctl.parseformat.parse_count);
- strncat(tt,"\"", 80);
+ start = tt = add_var(&out->kv_list, 80, RO|DEF);
+ tt = ap(start, 80, tt, "refclock_format=\"");
+
+ tt = ap(start, 80, tt, "*.*s",
+ tmpctl.parseformat.parse_count,
+ tmpctl.parseformat.parse_count,
+ tmpctl.parseformat.parse_buffer);
+ tt = ap(start, 80, tt, "\"");
}
/*
@@ -3550,8 +3561,7 @@
*/
start = tt = add_var(&out->kv_list, LEN_STATES, RO|DEF);
- strncpy(tt, "refclock_states=\"", LEN_STATES);
- tt += strlen(tt);
+ tt = ap(start, LEN_STATES, tt, "refclock_states=\"");
for (i = 0; i <= CEVNT_MAX; i++)
{
@@ -3585,14 +3595,15 @@
(int)(percent / 100), (int)(percent % 100));
if ((count = strlen(item)) < (LEN_STATES - 40 - (tt - start)))
{
- strncpy(tt, item, BUFFER_SIZES(start, tt, LEN_STATES));
- tt += count;
+ tt = ap(start, LEN_STATES, tt,
+ "%s", item);
}
sum += s_time;
}
}
- snprintf(tt, BUFFER_SIZES(start, tt, LEN_STATES), "; running time: %s\"", l_mktime(sum));
+ tt = ap(start, LEN_STATES, tt,
+ "; running time: %s\"", l_mktime(sum));
tt = add_var(&out->kv_list, 32, RO);
snprintf(tt, 32, "refclock_id=\"%s\"", parse->parse_type->cl_id);
@@ -4263,32 +4274,32 @@
char *p, *b;
status = get_lsb_short(&bufp);
- snprintf(buffer, sizeof(buffer), "meinberg_gps_status=\"[0x%04x] ", status);
+ p = b = buffer;
+ p = ap(buffer, sizeof(buffer), p,
+ "meinberg_gps_status=\"[0x%04x] ",
+ status);
if (status)
{
- p = b = buffer + strlen(buffer);
+ b = p;
while (s->flag)
{
if (status & s->flag)
{
if (p != b)
{
- *p++ = ',';
- *p++ = ' ';
+ p = ap(buffer, sizeof(buffer), p, ", ");
}
- strncat(p, (const char *)s->string, sizeof(buffer));
+ p = ap(buffer, sizeof(buffer), p, "%s", (const char *)s->string);
}
s++;
}
-
- *p++ = '"';
- *p = '\0';
+ p = ap(buffer, sizeof(buffer), p, "\"");
}
else
{
- strncat(buffer, "<OK>\"", sizeof(buffer));
+ p = ap(buffer, sizeof(buffer), p, "<OK>\"");
}
set_var(&parse->kv, buffer, strlen(buffer)+1, RO|DEF);
@@ -4339,53 +4350,54 @@
{
ANT_INFO antinfo;
char buffer[512];
- char *p;
+ char *p, *q;
get_mbg_antinfo(&bufp, &antinfo);
- snprintf(buffer, sizeof(buffer), "meinberg_antenna_status=\"");
- p = buffer + strlen(buffer);
-
+ p = buffer;
+ p = ap(buffer, sizeof(buffer), p, "meinberg_antenna_status=\"");
switch (antinfo.status)
{
case ANT_INVALID:
- strncat(p, "<OK>", BUFFER_SIZE(buffer, p));
- p += strlen(p);
+ p = ap(buffer, sizeof(buffer),
Home |
Main Index |
Thread Index |
Old Index