From 236d23e6540b437a77546410c8740d337e56db02 Mon Sep 17 00:00:00 2001 From: brain Date: Sat, 11 Sep 2004 20:29:22 +0000 Subject: [PATCH] Changes for security based on RATS analysis git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@856 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/commands.cpp | 8 ++++---- src/inspircd.cpp | 2 +- src/inspircd_io.cpp | 4 ++-- src/mode.cpp | 10 +++++----- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/commands.cpp b/src/commands.cpp index 497305d40..e5bc33d2f 100644 --- a/src/commands.cpp +++ b/src/commands.cpp @@ -1049,14 +1049,14 @@ void handle_userhost(char **parameters, int pcnt, userrec *user) void handle_ison(char **parameters, int pcnt, userrec *user) { char Return[MAXBUF]; - sprintf(Return,"303 %s :",user->nick); + snprintf(Return,MAXBUF,"303 %s :",user->nick); for (int i = 0; i < pcnt; i++) { userrec *u = Find(parameters[i]); if (u) { - strcat(Return,u->nick); - strcat(Return," "); + strlcat(Return,u->nick,MAXBUF); + strlcat(Return," ",MAXBUF); } } WriteServ(user->fd,Return); @@ -1093,7 +1093,7 @@ void handle_whowas(char **parameters, int pcnt, userrec* user) char b[MAXBUF]; timeinfo = localtime(&rawtime); - strcpy(b,asctime(timeinfo)); + strlcpy(b,asctime(timeinfo),MAXBUF); b[strlen(b)-1] = '\0'; WriteServ(user->fd,"314 %s %s %s %s * :%s",user->nick,i->second->nick,i->second->ident,i->second->dhost,i->second->fullname); diff --git a/src/inspircd.cpp b/src/inspircd.cpp index 2a28a5ac6..20b831cc6 100644 --- a/src/inspircd.cpp +++ b/src/inspircd.cpp @@ -1728,7 +1728,7 @@ int loop_call(handlerfunc fn, char **parameters, int pcnt, userrec *u, int start { if (parameters[i]) { - strcat(plist,parameters[i]); + strlcat(plist,parameters[i],MAXBUF); } } diff --git a/src/inspircd_io.cpp b/src/inspircd_io.cpp index 9f96c463e..27473cfe6 100644 --- a/src/inspircd_io.cpp +++ b/src/inspircd_io.cpp @@ -62,7 +62,7 @@ void Start (void) { printf("\033[1;37mInspire Internet Relay Chat Server, compiled " __DATE__ " at " __TIME__ "\n"); printf("(C) ChatSpike Development team.\033[0;37m\n\n"); - printf("\033[1;37mDevelopers:\033[0;37m Brain, FrostyCoolSlug, RD\n"); + printf("\033[1;37mDevelopers:\033[0;37m Brain, FrostyCoolSlug\n"); printf("\033[1;37mDocumentation:\033[0;37m FrostyCoolSlug, w00t\n"); printf("\033[1;37mTesters:\033[0;37m typobox43, piggles, Lord_Zathras, CC\n"); printf("\033[1;37mName concept:\033[0;37m Lord_Zathras\n\n"); @@ -400,7 +400,7 @@ int ReadConf(std::stringstream *config, const char* tag, const char* var, int in key[j] = '\0'; } } - strcpy(result,key); + strlcpy(result,key,MAXBUF); return 1; } } diff --git a/src/mode.cpp b/src/mode.cpp index 68a46798b..9b7d29e94 100644 --- a/src/mode.cpp +++ b/src/mode.cpp @@ -1186,7 +1186,7 @@ void handle_mode(char **parameters, int pcnt, userrec *user) { moo[0] = dmodes[q]; moo[1] = '\0'; - strcat(temp,moo); + strlcat(temp,moo,MAXBUF); } } strlcpy(dmodes,temp,MAXBUF); @@ -1409,7 +1409,7 @@ void server_mode(char **parameters, int pcnt, userrec *user) { moo[0] = dmodes[q]; moo[1] = '\0'; - strcat(temp,moo); + strlcat(temp,moo,MAXBUF); } } strlcpy(dmodes,temp,MAXBUF); @@ -1595,10 +1595,10 @@ void merge_mode(char **parameters, int pcnt) { moo[0] = dmodes[q]; moo[1] = '\0'; - strcat(temp,moo); + strlcat(temp,moo,MAXBUF); } } - strcpy(dmodes,temp); + strlcpy(dmodes,temp,MAXBUF); } } } @@ -1773,7 +1773,7 @@ void merge_mode2(char **parameters, int pcnt, userrec* user) { moo[0] = dmodes[q]; moo[1] = '\0'; - strcat(temp,moo); + strlcat(temp,moo,MAXBUF); } } strlcpy(dmodes,temp,MAXBUF); -- 2.39.5