use strlcat() strlcpy() and slprintf() whenever possible to avoid any

chance of a buffer overflow
author: Andrew Tridgell <tridge@samba.org> 1998-05-15 09:26:01 +0000
committer: Andrew Tridgell <tridge@samba.org> 1998-05-15 09:26:01 +0000
commit: e42c9458c2f1e3a78d6d45e99741d6edb38fc0cc (patch)
tree: 4ebc43570cdd5f3fe11dd189aaf3cbb3b4968be2 /rsync.c
parent: 087bf010d2cd89848181e49b4ecdfd29a66353e9 (diff)
download: rsync-e42c9458c2f1e3a78d6d45e99741d6edb38fc0cc.tar.gz
1 files changed, 7 insertions, 10 deletions
diff --git a/rsync.c b/rsync.c
index 98af1cda..a9c24387 100644
--- a/rsync.c
+++ b/rsync.c
@@ -111,10 +111,7 @@ static int delete_file(char *fname)
 		if (strcmp(dname,".")==0 ||
 		    strcmp(dname,"..")==0)
 			continue;
-		strlcpy(buf, fname, (MAXPATHLEN-strlen(dname))-2);
-		strcat(buf, "/");
-		strcat(buf, dname);
-		buf[MAXPATHLEN-1] = 0;
+		slprintf(buf, sizeof(buf)-1, "%s/%s", fname, dname);
 		if (verbose > 0)
 			rprintf(FINFO,"deleting %s\n", buf);
 		if (delete_file(buf) != 0) {
@@ -831,7 +828,7 @@ int recv_files(int f_in,struct file_list *flist,char *local_name,int f_gen)
 		      close(fd1);
 		      continue;
 	      }
-	      sprintf(fnametmp,"%s/.%s.XXXXXX",tmpdir,f);
+	      slprintf(fnametmp,sizeof(fnametmp)-1, "%s/.%s.XXXXXX",tmpdir,f);
       } else {
 	      char *f = strrchr(fname,'/');
 
@@ -844,10 +841,10 @@ int recv_files(int f_in,struct file_list *flist,char *local_name,int f_gen)
 
 	      if (f) {
 		      *f = 0;
-		      sprintf(fnametmp,"%s/.%s.XXXXXX",fname,f+1);
+		      slprintf(fnametmp,sizeof(fnametmp)-1,"%s/.%s.XXXXXX",fname,f+1);
 		      *f = '/';
 	      } else {
-		      sprintf(fnametmp,".%s.XXXXXX",fname);
+		      slprintf(fnametmp,sizeof(fnametmp)-1,".%s.XXXXXX",fname);
 	      }
       }
       if (NULL == do_mktemp(fnametmp)) {
@@ -893,7 +890,7 @@ int recv_files(int f_in,struct file_list *flist,char *local_name,int f_gen)
 		rprintf(FERROR,"backup filename too long\n");
 		continue;
 	}
-	sprintf(fnamebak,"%s%s",fname,backup_suffix);
+	slprintf(fnamebak,sizeof(fnamebak)-1,"%s%s",fname,backup_suffix);
 	if (do_rename(fname,fnamebak) != 0 && errno != ENOENT) {
 	  rprintf(FERROR,"rename %s %s : %s\n",fname,fnamebak,strerror(errno));
 	  continue;
@@ -998,10 +995,10 @@ void send_files(struct file_list *flist,int f_out,int f_in)
 				  fname);
 			  return;
 		  }
-		  strcat(fname,"/");
+		  strlcat(fname,"/",MAXPATHLEN-1);
 		  offset = strlen(file->basedir)+1;
 	  }
-	  strncat(fname,f_name(file),MAXPATHLEN-strlen(fname));
+	  strlcat(fname,f_name(file),MAXPATHLEN-strlen(fname));
 	  
 	  if (verbose > 2) 
 		  rprintf(FINFO,"send_files(%d,%s)\n",i,fname);
author	Andrew Tridgell <tridge@samba.org>	1998-05-15 09:26:01 +0000
committer	Andrew Tridgell <tridge@samba.org>	1998-05-15 09:26:01 +0000
commit	e42c9458c2f1e3a78d6d45e99741d6edb38fc0cc (patch)
tree	4ebc43570cdd5f3fe11dd189aaf3cbb3b4968be2 /rsync.c
parent	087bf010d2cd89848181e49b4ecdfd29a66353e9 (diff)
download	rsync-e42c9458c2f1e3a78d6d45e99741d6edb38fc0cc.tar.gz