diff -arcN xipmsg-8088/brocas.c xipmsg-8088-paranoia/brocas.c *** xipmsg-8088/brocas.c Fri Feb 25 18:50:37 2005 --- xipmsg-8088-paranoia/brocas.c Mon May 2 19:58:58 2005 *************** *** 142,150 **** char * str_dup(const char *s) { ! char *p = malloc(strlen(s) + 1); if (p != NULL) ! strcpy(p, s); return p; }/* str_dup */ --- 142,151 ---- char * str_dup(const char *s) { ! size_t len = strlen(s) + 1; ! char *p = malloc(len); if (p != NULL) ! strlcpy(p, s, len); return p; }/* str_dup */ *************** *** 529,535 **** char lbuf[64], *p; size_t size; memset(lbuf, '\0', sizeof(lbuf)); ! sprintf(lbuf, "%16s.%d ", inet_ntoa(xq->xq_saddr.sin.sin_addr), ntohs(xq->xq_saddr.sin.sin_port)); p = strchr(lbuf, '\0'); size = sizeof(lbuf) - (p - lbuf); memcpy(p, xq->xq_buf, MIN(xq->xq_size, size - 1)); --- 530,537 ---- char lbuf[64], *p; size_t size; memset(lbuf, '\0', sizeof(lbuf)); ! if (snprintf(lbuf, sizeof(lbuf), "%16s.%d ", inet_ntoa(xq->xq_saddr.sin.sin_addr), ntohs(xq->xq_saddr.sin.sin_port)) == -1) ! error("xq_work_proc: bad field specification"); p = strchr(lbuf, '\0'); size = sizeof(lbuf) - (p - lbuf); memcpy(p, xq->xq_buf, MIN(xq->xq_size, size - 1)); *************** *** 649,655 **** char lbuf[2 + 12 + USERNAME_MAX + 1 + HOSTNAME_MAX + 1 + 12]; int err, flags = 0; struct iov_t v; ! sprintf(lbuf, "1:%ld:%.*s:%.*s:%lu:", msg_number++, USERNAME_MAX, bro_user, HOSTNAME_MAX, bro_host, command); SET_IOV(&v, (void *)iov, lbuf, strlen(lbuf)); if (retryflag) { err = p_sendtov(so, to, msg_number - 1, &v); --- 651,658 ---- char lbuf[2 + 12 + USERNAME_MAX + 1 + HOSTNAME_MAX + 1 + 12]; int err, flags = 0; struct iov_t v; ! if (snprintf(lbuf, sizeof(lbuf), "1:%ld:%.*s:%.*s:%lu:", msg_number++, USERNAME_MAX, bro_user, HOSTNAME_MAX, bro_host, command) == -1) ! error("send_msgv: bad field specification"); SET_IOV(&v, (void *)iov, lbuf, strlen(lbuf)); if (retryflag) { err = p_sendtov(so, to, msg_number - 1, &v); *************** *** 666,672 **** char lbuf[2 + 12 + USERNAME_MAX + 1 + HOSTNAME_MAX + 1 + 12]; int err, flags = 0; struct iov_t v[2]; ! sprintf(lbuf, "1:%ld:%.*s:%.*s:%lu:", msg_number++, USERNAME_MAX, bro_user, HOSTNAME_MAX, bro_host, command); SET_IOV(&v[0], &v[1], lbuf, strlen(lbuf)); SET_IOV(&v[1], NULL, (void *)msg, strlen(msg) + 1); err = sendtov(so, flags, &to->sa, sizeof(to->sin), v); --- 669,676 ---- char lbuf[2 + 12 + USERNAME_MAX + 1 + HOSTNAME_MAX + 1 + 12]; int err, flags = 0; struct iov_t v[2]; ! if (snprintf(lbuf, sizeof(lbuf), "1:%ld:%.*s:%.*s:%lu:", msg_number++, USERNAME_MAX, bro_user, HOSTNAME_MAX, bro_host, command) == -1) ! error("send_msg: bad field specification"); SET_IOV(&v[0], &v[1], lbuf, strlen(lbuf)); SET_IOV(&v[1], NULL, (void *)msg, strlen(msg) + 1); err = sendtov(so, flags, &to->sa, sizeof(to->sin), v); *************** *** 835,841 **** size_t len = strlen(ns->ns_nick) + 1 + strlen(ns->ns_host); ls[i] = malloc(len + 1); if (ls[i] != NULL) { ! strcat(strcat(strcpy(ls[i], ns->ns_nick), "@"), ns->ns_host); } }/* for */ ls[n] = NULL; --- 839,846 ---- size_t len = strlen(ns->ns_nick) + 1 + strlen(ns->ns_host); ls[i] = malloc(len + 1); if (ls[i] != NULL) { ! if (snprintf(ls[i], len + 1, "%s@%s", ns->ns_nick, ns->ns_host) == -1) ! error("ns_list: bad field specification"); } }/* for */ ls[n] = NULL; *************** *** 981,987 **** send_IPMSG_READMSG(struct maddr_t *replyto, unsigned long pkno) { char lbuf[20]; ! sprintf(lbuf, "%lu", pkno); send_msg(replyto->m_so, &replyto->m_saddr, IPMSG_READMSG, lbuf); return 0; }/* send_IPMSG_READMSG */ --- 986,993 ---- send_IPMSG_READMSG(struct maddr_t *replyto, unsigned long pkno) { char lbuf[20]; ! if (snprintf(lbuf, sizeof(lbuf), "%lu", pkno) == -1) ! error("send_IPMSG_READMSG: bad field specification"); send_msg(replyto->m_so, &replyto->m_saddr, IPMSG_READMSG, lbuf); return 0; }/* send_IPMSG_READMSG */ *************** *** 1027,1033 **** { char lbuf[32]; int err; ! sprintf(lbuf, "%lu", pkno); err = send_msg(so, from, IPMSG_RECVMSG, lbuf); return err; }/* reply_IPMSG_RECVMSG */ --- 1033,1040 ---- { char lbuf[32]; int err; ! if (snprintf(lbuf, sizeof(lbuf), "%lu", pkno) == -1) ! error("reply_IPMSG_RECVMSG: bad field specification"); err = send_msg(so, from, IPMSG_RECVMSG, lbuf); return err; }/* reply_IPMSG_RECVMSG */ *************** *** 1170,1176 **** struct msg_data_t md; wrap_euc(wrapbuf, pk->pk_msg, BRO_COLUMNS); strtrim(wrapbuf); ! strcat(strcat(strncpyz(idname, nick, USERNAME_MAX), "@"), ns->ns_host); md.md_replyto = (void *)&pk->pk_maddr; md.md_msg = wrapbuf; md.md_icon = pk->pk_icon; --- 1177,1184 ---- struct msg_data_t md; wrap_euc(wrapbuf, pk->pk_msg, BRO_COLUMNS); strtrim(wrapbuf); ! if (snprintf(idname, sizeof(idname), "%s@%s", nick, ns->ns_host) == -1) ! error("recv_IPMSG_SENDMSG: bad field specification"); md.md_replyto = (void *)&pk->pk_maddr; md.md_msg = wrapbuf; md.md_icon = pk->pk_icon; *************** *** 1198,1204 **** if (xq != NULL) { char lbuf[80]; xq_deq(xq); ! sprintf(lbuf, "%16s.%d ", inet_ntoa(xq->xq_saddr.sin.sin_addr), ntohs(xq->xq_saddr.sin.sin_port)); call_cback(BRO_EV_RECV_ACK, lbuf); free(xq->xq_buf); free(xq); --- 1206,1213 ---- if (xq != NULL) { char lbuf[80]; xq_deq(xq); ! if (snprintf(lbuf, sizeof(lbuf), "%16s.%d ", inet_ntoa(xq->xq_saddr.sin.sin_addr), ntohs(xq->xq_saddr.sin.sin_port)) == -1) ! error("recv_IPMSG_RECVMSG: bad field specification"); call_cback(BRO_EV_RECV_ACK, lbuf); free(xq->xq_buf); free(xq); diff -arcN xipmsg-8088/xipmsg.c xipmsg-8088-paranoia/xipmsg.c *** xipmsg-8088/xipmsg.c Wed Mar 2 16:40:19 2005 --- xipmsg-8088-paranoia/xipmsg.c Wed May 4 11:59:18 2005 *************** *** 194,200 **** if (fr != NULL) { memset(fr, '\0', sizeof(*fr)); strncpyz(fr->fr_name, from, sizeof(fr->fr_name)); ! strcpy(fr->fr_last_msg, last_msg); fr->fr_x0 = lastx; fr->fr_y0 = lasty; fr->fr_x = lastx; --- 194,200 ---- if (fr != NULL) { memset(fr, '\0', sizeof(*fr)); strncpyz(fr->fr_name, from, sizeof(fr->fr_name)); ! strlcpy(fr->fr_last_msg, last_msg, sizeof(fr->fr_last_msg)); fr->fr_x0 = lastx; fr->fr_y0 = lasty; fr->fr_x = lastx; *************** *** 471,480 **** { char *ret, lbuf[64]; time_t now = time(NULL); struct tm lc = *localtime(&now); ! sprintf(lbuf, "\n\n%02d:%02d ", lc.tm_hour, lc.tm_min); ! ret = XtMalloc(strlen(msg) + strlen(lbuf) + strlen(from) + 1); ! strcat(strcat(strcpy(ret, msg), lbuf), from); return ret; }/* mkmsg */ --- 471,487 ---- { char *ret, lbuf[64]; time_t now = time(NULL); + int n; + size_t len; struct tm lc = *localtime(&now); ! n = snprintf(lbuf, sizeof(lbuf), "\n\n%02d:%02d ", lc.tm_hour, lc.tm_min); ! if (n == -1) ! fprintf(stderr, "mkmsg: bad field specification"); ! len = strlen(msg) + strlen(lbuf) + strlen(from) + 1; ! ret = XtMalloc(len); ! n = snprintf(ret, len, "%s%s%s", msg, lbuf, from); ! if (n == -1) ! fprintf(stderr, "mkmsg: bad field specification"); return ret; }/* mkmsg */ *************** *** 498,504 **** str_pkno = XtMalloc(20); if (opt & IPMSG_SECRETOPT) { cryption(label, 0); ! sprintf(str_pkno, "%lu", pkno); } pix = XCreateBitmapFromData(XtDisplay(toplevel), XtWindow(toplevel), (char *)icon, 32, 32); dialog = XtVaCreateManagedWidget("recv_from", dialogWidgetClass, popup, --- 505,512 ---- str_pkno = XtMalloc(20); if (opt & IPMSG_SECRETOPT) { cryption(label, 0); ! if (snprintf(str_pkno, 20, "%lu", pkno) == -1) ! fprintf(stderr, "recv_dialog: bad field specification"); } pix = XCreateBitmapFromData(XtDisplay(toplevel), XtWindow(toplevel), (char *)icon, 32, 32); dialog = XtVaCreateManagedWidget("recv_from", dialogWidgetClass, popup, *************** *** 527,533 **** from_count_up(fr); XtVaSetValues(popup, XtNx, nx, XtNy, ny, NULL); XtPopup(popup, XtGrabNone); ! sprintf(title, "%s %s.%d", from, inet_ntoa(replyto->m_saddr.sin.sin_addr), (unsigned short)htons(replyto->m_saddr.sin.sin_port)); #ifdef NOTDEF XStoreName(XtDisplay(popup), XtWindow(popup), title); #else --- 535,542 ---- from_count_up(fr); XtVaSetValues(popup, XtNx, nx, XtNy, ny, NULL); XtPopup(popup, XtGrabNone); ! if (snprintf(title, sizeof(title), "%s %s.%d", from, inet_ntoa(replyto->m_saddr.sin.sin_addr), (unsigned short)htons(replyto->m_saddr.sin.sin_port)) == -1) ! fprintf(stderr, "recv_dialog: bad field specification"); #ifdef NOTDEF XStoreName(XtDisplay(popup), XtWindow(popup), title); #else *************** *** 606,612 **** get_icon_data(img, pat); XDestroyImage(img); last_icon = icon; ! strcpy(last_msg, msg); fr = from_lookup(label); if (fr != NULL) strncpyz(fr->fr_last_msg, msg, sizeof(fr->fr_last_msg)); --- 615,621 ---- get_icon_data(img, pat); XDestroyImage(img); last_icon = icon; ! strlcpy(last_msg, msg, MESSAGE_MAX - 1 - 128); fr = from_lookup(label); if (fr != NULL) strncpyz(fr->fr_last_msg, msg, sizeof(fr->fr_last_msg)); *************** *** 660,666 **** for (i = 0; i < n; i++) { char iname[256]; Widget entry; ! sprintf(iname, "%s%02d", inst, i); entry = XtVaCreateManagedWidget(iname, smeBSBObjectClass, menu, NULL); XtAddCallback(entry, XtNcallback, callback, (XtPointer)i); }/* for */ --- 669,676 ---- for (i = 0; i < n; i++) { char iname[256]; Widget entry; ! if (snprintf(iname, sizeof(iname), "%s%02d", inst, i) == -1) ! fprintf(stderr, "make_menu: bad field specification"); entry = XtVaCreateManagedWidget(iname, smeBSBObjectClass, menu, NULL); XtAddCallback(entry, XtNcallback, callback, (XtPointer)i); }/* for */ *************** *** 689,699 **** send_dialog(Widget parent, const struct maddr_t *dstaddr, const char *to) { struct from_t *fr = from_lookup(to); ! String label = XtMalloc(strlen(to) + 1); struct maddr_t *daddr = (void *)XtMalloc(sizeof(*daddr)); Widget send_popup = XtVaCreatePopupShell("send_popup", transientShellWidgetClass, toplevel, NULL); Widget send_to = XtVaCreateManagedWidget("send_to", dialogWidgetClass, send_popup, ! XtNlabel, (strcpy(label, to)), XtNvalue, from_last_msg(fr), NULL); Widget icon_button = XtVaCreateManagedWidget("icon_button", menuButtonWidgetClass, send_to, --- 699,710 ---- send_dialog(Widget parent, const struct maddr_t *dstaddr, const char *to) { struct from_t *fr = from_lookup(to); ! size_t label_len = strlen(to) + 1; ! String label = XtMalloc(label_len); struct maddr_t *daddr = (void *)XtMalloc(sizeof(*daddr)); Widget send_popup = XtVaCreatePopupShell("send_popup", transientShellWidgetClass, toplevel, NULL); Widget send_to = XtVaCreateManagedWidget("send_to", dialogWidgetClass, send_popup, ! XtNlabel, (label_len <= strlcpy(label, to, label_len) ? label : ""), XtNvalue, from_last_msg(fr), NULL); Widget icon_button = XtVaCreateManagedWidget("icon_button", menuButtonWidgetClass, send_to, *************** *** 939,945 **** match_str[0] = '\0'; } if (strlen(match_str) + len < sizeof(match_str) - 1) { ! strcat(match_str, kbuf); list_select_match(list, match_str); } } --- 950,956 ---- match_str[0] = '\0'; } if (strlen(match_str) + len < sizeof(match_str) - 1) { ! strlcat(match_str, kbuf, sizeof(match_str)); list_select_match(list, match_str); } }