summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2004-09-11 20:10:05 +0000
committerbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2004-09-11 20:10:05 +0000
commite7f0a0fb7edf96abbddf72eadb490b5eb22447ec (patch)
tree67c9bfeadf64d1622e8ed060a55969ddb6452834 /src
parentea36f2bb1b8b1bf03b8615672866f93697caff75 (diff)
Security audit based on RATS output
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@855 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src')
-rw-r--r--src/InspIRCd.layout88
-rw-r--r--src/channels.cpp6
-rw-r--r--src/commands.cpp92
-rw-r--r--src/connection.cpp10
-rw-r--r--src/inspircd.cpp133
-rw-r--r--src/inspircd_io.cpp2
-rw-r--r--src/inspircd_util.cpp2
-rw-r--r--src/message.cpp28
-rw-r--r--src/mode.cpp106
-rw-r--r--src/modules.cpp22
-rw-r--r--src/servers.cpp4
-rw-r--r--src/users.cpp6
-rw-r--r--src/wildcard.cpp16
-rw-r--r--src/xline.cpp30
14 files changed, 272 insertions, 273 deletions
diff --git a/src/InspIRCd.layout b/src/InspIRCd.layout
index 3f8d6d90d..ece0c9698 100644
--- a/src/InspIRCd.layout
+++ b/src/InspIRCd.layout
@@ -1,61 +1,61 @@
[Editors]
Focused=2
-Order=2,4,6,3,7,25,5,24,39,42,43,1,46,0,49,-1
+Order=2,4,6,3,7,25,5,24,39,42,43,1,46,0,49
[Editor_0]
Open=1
Top=0
-CursorCol=1
-CursorRow=37
-TopLine=7
+CursorCol=30
+CursorRow=72
+TopLine=13
LeftChar=1
[Editor_1]
Open=1
Top=0
-CursorCol=7
-CursorRow=3295
-TopLine=3269
+CursorCol=4
+CursorRow=3246
+TopLine=3201
LeftChar=1
[Editor_2]
Open=1
Top=1
-CursorCol=16
-CursorRow=124
-TopLine=117
+CursorCol=12
+CursorRow=93
+TopLine=62
LeftChar=1
[Editor_3]
Open=1
Top=0
-CursorCol=1
-CursorRow=16
+CursorCol=10
+CursorRow=35
TopLine=1
LeftChar=1
[Editor_4]
Open=1
Top=0
-CursorCol=23
-CursorRow=200
-TopLine=177
+CursorCol=30
+CursorRow=141
+TopLine=85
LeftChar=1
[Editor_5]
Open=1
Top=0
-CursorCol=21
-CursorRow=41
+CursorCol=6
+CursorRow=43
TopLine=1
LeftChar=1
[Editor_6]
Open=1
Top=0
-CursorCol=1
-CursorRow=16
-TopLine=59
+CursorCol=25
+CursorRow=62
+TopLine=45
LeftChar=1
[Editor_7]
@@ -83,7 +83,7 @@ TopLine=1
LeftChar=1
[Editor_10]
-Open=1
+Open=0
Top=0
CursorCol=1
CursorRow=78
@@ -101,9 +101,9 @@ LeftChar=1
[Editor_12]
Open=0
Top=0
-CursorCol=7
-CursorRow=171
-TopLine=134
+CursorCol=16
+CursorRow=75
+TopLine=45
LeftChar=1
[Editor_13]
@@ -197,16 +197,16 @@ LeftChar=1
[Editor_24]
Open=1
Top=0
-CursorCol=11
-CursorRow=95
-TopLine=124
+CursorCol=28
+CursorRow=236
+TopLine=184
LeftChar=1
[Editor_25]
Open=1
Top=0
-CursorCol=1
-CursorRow=136
-TopLine=110
+CursorCol=38
+CursorRow=154
+TopLine=125
LeftChar=1
[Editor_26]
Open=0
@@ -302,9 +302,9 @@ LeftChar=1
[Editor_39]
Open=1
Top=0
-CursorCol=1
-CursorRow=16
-TopLine=1
+CursorCol=7
+CursorRow=451
+TopLine=441
LeftChar=1
[Editor_40]
Open=0
@@ -323,16 +323,16 @@ LeftChar=1
[Editor_42]
Open=1
Top=0
-CursorCol=76
-CursorRow=818
-TopLine=799
-LeftChar=34
+CursorCol=35
+CursorRow=1779
+TopLine=1730
+LeftChar=1
[Editor_43]
Open=1
Top=0
-CursorCol=2
-CursorRow=1194
-TopLine=1143
+CursorCol=32
+CursorRow=2925
+TopLine=2867
LeftChar=1
[Editor_44]
Open=0
@@ -351,9 +351,9 @@ LeftChar=1
[Editor_46]
Open=1
Top=0
-CursorCol=1
-CursorRow=16
-TopLine=1
+CursorCol=30
+CursorRow=139
+TopLine=97
LeftChar=1
[Editor_47]
Open=0
@@ -377,7 +377,7 @@ CursorRow=25
TopLine=1
LeftChar=1
[Editor_50]
-Open=1
+Open=0
Top=0
CursorCol=4
CursorRow=276
diff --git a/src/channels.cpp b/src/channels.cpp
index 4bec1bcdb..0995a2eaa 100644
--- a/src/channels.cpp
+++ b/src/channels.cpp
@@ -127,7 +127,7 @@ void chanrec::SetCustomMode(char mode,bool mode_on)
m[1] = '\0';
if (!strchr(this->custom_modes,mode))
{
- strncat(custom_modes,m,MAXMODES);
+ strlcat(custom_modes,m,MAXMODES);
}
log(DEBUG,"Custom mode %c set",mode);
}
@@ -150,8 +150,8 @@ void chanrec::SetCustomModeParam(char mode,char* parameter,bool mode_on)
log(DEBUG,"SetCustomModeParam called");
ModeParameter M;
M.mode = mode;
- strcpy(M.channel,this->name);
- strcpy(M.parameter,parameter);
+ strlcpy(M.channel,this->name,CHANMAX);
+ strlcpy(M.parameter,parameter,MAXBUF);
if (mode_on)
{
log(DEBUG,"Custom mode parameter %c %s added",mode,parameter);
diff --git a/src/commands.cpp b/src/commands.cpp
index 86d22936c..497305d40 100644
--- a/src/commands.cpp
+++ b/src/commands.cpp
@@ -132,7 +132,7 @@ namespace nspace
{
char a[MAXBUF];
static struct hash<const char *> strhash;
- strcpy(a,s.c_str());
+ strlcpy(a,s.c_str(),MAXBUF);
strlower(a);
return strhash(a);
}
@@ -146,8 +146,8 @@ struct StrHashComp
bool operator()(const string& s1, const string& s2) const
{
char a[MAXBUF],b[MAXBUF];
- strcpy(a,s1.c_str());
- strcpy(b,s2.c_str());
+ strlcpy(a,s1.c_str(),MAXBUF);
+ strlcpy(b,s2.c_str(),MAXBUF);
return (strcasecmp(a,b) == 0);
}
@@ -238,7 +238,7 @@ void handle_kick(char **parameters, int pcnt, userrec *user)
if (pcnt > 2)
{
- strncpy(reason,parameters[2],MAXBUF);
+ strlcpy(reason,parameters[2],MAXBUF);
if (strlen(reason)>MAXKICK)
{
reason[MAXKICK-1] = '\0';
@@ -248,7 +248,7 @@ void handle_kick(char **parameters, int pcnt, userrec *user)
}
else
{
- strcpy(reason,user->nick);
+ strlcpy(reason,user->nick,MAXBUF);
kick_channel(user,u,Ptr,reason);
}
@@ -334,7 +334,7 @@ void handle_kill(char **parameters, int pcnt, userrec *user)
{
// remote kill
WriteOpers("*** Remote kill by %s: %s!%s@%s (%s)",user->nick,u->nick,u->ident,u->host,parameters[1]);
- sprintf(killreason,"[%s] Killed (%s (%s))",ServerName,user->nick,parameters[1]);
+ snprintf(killreason,MAXBUF,"[%s] Killed (%s (%s))",ServerName,user->nick,parameters[1]);
WriteCommonExcept(u,"QUIT :%s",killreason);
// K token must go to ALL servers!!!
char buffer[MAXBUF];
@@ -357,7 +357,7 @@ void handle_kill(char **parameters, int pcnt, userrec *user)
// local kill
WriteTo(user, u, "KILL %s :%s!%s!%s (%s)", u->nick, ServerName,user->dhost,user->nick,parameters[1]);
WriteOpers("*** Local Kill by %s: %s!%s@%s (%s)",user->nick,u->nick,u->ident,u->host,parameters[1]);
- sprintf(killreason,"Killed (%s (%s))",user->nick,parameters[1]);
+ snprintf(killreason,MAXBUF,"Killed (%s (%s))",user->nick,parameters[1]);
kill_link(u,killreason);
}
}
@@ -490,14 +490,14 @@ void handle_topic(char **parameters, int pcnt, userrec *user)
}
char topic[MAXBUF];
- strncpy(topic,parameters[1],MAXBUF);
+ strlcpy(topic,parameters[1],MAXBUF);
if (strlen(topic)>MAXTOPIC)
{
topic[MAXTOPIC-1] = '\0';
}
- strcpy(Ptr->topic,topic);
- strcpy(Ptr->setby,user->nick);
+ strlcpy(Ptr->topic,topic,MAXBUF);
+ strlcpy(Ptr->setby,user->nick,NICKMAX);
Ptr->topicset = time(NULL);
WriteChannel(Ptr,user,"TOPIC %s :%s",Ptr->name, Ptr->topic);
@@ -1003,8 +1003,8 @@ void handle_user(char **parameters, int pcnt, userrec *user)
else {
WriteServ(user->fd,"NOTICE Auth :No ident response, ident prefixed with ~");
strcpy(user->ident,"~"); /* we arent checking ident... but these days why bother anyway? */
- strncat(user->ident,parameters[0],IDENTMAX);
- strncpy(user->fullname,parameters[3],128);
+ strlcat(user->ident,parameters[0],IDENTMAX);
+ strlcpy(user->fullname,parameters[3],128);
user->registered = (user->registered | 1);
}
}
@@ -1024,7 +1024,7 @@ void handle_user(char **parameters, int pcnt, userrec *user)
void handle_userhost(char **parameters, int pcnt, userrec *user)
{
char Return[MAXBUF],junk[MAXBUF];
- sprintf(Return,"302 %s :",user->nick);
+ snprintf(Return,MAXBUF,"302 %s :",user->nick);
for (int i = 0; i < pcnt; i++)
{
userrec *u = Find(parameters[i]);
@@ -1032,13 +1032,13 @@ void handle_userhost(char **parameters, int pcnt, userrec *user)
{
if (strchr(u->modes,'o'))
{
- sprintf(junk,"%s*=+%s@%s ",u->nick,u->ident,u->host);
- strcat(Return,junk);
+ snprintf(junk,MAXBUF,"%s*=+%s@%s ",u->nick,u->ident,u->host);
+ strlcat(Return,junk,MAXBUF);
}
else
{
- sprintf(junk,"%s=+%s@%s ",u->nick,u->ident,u->host);
- strcat(Return,junk);
+ snprintf(junk,MAXBUF,"%s=+%s@%s ",u->nick,u->ident,u->host);
+ strlcat(Return,junk,MAXBUF);
}
}
}
@@ -1067,12 +1067,12 @@ void handle_away(char **parameters, int pcnt, userrec *user)
{
if (pcnt)
{
- strcpy(user->awaymsg,parameters[0]);
+ strlcpy(user->awaymsg,parameters[0],512);
WriteServ(user->fd,"306 %s :You have been marked as being away",user->nick);
}
else
{
- strcpy(user->awaymsg,"");
+ strlcpy(user->awaymsg,"",512);
WriteServ(user->fd,"305 %s :You are no longer marked as being away",user->nick);
}
}
@@ -1134,7 +1134,7 @@ void handle_modules(char **parameters, int pcnt, userrec *user)
{
Version V = modules[i]->GetVersion();
char modulename[MAXBUF];
- strncpy(modulename,module_names[i].c_str(),256);
+ strlcpy(modulename,module_names[i].c_str(),256);
WriteServ(user->fd,"900 %s :0x%08lx %d.%d.%d.%d %s",user->nick,modules[i],V.Major,V.Minor,V.Revision,V.Build,CleanFilename(modulename));
}
}
@@ -1469,7 +1469,7 @@ void handle_oper(char **parameters, int pcnt, userrec *user)
NetSendToAll(global);
ConfValue("type","host",j,Hostname,&config_f);
ChangeDisplayedHost(user,Hostname);
- strncpy(user->oper,TypeName,NICKMAX);
+ strlcpy(user->oper,TypeName,NICKMAX);
}
}
if (!strchr(user->modes,'o'))
@@ -1568,7 +1568,7 @@ void handle_nick(char **parameters, int pcnt, userrec *user)
if (!user) return;
if (!user->nick) return;
- strncpy(user->nick, parameters[0],NICKMAX);
+ strlcpy(user->nick, parameters[0],NICKMAX);
log(DEBUG,"new nick set: %s",user->nick);
@@ -1666,8 +1666,8 @@ void handle_t(char token,char* params,serverrec* source,serverrec* reply, char*
if ((c) && (u))
{
WriteChannelLocal(c,u,"TOPIC %s :%s",c->name,topic);
- strncpy(c->topic,topic,MAXTOPIC);
- strncpy(c->setby,u->nick,NICKMAX);
+ strlcpy(c->topic,topic,MAXTOPIC);
+ strlcpy(c->setby,u->nick,NICKMAX);
c->topicset = time(NULL);
}
}
@@ -1688,8 +1688,8 @@ void handle_T(char token,char* params,serverrec* source,serverrec* reply, char*
if (TS <= c->topicset)
{
WriteChannelLocal(c,NULL,"TOPIC %s :%s",c->name,topic);
- strncpy(c->topic,topic,MAXTOPIC);
- strncpy(c->setby,setby,NICKMAX);
+ strlcpy(c->topic,topic,MAXTOPIC);
+ strlcpy(c->setby,setby,NICKMAX);
}
}
}
@@ -1698,10 +1698,10 @@ void handle_M(char token,char* params,serverrec* source,serverrec* reply, char*
{
char* pars[128];
char original[MAXBUF],target[MAXBUF];
- strncpy(original,params,MAXBUF);
+ strlcpy(original,params,MAXBUF);
int index = 0;
char* parameter = strtok(params," ");
- strncpy(target,parameter,MAXBUF);
+ strlcpy(target,parameter,MAXBUF);
while (parameter)
{
if (parameter[0] == ':')
@@ -1728,7 +1728,7 @@ void handle_m(char token,char* params,serverrec* source,serverrec* reply, char*
// m blah #chatspike +b *!test@*4
char* pars[128];
char original[MAXBUF];
- strncpy(original,params,MAXBUF);
+ strlcpy(original,params,MAXBUF);
if (!strchr(params,' '))
{
@@ -1863,7 +1863,7 @@ void handle_n(char token,char* params,serverrec* source,serverrec* reply, char*
user = ReHashNick(user->nick, newnick);
if (!user) return;
if (!user->nick) return;
- strncpy(user->nick, newnick,NICKMAX);
+ strlcpy(user->nick, newnick,NICKMAX);
log(DEBUG,"new nick set: %s",user->nick);
}
}
@@ -1961,12 +1961,12 @@ void handle_N(char token,char* params,serverrec* source,serverrec* reply, char*
// routines know to route any messages to this record away to whatever server
// theyre on.
clientlist[nick]->fd = -1;
- strncpy(clientlist[nick]->nick, nick,NICKMAX);
- strncpy(clientlist[nick]->host, host,160);
- strncpy(clientlist[nick]->dhost, dhost,160);
- strncpy(clientlist[nick]->server, server,256);
- strncpy(clientlist[nick]->ident, ident,10); // +1 char to compensate for tilde
- strncpy(clientlist[nick]->fullname, gecos,128);
+ strlcpy(clientlist[nick]->nick, nick,NICKMAX);
+ strlcpy(clientlist[nick]->host, host,160);
+ strlcpy(clientlist[nick]->dhost, dhost,160);
+ strlcpy(clientlist[nick]->server, server,256);
+ strlcpy(clientlist[nick]->ident, ident,10); // +1 char to compensate for tilde
+ strlcpy(clientlist[nick]->fullname, gecos,128);
clientlist[nick]->signon = TS;
clientlist[nick]->nping = 0; // this is ignored for a remote user anyway.
clientlist[nick]->lastping = 1;
@@ -1995,7 +1995,7 @@ void handle_a(char token,char* params,serverrec* source,serverrec* reply, char*
userrec* user = Find(nick);
if (user)
- strncpy(user->fullname,gecos,MAXBUF);
+ strlcpy(user->fullname,gecos,MAXBUF);
}
void handle_b(char token,char* params,serverrec* source,serverrec* reply, char* tcp_host)
@@ -2006,7 +2006,7 @@ void handle_b(char token,char* params,serverrec* source,serverrec* reply, char*
userrec* user = Find(nick);
if (user)
- strncpy(user->dhost,host,160);
+ strlcpy(user->dhost,host,160);
}
void handle_plus(char token,char* params,serverrec* source,serverrec* reply, char* tcp_host)
@@ -2320,7 +2320,7 @@ void handle_pipe(char token,char* params,serverrec* source,serverrec* reply, cha
userrec* u = Find(nick);
if (u)
{
- strncpy(u->oper,type,NICKMAX);
+ strlcpy(u->oper,type,NICKMAX);
}
}
@@ -2575,9 +2575,9 @@ void handle_link_packet(char* udp_msg, char* tcp_host, serverrec *serv)
char data[MAXBUF];
char source[MAXBUF];
char command[MAXBUF];
- strcpy(data,udp_msg);
- strcpy(source,src);
- strcpy(command,comd);
+ strlcpy(data,udp_msg,512);
+ strlcpy(source,src,MAXBUF);
+ strlcpy(command,comd,MAXBUF);
udp_msg = old;
// unused numeric:
@@ -2670,7 +2670,7 @@ void handle_link_packet(char* udp_msg, char* tcp_host, serverrec *serv)
char finalparam[1024];
strcpy(finalparam," :xxxx");
if (strstr(udp_msg," :")) {
- strncpy(finalparam,strstr(udp_msg," :"),1024);
+ strlcpy(finalparam,strstr(udp_msg," :"),1024);
}
@@ -2733,7 +2733,7 @@ void handle_link_packet(char* udp_msg, char* tcp_host, serverrec *serv)
{
WriteOpers("CONNECT aborted: Server %s already exists from %s",servername,ServerName);
char buffer[MAXBUF];
- sprintf(buffer,"E :Server %s already exists!",servername);
+ snprintf(buffer,MAXBUF,"E :Server %s already exists!",servername);
serv->SendPacket(buffer,tcp_host);
RemoveServer(tcp_host);
return;
@@ -2922,7 +2922,7 @@ void handle_link_packet(char* udp_msg, char* tcp_host, serverrec *serv)
sprintf(buffer,"X 0");
serv->SendPacket(buffer,servername);
DoSync(me[j],servername);
- sprintf(buffer,"H %s",servername);
+ snprintf(buffer,MAXBUF,"H %s",servername);
NetSendToAllExcept(servername,buffer);
WriteOpers("Non-Mesh server %s has joined the network",servername);
log(DEBUG,"******** SENDING MY ROUTING TABLE! *******");
@@ -2994,7 +2994,7 @@ long duration(char* str)
// up to 10 digits in size.
if ((*i >= '0') && (*i <= '9'))
{
- strncat(n_field,i,10);
+ strlcat(n_field,i,10);
}
else
{
diff --git a/src/connection.cpp b/src/connection.cpp
index 97619619f..d60da90ac 100644
--- a/src/connection.cpp
+++ b/src/connection.cpp
@@ -202,7 +202,7 @@ bool connection::BeginLink(char* targethost, int port, char* password, char* ser
// targethost has been turned into an ip...
// we dont want this as the server name.
connector.SetServerName(servername);
- sprintf(connect,"S %s %s %d %d :%s",getservername().c_str(),password,myport,GetRevision(),getserverdesc().c_str());
+ snprintf(connect,MAXBUF,"S %s %s %d %d :%s",getservername().c_str(),password,myport,GetRevision(),getserverdesc().c_str());
connector.SetState(STATE_NOAUTH_OUTBOUND);
connector.SetHostAndPort(targethost, port);
this->connectors.push_back(connector);
@@ -232,7 +232,7 @@ bool connection::MeshCookie(char* targethost, int port, long cookie, char* serve
// targethost has been turned into an ip...
// we dont want this as the server name.
connector.SetServerName(servername);
- sprintf(connect,"- %d %s :%s",cookie,getservername().c_str(),getserverdesc().c_str());
+ snprintf(connect,MAXBUF,"- %d %s :%s",cookie,getservername().c_str(),getserverdesc().c_str());
connector.SetState(STATE_NOAUTH_OUTBOUND);
connector.SetHostAndPort(targethost, port);
connector.SetState(STATE_CONNECTED);
@@ -357,7 +357,7 @@ bool connection::SendPacket(char *message, const char* host)
if (!strchr(message,'\n'))
{
- strncat(message,"\n",MAXBUF);
+ strlcat(message,"\n",MAXBUF);
}
if (cn)
@@ -368,7 +368,7 @@ bool connection::SendPacket(char *message, const char* host)
{
log(DEBUG,"Main route to %s is down, seeking alternative",host);
// fix: can only route one hop to avoid a loop
- if (strncat(message,"R ",2))
+ if (strlcat(message,"R ",2))
{
// this route is down, we must re-route the packet through an available point in the mesh.
for (int k = 0; k < this->connectors.size(); k++)
@@ -452,7 +452,7 @@ bool connection::RecvPacket(std::deque<std::string> &messages, char* host)
if (strlen(sanitized))
{
messages.push_back(sanitized);
- strncpy(host,this->connectors[i].GetServerName().c_str(),160);
+ strlcpy(host,this->connectors[i].GetServerName().c_str(),160);
log(DEBUG,"main: Connection::RecvPacket() got '%s' from %s",sanitized,host);
}
diff --git a/src/inspircd.cpp b/src/inspircd.cpp
index cd5738dd9..2a28a5ac6 100644
--- a/src/inspircd.cpp
+++ b/src/inspircd.cpp
@@ -116,7 +116,7 @@ namespace nspace
{
char a[MAXBUF];
static struct hash<const char *> strhash;
- strcpy(a,s.c_str());
+ strlcpy(a,s.c_str(),MAXBUF);
strlower(a);
return strhash(a);
}
@@ -130,8 +130,8 @@ struct StrHashComp
bool operator()(const string& s1, const string& s2) const
{
char a[MAXBUF],b[MAXBUF];
- strcpy(a,s1.c_str());
- strcpy(b,s2.c_str());
+ strlcpy(a,s1.c_str(),MAXBUF);
+ strlcpy(b,s2.c_str(),MAXBUF);
return (strcasecmp(a,b) == 0);
}
@@ -259,7 +259,7 @@ void log(int level,char *text, ...)
va_start (argsPtr, text);
vsnprintf(textbuffer, MAXBUF, text, argsPtr);
va_end(argsPtr);
- strcpy(b,asctime(timeinfo));
+ strlcpy(b,asctime(timeinfo),MAXBUF);
b[strlen(b)-1] = ':';
fprintf(log_file,"%s %s\n",b,textbuffer);
if (nofork)
@@ -367,11 +367,11 @@ void ReadConfig(void)
ConfValue("connect","flood",i,flood,&config_f);
if (strcmp(Value,""))
{
- strcpy(c.host,Value);
+ strlcpy(c.host,Value,MAXBUF);
c.type = CC_ALLOW;
- strcpy(Value,"");
+ strlcpy(Value,"",MAXBUF);
ConfValue("connect","password",i,Value,&config_f);
- strcpy(c.pass,Value);
+ strlcpy(c.pass,Value,MAXBUF);
c.registration_timeout = 90; // default is 2 minutes
c.flood = atoi(flood);
if (atoi(timeout)>0)
@@ -384,7 +384,7 @@ void ReadConfig(void)
else
{
ConfValue("connect","deny",i,Value,&config_f);
- strcpy(c.host,Value);
+ strlcpy(c.host,Value,MAXBUF);
c.type = CC_DENY;
Classes.push_back(c);
log(DEBUG,"Read connect class type DENY, host=%s",c.host);
@@ -414,7 +414,7 @@ void Write(int sock,char *text, ...)
va_start (argsPtr, text);
vsnprintf(textbuffer, MAXBUF, text, argsPtr);
va_end(argsPtr);
- sprintf(tb,"%s\r\n",textbuffer);
+ snprintf(tb,MAXBUF,"%s\r\n",textbuffer);
chop(tb);
if (sock != -1)
{
@@ -438,7 +438,7 @@ void WriteServ(int sock, char* text, ...)
vsnprintf(textbuffer, MAXBUF, text, argsPtr);
va_end(argsPtr);
- sprintf(tb,":%s %s\r\n",ServerName,textbuffer);
+ snprintf(tb,MAXBUF,":%s %s\r\n",ServerName,textbuffer);
chop(tb);
if (sock != -1)
{
@@ -462,7 +462,7 @@ void WriteFrom(int sock, userrec *user,char* text, ...)
vsnprintf(textbuffer, MAXBUF, text, argsPtr);
va_end(argsPtr);
- sprintf(tb,":%s!%s@%s %s\r\n",user->nick,user->ident,user->dhost,textbuffer);
+ snprintf(tb,MAXBUF,":%s!%s@%s %s\r\n",user->nick,user->ident,user->dhost,textbuffer);
chop(tb);
if (sock != -1)
{
@@ -1101,62 +1101,62 @@ char* chanmodes(chanrec *chan)
strcpy(sparam,"");
if (chan->noexternal)
{
- strncat(scratch,"n",MAXMODES);
+ strlcat(scratch,"n",MAXMODES);
}
if (chan->topiclock)
{
- strncat(scratch,"t",MAXMODES);
+ strlcat(scratch,"t",MAXMODES);
}
if (strcmp(chan->key,""))
{
- strncat(scratch,"k",MAXMODES);
+ strlcat(scratch,"k",MAXMODES);
}
if (chan->limit)
{
- strncat(scratch,"l",MAXMODES);
+ strlcat(scratch,"l",MAXMODES);
}
if (chan->inviteonly)
{
- strncat(scratch,"i",MAXMODES);
+ strlcat(scratch,"i",MAXMODES);
}
if (chan->moderated)
{
- strncat(scratch,"m",MAXMODES);
+ strlcat(scratch,"m",MAXMODES);
}
if (chan->secret)
{
- strncat(scratch,"s",MAXMODES);
+ strlcat(scratch,"s",MAXMODES);
}
if (chan->c_private)
{
- strncat(scratch,"p",MAXMODES);
+ strlcat(scratch,"p",MAXMODES);
}
if (strcmp(chan->key,""))
{
- strncat(sparam," ",MAXBUF);
- strncat(sparam,chan->key,MAXBUF);
+ strlcat(sparam," ",MAXBUF);
+ strlcat(sparam,chan->key,MAXBUF);
}
if (chan->limit)
{
char foo[24];
sprintf(foo," %d",chan->limit);
- strncat(sparam,foo,MAXBUF);
+ strlcat(sparam,foo,MAXBUF);
}
if (strlen(chan->custom_modes))
{
- strncat(scratch,chan->custom_modes,MAXMODES);
+ strlcat(scratch,chan->custom_modes,MAXMODES);
for (int z = 0; z < strlen(chan->custom_modes); z++)
{
std::string extparam = chan->GetModeParameter(chan->custom_modes[z]);
if (extparam != "")
{
- strncat(sparam," ",MAXBUF);
- strncat(sparam,extparam.c_str(),MAXBUF);
+ strlcat(sparam," ",MAXBUF);
+ strlcat(sparam,extparam.c_str(),MAXBUF);
}
}
}
log(DEBUG,"chanmodes: %s %s%s",chan->name,scratch,sparam);
- strncat(scratch,sparam,MAXMODES);
+ strlcat(scratch,sparam,MAXMODES);
return scratch;
}
@@ -1172,7 +1172,7 @@ void userlist(userrec *user,chanrec *c)
return;
}
- sprintf(list,"353 %s = %s :", user->nick, c->name);
+ snprintf(list,MAXBUF,"353 %s = %s :", user->nick, c->name);
for (user_hash::const_iterator i = clientlist.begin(); i != clientlist.end(); i++)
{
if (has_channel(i->second,c))
@@ -1185,21 +1185,20 @@ void userlist(userrec *user,chanrec *c)
* nick in NAMES list */
continue;
}
- strcat(list,cmode(i->second,c));
- strcat(list,i->second->nick);
- strcat(list," ");
+ strlcat(list,cmode(i->second,c),MAXBUF);
+ strlcat(list,i->second->nick,MAXBUF);
+ strlcat(list," ",MAXBUF);
if (strlen(list)>(480-NICKMAX))
{
/* list overflowed into
* multiple numerics */
WriteServ(user->fd,list);
- sprintf(list,"353 %s = %s :", user->nick, c->name);
+ snprintf(list,MAXBUF,"353 %s = %s :", user->nick, c->name);
}
}
}
}
- /* if whats left in the list isnt empty, send it */
- if (list[strlen(list)-1] != ':')
+ /* if whats left in the list isnt empty, send it */ if (list[strlen(list)-1] != ':')
{
WriteServ(user->fd,list);
}
@@ -1321,7 +1320,7 @@ chanrec* add_channel(userrec *user, const char* cn, const char* key, bool overri
{
chanlist[cname] = new chanrec();
- strcpy(chanlist[cname]->name, cname);
+ strlcpy(chanlist[cname]->name, cname,CHANMAX);
chanlist[cname]->topiclock = 1;
chanlist[cname]->noexternal = 1;
chanlist[cname]->created = time(NULL);
@@ -1712,7 +1711,7 @@ int loop_call(handlerfunc fn, char **parameters, int pcnt, userrec *u, int start
{
if (pcnt > 1) /* we have a key to copy */
{
- strcpy(keystr,parameters[1]);
+ strlcpy(keystr,parameters[1],MAXBUF);
}
}
@@ -1742,7 +1741,7 @@ int loop_call(handlerfunc fn, char **parameters, int pcnt, userrec *u, int start
if (plist[i] == ',')
{
plist[i] = '\0';
- strcpy(blog[j++],param);
+ strlcpy(blog[j++],param,MAXBUF);
param = plist+i+1;
if (j>20)
{
@@ -1751,7 +1750,7 @@ int loop_call(handlerfunc fn, char **parameters, int pcnt, userrec *u, int start
}
}
}
- strcpy(blog[j++],param);
+ strlcpy(blog[j++],param,MAXBUF);
total = j;
if ((joins) && (keystr) && (total>0)) // more than one channel and is joining
@@ -1771,11 +1770,11 @@ int loop_call(handlerfunc fn, char **parameters, int pcnt, userrec *u, int start
if (keystr[i] == ',')
{
keystr[i] = '\0';
- strcpy(blog2[j++],param);
+ strlcpy(blog2[j++],param,MAXBUF);
param = keystr+i+1;
}
}
- strcpy(blog2[j++],param);
+ strlcpy(blog2[j++],param,MAXBUF);
total2 = j;
}
}
@@ -2023,7 +2022,7 @@ int main(int argc, char **argv)
}
}
}
- strcpy(MyExecutable,argv[0]);
+ strlcpy(MyExecutable,argv[0],MAXBUF);
if (InspIRCd() == ERROR)
{
@@ -2077,12 +2076,12 @@ void AddWhoWas(userrec* u)
{
user_hash::iterator iter = whowas.find(u->nick);
userrec *a = new userrec();
- strcpy(a->nick,u->nick);
- strcpy(a->ident,u->ident);
- strcpy(a->dhost,u->dhost);
- strcpy(a->host,u->host);
- strcpy(a->fullname,u->fullname);
- strcpy(a->server,u->server);
+ strlcpy(a->nick,u->nick,NICKMAX);
+ strlcpy(a->ident,u->ident,64);
+ strlcpy(a->dhost,u->dhost,256);
+ strlcpy(a->host,u->host,256);
+ strlcpy(a->fullname,u->fullname,128);
+ strlcpy(a->server,u->server,256);
a->signon = u->signon;
/* MAX_WHOWAS: max number of /WHOWAS items
@@ -2622,7 +2621,7 @@ void process_command(userrec *user, char* cmd)
return;
}
- strcpy(temp,cmd);
+ strlcpy(temp,cmd,MAXBUF);
std::string tmp = cmd;
for (int i = 0; i <= MODCOUNT; i++)
@@ -2637,8 +2636,8 @@ void process_command(userrec *user, char* cmd)
break;
}
}
- strncpy(cmd,tmp.c_str(),MAXBUF);
- strcpy(temp,cmd);
+ strlcpy(cmd,tmp.c_str(),MAXBUF);
+ strlcpy(temp,cmd,MAXBUF);
if (!strchr(cmd,' '))
{
@@ -2833,7 +2832,7 @@ void createcommand(char* cmd, handlerfunc f, char flags, int minparams)
{
command_t comm;
/* create the command and push it onto the table */
- strcpy(comm.command,cmd);
+ strlcpy(comm.command,cmd,MAXBUF);
comm.handler_function = f;
comm.flags_needed = flags;
comm.min_params = minparams;
@@ -2916,7 +2915,7 @@ void process_buffer(const char* cmdbuf,userrec *user)
}
while ((cmdbuf[0] == ' ') && (strlen(cmdbuf)>0)) cmdbuf++; // strip leading spaces
- strncpy(cmd,cmdbuf,MAXBUF);
+ strlcpy(cmd,cmdbuf,MAXBUF);
if (!strcmp(cmd,""))
{
return;
@@ -2971,7 +2970,7 @@ void DoSync(serverrec* serv, char* tcp_host)
string_list l = modules[i]->OnUserSync(u->second);
for (int j = 0; j < l.size(); j++)
{
- strncpy(data,l[j].c_str(),MAXBUF);
+ strlcpy(data,l[j].c_str(),MAXBUF);
serv->SendPacket(data,tcp_host);
}
}
@@ -2991,7 +2990,7 @@ void DoSync(serverrec* serv, char* tcp_host)
string_list l = modules[i]->OnChannelSync(c->second);
for (int j = 0; j < l.size(); j++)
{
- strncpy(data,l[j].c_str(),MAXBUF);
+ strlcpy(data,l[j].c_str(),MAXBUF);
serv->SendPacket(data,tcp_host);
}
}
@@ -3019,7 +3018,7 @@ void DoSync(serverrec* serv, char* tcp_host)
{
if (is_uline(me[j]->connectors[k].GetServerName().c_str()))
{
- sprintf(data,"H %s",me[j]->connectors[k].GetServerName().c_str());
+ snprintf(data,MAXBUF,"H %s",me[j]->connectors[k].GetServerName().c_str());
serv->SendPacket(data,tcp_host);
NetSendMyRoutingTable();
}
@@ -3043,7 +3042,7 @@ void NetSendMyRoutingTable()
// $ A B D
// if it has no links, dont even send out the line at all.
char buffer[MAXBUF];
- sprintf(buffer,"$ %s",ServerName);
+ snprintf(buffer,MAXBUF,"$ %s",ServerName);
bool sendit = false;
for (int i = 0; i < 32; i++)
{
@@ -3053,8 +3052,8 @@ void NetSendMyRoutingTable()
{
if ((me[i]->connectors[j].GetState() != STATE_DISCONNECTED) || (is_uline(me[i]->connectors[j].GetServerName().c_str())))
{
- strncat(buffer," ",MAXBUF);
- strncat(buffer,me[i]->connectors[j].GetServerName().c_str(),MAXBUF);
+ strlcat(buffer," ",MAXBUF);
+ strlcat(buffer,me[i]->connectors[j].GetServerName().c_str(),MAXBUF);
sendit = true;
}
}
@@ -3211,7 +3210,7 @@ int InspIRCd(void)
else
{
ports[count2] = atoi(configToken);
- strcpy(addrs[count2],Addr);
+ strlcpy(addrs[count2],Addr,256);
count2++;
}
log(DEBUG,"InspIRCd: startup: read binding %s:%s [%s] from config",Addr,configToken, Type);
@@ -3231,7 +3230,7 @@ int InspIRCd(void)
{
char modfile[MAXBUF];
ConfValue("module","name",count2,configToken,&config_f);
- sprintf(modfile,"%s/%s",MOD_PATH,configToken,&config_f);
+ snprintf(modfile,MAXBUF,"%s/%s",MOD_PATH,configToken,&config_f);
printf("Loading module... \033[1;37m%s\033[0;37m\n",modfile);
log(DEBUG,"InspIRCd: startup: Loading module: %s",modfile);
/* If The File Doesnt exist, Trying to load it
@@ -3243,7 +3242,7 @@ int InspIRCd(void)
if (factory[count]->LastError())
{
log(DEBUG,"Unable to load %s: %s",modfile,factory[count]->LastError());
- sprintf("Unable to load %s: %s\nExiting...\n",modfile,factory[count]->LastError());
+ printf("Unable to load %s: %s\nExiting...\n",modfile,factory[count]->LastError());
Exit(ERROR);
}
if (factory[count]->factory)
@@ -3256,7 +3255,7 @@ int InspIRCd(void)
else
{
log(DEBUG,"Unable to load %s",modfile);
- sprintf("Unable to load %s\nExiting...\n",modfile);
+ printf("Unable to load %s\nExiting...\n",modfile);
Exit(ERROR);
}
/* Increase the Count */
@@ -3381,10 +3380,10 @@ int InspIRCd(void)
char remotehost[MAXBUF],resolved[MAXBUF];
length = sizeof (client);
incomingSockfd = accept (me[x]->fd, (sockaddr *) &client, &length);
- strncpy(remotehost,(char *)inet_ntoa(client.sin_addr),MAXBUF);
+ strlcpy(remotehost,(char *)inet_ntoa(client.sin_addr),MAXBUF);
if(CleanAndResolve(resolved, remotehost) != TRUE)
{
- strncpy(resolved,remotehost,MAXBUF);
+ strlcpy(resolved,remotehost,MAXBUF);
}
// add to this connections ircd_connector vector
// *FIX* - we need the LOCAL port not the remote port in &client!
@@ -3402,7 +3401,7 @@ int InspIRCd(void)
for (int ctr = 0; ctr < msgs.size(); ctr++)
{
char udp_msg[MAXBUF];
- strncpy(udp_msg,msgs[ctr].c_str(),MAXBUF);
+ strlcpy(udp_msg,msgs[ctr].c_str(),MAXBUF);
if (strlen(udp_msg)<1)
{
log(DEBUG,"Invalid string from %s [route%d]",tcp_host,x);
@@ -3632,10 +3631,10 @@ int InspIRCd(void)
if (iter == IP.end())
{
/* ip isn't in cache, add it */
- strncpy (target, (char *) inet_ntoa (client.sin_addr), MAXBUF);
+ strlcpy (target, (char *) inet_ntoa (client.sin_addr), MAXBUF);
if(CleanAndResolve(resolved, target) != TRUE)
{
- strncpy(resolved,target,MAXBUF);
+ strlcpy(resolved,target,MAXBUF);
}
/* hostname now in 'target' */
IP[client.sin_addr] = new string(resolved);
@@ -3644,7 +3643,7 @@ int InspIRCd(void)
else
{
/* found ip (cached) */
- strncpy(resolved, iter->second->c_str(), MAXBUF);
+ strlcpy(resolved, iter->second->c_str(), MAXBUF);
iscached = true;
}
diff --git a/src/inspircd_io.cpp b/src/inspircd_io.cpp
index 553d73e96..9f96c463e 100644
--- a/src/inspircd_io.cpp
+++ b/src/inspircd_io.cpp
@@ -90,7 +90,7 @@ int DaemonSeed (void)
else if (childpid > 0)
exit (0);
setsid ();
- umask (077);
+ umask (007);
/* close stdout, stdin, stderr */
close(0);
close(1);
diff --git a/src/inspircd_util.cpp b/src/inspircd_util.cpp
index 54520b1df..a0a7e9f0f 100644
--- a/src/inspircd_util.cpp
+++ b/src/inspircd_util.cpp
@@ -32,7 +32,7 @@ char *SafeStrncpy (char *dest, const char *src, size_t size)
}
memset (dest, '\0', size);
- strncpy (dest, src, size - 1);
+ strlcpy (dest, src, size - 1);
return (dest);
}
diff --git a/src/message.cpp b/src/message.cpp
index dbb861150..0bffd7119 100644
--- a/src/message.cpp
+++ b/src/message.cpp
@@ -163,7 +163,7 @@ void tidystring(char* str)
temp[t++] = str[a++];
}
temp[t] = '\0';
- strncpy(str,temp,MAXBUF);
+ strlcpy(str,temp,MAXBUF);
}
}
@@ -180,7 +180,7 @@ void chop(char* str)
string temp = str;
FOREACH_MOD OnServerRaw(temp,false,NULL);
const char* str2 = temp.c_str();
- sprintf(str,"%s",str2);
+ snprintf(str,MAXBUF,"%s",str2);
if (strlen(str) >= 512)
@@ -249,7 +249,7 @@ bool hasumode(userrec* user, char mode)
void ChangeName(userrec* user, const char* gecos)
{
- strncpy(user->fullname,gecos,MAXBUF);
+ strlcpy(user->fullname,gecos,MAXBUF);
char buffer[MAXBUF];
snprintf(buffer,MAXBUF,"a %s :%s",user->nick,gecos);
NetSendToAll(buffer);
@@ -257,7 +257,7 @@ void ChangeName(userrec* user, const char* gecos)
void ChangeDisplayedHost(userrec* user, const char* host)
{
- strncpy(user->dhost,host,160);
+ strlcpy(user->dhost,host,160);
char buffer[MAXBUF];
snprintf(buffer,MAXBUF,"b %s %s",user->nick,host);
NetSendToAll(buffer);
@@ -434,7 +434,7 @@ void TidyBan(char *ban)
char temp[MAXBUF],NICK[MAXBUF],IDENT[MAXBUF],HOST[MAXBUF];
- strcpy(temp,ban);
+ strlcpy(temp,ban,MAXBUF);
char* pos_of_pling = strchr(temp,'!');
char* pos_of_at = strchr(temp,'@');
@@ -444,11 +444,11 @@ void TidyBan(char *ban)
pos_of_pling++;
pos_of_at++;
- strncpy(NICK,temp,NICKMAX);
- strncpy(IDENT,pos_of_pling,IDENTMAX+1);
- strncpy(HOST,pos_of_at,160);
+ strlcpy(NICK,temp,NICKMAX);
+ strlcpy(IDENT,pos_of_pling,IDENTMAX+1);
+ strlcpy(HOST,pos_of_at,160);
- sprintf(ban,"%s!%s@%s",NICK,IDENT,HOST);
+ snprintf(ban,MAXBUF,"%s!%s@%s",NICK,IDENT,HOST);
}
char lst[MAXBUF];
@@ -470,15 +470,15 @@ char* chlist(userrec *user)
{
if (user->chans[i].channel->name)
{
- strcpy(cmp,user->chans[i].channel->name);
- strcat(cmp," ");
+ strlcpy(cmp,user->chans[i].channel->name,MAXBUF);
+ strlcat(cmp," ",MAXBUF);
if (!strstr(lst,cmp))
{
if ((!user->chans[i].channel->c_private) && (!user->chans[i].channel->secret))
{
- strcat(lst,cmode(user,user->chans[i].channel));
- strcat(lst,user->chans[i].channel->name);
- strcat(lst," ");
+ strlcat(lst,cmode(user,user->chans[i].channel),MAXBUF);
+ strlcat(lst,user->chans[i].channel->name,MAXBUF);
+ strlcat(lst," ",MAXBUF);
}
}
}
diff --git a/src/mode.cpp b/src/mode.cpp
index 604111e6f..68a46798b 100644
--- a/src/mode.cpp
+++ b/src/mode.cpp
@@ -532,10 +532,10 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
log(DEBUG,"process_modes: start: parameters=%d",pcnt);
- strcpy(modelist,parameters[1]); /* mode list, e.g. +oo-o */
- /* parameters[2] onwards are parameters for
- * modes that require them :) */
- strcpy(outlist,"+");
+ strlcpy(modelist,parameters[1],MAXBUF); /* mode list, e.g. +oo-o *
+ * parameters[2] onwards are parameters for
+ * modes that require them :) */
+ strlcpy(outlist,"+",MAXBUF);
mdir = 1;
log(DEBUG,"process_modes: modelist: %s",modelist);
@@ -596,8 +596,8 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
}
if (r)
{
- strcat(outlist,"o");
- strcpy(outpars[pc++],r);
+ strlcat(outlist,"o",MAXBUF);
+ strlcpy(outpars[pc++],r,MAXBUF);
}
break;
@@ -613,8 +613,8 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
}
if (r)
{
- strcat(outlist,"h");
- strcpy(outpars[pc++],r);
+ strlcat(outlist,"h",MAXBUF);
+ strlcpy(outpars[pc++],r,MAXBUF);
}
break;
@@ -631,8 +631,8 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
}
if (r)
{
- strcat(outlist,"v");
- strcpy(outpars[pc++],r);
+ strlcat(outlist,"v",MAXBUF);
+ strlcpy(outpars[pc++],r,MAXBUF);
}
break;
@@ -648,8 +648,8 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
}
if (r)
{
- strcat(outlist,"b");
- strcpy(outpars[pc++],parameters[param-1]);
+ strlcat(outlist,"b",MAXBUF);
+ strlcpy(outpars[pc++],parameters[param-1],MAXBUF);
}
break;
@@ -667,12 +667,12 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
{
strcat(outlist,"k");
char key[MAXBUF];
- strcpy(key,parameters[param++]);
+ strlcpy(key,parameters[param++],MAXBUF);
if (strlen(key)>32) {
key[31] = '\0';
}
- strcpy(outpars[pc++],key);
- strcpy(chan->key,key);
+ strlcpy(outpars[pc++],key,MAXBUF);
+ strlcpy(chan->key,key,MAXBUF);
k_set = true;
}
}
@@ -681,16 +681,16 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
/* checks on -k are case sensitive and only accurate to the
first 32 characters */
char key[MAXBUF];
- strcpy(key,parameters[param++]);
+ strlcpy(key,parameters[param++],MAXBUF);
if (strlen(key)>32) {
key[31] = '\0';
}
/* only allow -k if correct key given */
if (!strcmp(chan->key,key))
{
- strcat(outlist,"k");
- strcpy(chan->key,"");
- strcpy(outpars[pc++],key);
+ strlcat(outlist,"k",MAXBUF);
+ strlcpy(chan->key,"",MAXBUF);
+ strlcpy(outpars[pc++],key,MAXBUF);
}
}
break;
@@ -735,8 +735,8 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
if (chan->limit)
{
- strcat(outlist,"l");
- strcpy(outpars[pc++],parameters[param++]);
+ strlcat(outlist,"l",MAXBUF);
+ strlcpy(outpars[pc++],parameters[param++],MAXBUF);
l_set = true;
}
}
@@ -745,7 +745,7 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
case 'i':
if (chan->inviteonly != mdir)
{
- strcat(outlist,"i");
+ strlcat(outlist,"i",MAXBUF);
}
chan->inviteonly = mdir;
break;
@@ -753,7 +753,7 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
case 't':
if (chan->topiclock != mdir)
{
- strcat(outlist,"t");
+ strlcat(outlist,"t",MAXBUF);
}
chan->topiclock = mdir;
break;
@@ -761,7 +761,7 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
case 'n':
if (chan->noexternal != mdir)
{
- strcat(outlist,"n");
+ strlcat(outlist,"n",MAXBUF);
}
chan->noexternal = mdir;
break;
@@ -769,7 +769,7 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
case 'm':
if (chan->moderated != mdir)
{
- strcat(outlist,"m");
+ strlcat(outlist,"m",MAXBUF);
}
chan->moderated = mdir;
break;
@@ -783,11 +783,11 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
chan->c_private = 0;
if (mdir)
{
- strcat(outlist,"-p+");
+ strlcat(outlist,"-p+",MAXBUF);
}
else
{
- strcat(outlist,"+p-");
+ strlcat(outlist,"+p-",MAXBUF);
}
}
}
@@ -797,17 +797,17 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
case 'p':
if (chan->c_private != mdir)
{
- strcat(outlist,"p");
+ strlcat(outlist,"p",MAXBUF);
if (chan->secret)
{
chan->secret = 0;
if (mdir)
{
- strcat(outlist,"-s+");
+ strlcat(outlist,"-s+",MAXBUF);
}
else
{
- strcat(outlist,"+s-");
+ strlcat(outlist,"+s-",MAXBUF);
}
}
}
@@ -870,9 +870,9 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
{
if (ptr>0)
{
- strcat(outlist, app);
+ strlcat(outlist, app,MAXBUF);
}
- strcpy(outpars[pc++],parameters[param++]);
+ strlcpy(outpars[pc++],parameters[param++],MAXBUF);
}
}
else
@@ -881,11 +881,11 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
{
if ((modelist[ptr-1] == '+') || (modelist[ptr-1] == '-'))
{
- strcat(outlist, app);
+ strlcat(outlist, app,MAXBUF);
}
else if (!strchr(outlist,modechar))
{
- strcat(outlist, app);
+ strlcat(outlist, app,MAXBUF);
}
}
chan->SetCustomMode(modechar,mdir);
@@ -893,7 +893,7 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
if ((ModeDefinedOn(modechar,MT_CHANNEL)>0) && (mdir))
{
chan->SetCustomModeParam(modelist[ptr],parameters[param],mdir);
- strcpy(outpars[pc++],parameters[param++]);
+ strlcpy(outpars[pc++],parameters[param++],MAXBUF);
}
}
// break, because only one module can handle the mode.
@@ -919,11 +919,11 @@ void process_modes(char **parameters,userrec* user,chanrec *chan,int status, int
}
if (strcmp(outlist,""))
{
- strcpy(outstr,outlist);
+ strlcpy(outstr,outlist,MAXBUF);
for (ptr = 0; ptr < pc; ptr++)
{
- strcat(outstr," ");
- strcat(outstr,outpars[ptr]);
+ strlcat(outstr," ",MAXBUF);
+ strlcat(outstr,outpars[ptr],MAXBUF);
}
if (local)
{
@@ -1014,7 +1014,7 @@ bool process_module_umode(char umode, userrec* source, void* dest, bool adding)
if (!source)
{
s2 = new userrec;
- strncpy(s2->nick,ServerName,NICKMAX);
+ strlcpy(s2->nick,ServerName,NICKMAX);
strcpy(s2->modes,"o");
s2->fd = -1;
source = s2;
@@ -1075,7 +1075,7 @@ void handle_mode(char **parameters, int pcnt, userrec *user)
if ((dest) && (pcnt > 1))
{
char dmodes[MAXBUF];
- strncpy(dmodes,dest->modes,MAXBUF);
+ strlcpy(dmodes,dest->modes,MAXBUF);
log(DEBUG,"pulled up dest user modes: %s",dmodes);
can_change = 0;
@@ -1189,7 +1189,7 @@ void handle_mode(char **parameters, int pcnt, userrec *user)
strcat(temp,moo);
}
}
- strcpy(dmodes,temp);
+ strlcpy(dmodes,temp,MAXBUF);
}
}
}
@@ -1199,7 +1199,7 @@ void handle_mode(char **parameters, int pcnt, userrec *user)
if (strlen(outpars))
{
char b[MAXBUF];
- strcpy(b,"");
+ strlcpy(b,"",MAXBUF);
int z = 0;
int i = 0;
while (i < strlen (outpars))
@@ -1244,7 +1244,7 @@ void handle_mode(char **parameters, int pcnt, userrec *user)
}
log(DEBUG,"Stripped mode line");
log(DEBUG,"Line dest is now %s",dmodes);
- strncpy(dest->modes,dmodes,MAXMODES);
+ strlcpy(dest->modes,dmodes,MAXMODES);
}
@@ -1322,7 +1322,7 @@ void server_mode(char **parameters, int pcnt, userrec *user)
log(DEBUG,"params > 1");
char dmodes[MAXBUF];
- strncpy(dmodes,dest->modes,MAXBUF);
+ strlcpy(dmodes,dest->modes,MAXBUF);
strcpy(outpars,"+");
direction = 1;
@@ -1412,7 +1412,7 @@ void server_mode(char **parameters, int pcnt, userrec *user)
strcat(temp,moo);
}
}
- strcpy(dmodes,temp);
+ strlcpy(dmodes,temp,MAXBUF);
}
}
}
@@ -1422,7 +1422,7 @@ void server_mode(char **parameters, int pcnt, userrec *user)
if (strlen(outpars))
{
char b[MAXBUF];
- strcpy(b,"");
+ strlcpy(b,"",MAXBUF);
int z = 0;
int i = 0;
while (i < strlen (outpars))
@@ -1467,7 +1467,7 @@ void server_mode(char **parameters, int pcnt, userrec *user)
}
log(DEBUG,"Stripped mode line");
log(DEBUG,"Line dest is now %s",dmodes);
- strncpy(dest->modes,dmodes,MAXMODES);
+ strlcpy(dest->modes,dmodes,MAXMODES);
}
@@ -1508,7 +1508,7 @@ void merge_mode(char **parameters, int pcnt)
log(DEBUG,"params > 1");
char dmodes[MAXBUF];
- strncpy(dmodes,dest->modes,MAXBUF);
+ strlcpy(dmodes,dest->modes,MAXBUF);
strcpy(outpars,"+");
direction = 1;
@@ -1646,7 +1646,7 @@ void merge_mode(char **parameters, int pcnt)
}
log(DEBUG,"Stripped mode line");
log(DEBUG,"Line dest is now %s",dmodes);
- strncpy(dest->modes,dmodes,MAXMODES);
+ strlcpy(dest->modes,dmodes,MAXMODES);
}
@@ -1657,7 +1657,7 @@ void merge_mode(char **parameters, int pcnt)
if (Ptr)
{
userrec s2;
- strncpy(s2.nick,ServerName,NICKMAX);
+ strlcpy(s2.nick,ServerName,NICKMAX);
strcpy(s2.modes,"o");
s2.fd = -1;
process_modes(parameters,&s2,Ptr,STATUS_OP,pcnt,true,true,false);
@@ -1686,7 +1686,7 @@ void merge_mode2(char **parameters, int pcnt, userrec* user)
log(DEBUG,"params > 1");
char dmodes[MAXBUF];
- strncpy(dmodes,dest->modes,MAXBUF);
+ strlcpy(dmodes,dest->modes,MAXBUF);
strcpy(outpars,"+");
direction = 1;
@@ -1776,7 +1776,7 @@ void merge_mode2(char **parameters, int pcnt, userrec* user)
strcat(temp,moo);
}
}
- strcpy(dmodes,temp);
+ strlcpy(dmodes,temp,MAXBUF);
}
}
}
@@ -1826,7 +1826,7 @@ void merge_mode2(char **parameters, int pcnt, userrec* user)
}
log(DEBUG,"Stripped mode line");
log(DEBUG,"Line dest is now %s",dmodes);
- strncpy(dest->modes,dmodes,MAXMODES);
+ strlcpy(dest->modes,dmodes,MAXMODES);
}
diff --git a/src/modules.cpp b/src/modules.cpp
index 56a1d2621..aae7a53e2 100644
--- a/src/modules.cpp
+++ b/src/modules.cpp
@@ -123,7 +123,7 @@ namespace nspace
{
char a[MAXBUF];
static struct hash<const char *> strhash;
- strcpy(a,s.c_str());
+ strlcpy(a,s.c_str(),MAXBUF);
strlower(a);
return strhash(a);
}
@@ -137,8 +137,8 @@ struct StrHashComp
bool operator()(const string& s1, const string& s2) const
{
char a[MAXBUF],b[MAXBUF];
- strcpy(a,s1.c_str());
- strcpy(b,s2.c_str());
+ strlcpy(a,s1.c_str(),MAXBUF);
+ strlcpy(b,s2.c_str(),MAXBUF);
return (strcasecmp(a,b) == 0);
}
@@ -339,8 +339,8 @@ void Server::SendOpers(std::string s)
bool Server::MatchText(std::string sliteral, std::string spattern)
{
char literal[MAXBUF],pattern[MAXBUF];
- strncpy(literal,sliteral.c_str(),MAXBUF);
- strncpy(pattern,spattern.c_str(),MAXBUF);
+ strlcpy(literal,sliteral.c_str(),MAXBUF);
+ strlcpy(pattern,spattern.c_str(),MAXBUF);
return match(literal,pattern);
}
@@ -592,8 +592,8 @@ std::string ConfigReader::ReadValue(std::string tag, std::string name, int index
char val[MAXBUF];
char t[MAXBUF];
char n[MAXBUF];
- strncpy(t,tag.c_str(),MAXBUF);
- strncpy(n,name.c_str(),MAXBUF);
+ strlcpy(t,tag.c_str(),MAXBUF);
+ strlcpy(n,name.c_str(),MAXBUF);
int res = ReadConf(cache,t,n,index,val);
if (!res)
{
@@ -608,8 +608,8 @@ bool ConfigReader::ReadFlag(std::string tag, std::string name, int index)
char val[MAXBUF];
char t[MAXBUF];
char n[MAXBUF];
- strncpy(t,tag.c_str(),MAXBUF);
- strncpy(n,name.c_str(),MAXBUF);
+ strlcpy(t,tag.c_str(),MAXBUF);
+ strlcpy(n,name.c_str(),MAXBUF);
int res = ReadConf(cache,t,n,index,val);
if (!res)
{
@@ -625,8 +625,8 @@ long ConfigReader::ReadInteger(std::string tag, std::string name, int index, boo
char val[MAXBUF];
char t[MAXBUF];
char n[MAXBUF];
- strncpy(t,tag.c_str(),MAXBUF);
- strncpy(n,name.c_str(),MAXBUF);
+ strlcpy(t,tag.c_str(),MAXBUF);
+ strlcpy(n,name.c_str(),MAXBUF);
int res = ReadConf(cache,t,n,index,val);
if (!res)
{
diff --git a/src/servers.cpp b/src/servers.cpp
index e64fab488..2d1f70ed8 100644
--- a/src/servers.cpp
+++ b/src/servers.cpp
@@ -22,7 +22,7 @@
serverrec::serverrec()
{
- strcpy(name,"");
+ strlcpy(name,"",256);
pingtime = 0;
lastping = time(NULL);
usercount_i = usercount = opercount = version = 0;
@@ -40,7 +40,7 @@ serverrec::~serverrec()
serverrec::serverrec(char* n, long ver, bool jupe)
{
- strcpy(name,n);
+ strlcpy(name,n,256);
lastping = time(NULL);
usercount_i = usercount = opercount = 0;
version = ver;
diff --git a/src/users.cpp b/src/users.cpp
index 2b02e70fb..b940bd6af 100644
--- a/src/users.cpp
+++ b/src/users.cpp
@@ -52,14 +52,14 @@ userrec::userrec()
char* userrec::GetFullHost()
{
- sprintf(result,"%s!%s@%s",nick,ident,dhost);
+ snprintf(result,MAXBUF,"%s!%s@%s",nick,ident,dhost);
return result;
}
char* userrec::GetFullRealHost()
{
- sprintf(result,"%s!%s@%s",nick,ident,host);
+ snprintf(result,MAXBUF,"%s!%s@%s",nick,ident,host);
return result;
}
@@ -80,7 +80,7 @@ bool userrec::IsInvited(char* channel)
void userrec::InviteTo(char* channel)
{
Invited i;
- strcpy(i.channel,channel);
+ strlcpy(i.channel,channel,CHANMAX);
invites.push_back(i);
}
diff --git a/src/wildcard.cpp b/src/wildcard.cpp
index b2d85afe1..ce4d7d314 100644
--- a/src/wildcard.cpp
+++ b/src/wildcard.cpp
@@ -21,17 +21,17 @@
void Delete(char* str,int pos)
{
char moo[MAXBUF];
- strcpy(moo,str);
+ strlcpy(moo,str,MAXBUF);
moo[pos] = '\0';
- strcpy(str,moo);
- strcat(str,moo+pos+1);
+ strlcpy(str,moo,MAXBUF);
+ strlcat(str,moo+pos+1,MAXBUF);
}
void Insert(char* substr,char* str,int pos)
{
std::string a = str;
a.insert(pos,substr);
- strcpy(str,a.c_str());
+ strlcpy(str,a.c_str(),MAXBUF);
}
@@ -57,7 +57,7 @@ if ((strstr(mask,"*")==0) && (strlen(literal) != strlen(mask)))
if ((mask[I]=='*') && (MWC==0))
{
- strcpy(OldM,mask);
+ strlcpy(OldM,mask,MAXBUF);
Delete(mask,I);
@@ -69,7 +69,7 @@ if ((strstr(mask,"*")==0) && (strlen(literal) != strlen(mask)))
Insert("?",mask,I);
}
- strcpy(mask,OldM);
+ strlcpy(mask,OldM,MAXBUF);
Delete(mask,I);
Insert("?",mask,I);
}
@@ -96,8 +96,8 @@ bool match(const char* literal, const char* mask)
char L[10240];
char M[10240];
MWC = 0;
- strncpy(L,literal,10240);
- strncpy(M,mask,10240);
+ strlcpy(L,literal,10240);
+ strlcpy(M,mask,10240);
strlower(L);
strlower(M);
match2(L,M);
diff --git a/src/xline.cpp b/src/xline.cpp
index 2c273b477..721a027da 100644
--- a/src/xline.cpp
+++ b/src/xline.cpp
@@ -121,7 +121,7 @@ namespace nspace
{
char a[MAXBUF];
static struct hash<const char *> strhash;
- strcpy(a,s.c_str());
+ strlcpy(a,s.c_str(),MAXBUF);
strlower(a);
return strhash(a);
}
@@ -135,8 +135,8 @@ struct StrHashComp
bool operator()(const string& s1, const string& s2) const
{
char a[MAXBUF],b[MAXBUF];
- strcpy(a,s1.c_str());
- strcpy(b,s2.c_str());
+ strlcpy(a,s1.c_str(),MAXBUF);
+ strlcpy(b,s2.c_str(),MAXBUF);
return (strcasecmp(a,b) == 0);
}
@@ -223,9 +223,9 @@ void add_gline(long duration, char* source, char* reason, char* hostmask)
del_gline(hostmask);
GLine item;
item.duration = duration;
- strncpy(item.hostmask,hostmask,MAXBUF);
- strncpy(item.reason,reason,MAXBUF);
- strncpy(item.source,source,MAXBUF);
+ strlcpy(item.hostmask,hostmask,MAXBUF);
+ strlcpy(item.reason,reason,MAXBUF);
+ strlcpy(item.source,source,MAXBUF);
item.n_matches = 0;
item.set_time = time(NULL);
glines.push_back(item);
@@ -238,9 +238,9 @@ void add_qline(long duration, char* source, char* reason, char* nickname)
del_qline(nickname);
QLine item;
item.duration = duration;
- strncpy(item.nick,nickname,MAXBUF);
- strncpy(item.reason,reason,MAXBUF);
- strncpy(item.source,source,MAXBUF);
+ strlcpy(item.nick,nickname,MAXBUF);
+ strlcpy(item.reason,reason,MAXBUF);
+ strlcpy(item.source,source,MAXBUF);
item.n_matches = 0;
item.is_global = false;
item.set_time = time(NULL);
@@ -254,9 +254,9 @@ void add_zline(long duration, char* source, char* reason, char* ipaddr)
del_zline(ipaddr);
ZLine item;
item.duration = duration;
- strncpy(item.ipaddr,ipaddr,MAXBUF);
- strncpy(item.reason,reason,MAXBUF);
- strncpy(item.source,source,MAXBUF);
+ strlcpy(item.ipaddr,ipaddr,MAXBUF);
+ strlcpy(item.reason,reason,MAXBUF);
+ strlcpy(item.source,source,MAXBUF);
item.n_matches = 0;
item.is_global = false;
item.set_time = time(NULL);
@@ -270,9 +270,9 @@ void add_kline(long duration, char* source, char* reason, char* hostmask)
del_kline(hostmask);
KLine item;
item.duration = duration;
- strncpy(item.hostmask,hostmask,MAXBUF);
- strncpy(item.reason,reason,MAXBUF);
- strncpy(item.source,source,MAXBUF);
+ strlcpy(item.hostmask,hostmask,MAXBUF);
+ strlcpy(item.reason,reason,MAXBUF);
+ strlcpy(item.source,source,MAXBUF);
item.n_matches = 0;
item.set_time = time(NULL);
klines.push_back(item);