diff -ru sbin/restore.orig/dirs.c sbin/restore/dirs.c --- sbin/restore.orig/dirs.c 2004-02-04 15:40:01.000000000 -0200 +++ sbin/restore/dirs.c 2004-10-26 23:32:45.000000000 -0200 @@ -146,9 +146,9 @@ vprintf(stdout, "Extract directories from tape\n"); if ((tmpdir = getenv("TMPDIR")) == NULL || tmpdir[0] == '\0') tmpdir = _PATH_TMP; - sprintf(dirfile, "%s/rstdir%ld", tmpdir, (long)dumpdate); + snprintf(dirfile, sizeof(dirfile), "%s/rstdir%ld", tmpdir, (long)dumpdate); if (command != 'r' && command != 'R') { - (void *) strcat(dirfile, "-XXXXXX"); + strlcat(dirfile, "-XXXXXX", sizeof(dirfile)); fd = mkstemp(dirfile); } else fd = open(dirfile, O_RDWR|O_CREAT|O_EXCL, 0666); @@ -159,9 +159,10 @@ done(1); } if (genmode != 0) { - sprintf(modefile, "%s/rstmode%ld", tmpdir, (long)dumpdate); + snprintf(modefile, sizeof(modefile), "%s/rstmode%ld", + tmpdir, (long)dumpdate); if (command != 'r' && command != 'R') { - (void *) strcat(modefile, "-XXXXXX"); + strlcat(modefile, "-XXXXXX", sizeof(modefile)); fd = mkstemp(modefile); } else fd = open(modefile, O_RDWR|O_CREAT|O_EXCL, 0666); @@ -175,7 +176,7 @@ nulldir.d_ino = 0; nulldir.d_type = DT_DIR; nulldir.d_namlen = 1; - (void) strcpy(nulldir.d_name, "/"); + strlcpy(nulldir.d_name, "/", sizeof(nulldir.d_name)); nulldir.d_reclen = DIRSIZ(0, &nulldir); for (;;) { curfile.name = ""; @@ -244,9 +245,7 @@ * begin search through the directory * skipping over "." and ".." */ - (void) strncpy(locname, pname, sizeof(locname) - 1); - locname[sizeof(locname) - 1] = '\0'; - (void) strncat(locname, "/", sizeof(locname) - strlen(locname)); + snprintf(locname, sizeof(locname), "%s/", pname); namelen = strlen(locname); rst_seekdir(dirp, itp->t_seekpt, itp->t_seekpt); dp = rst_readdir(dirp); /* "." */ @@ -270,7 +269,7 @@ fprintf(stderr, "%s%s: name exceeds %d char\n", locname, dp->d_name, sizeof(locname) - 1); } else { - (void) strncat(locname, dp->d_name, (int)dp->d_namlen); + strlcat(locname, dp->d_name, sizeof(locname)); treescan(locname, dp->d_ino, todo); rst_seekdir(dirp, bpt, itp->t_seekpt); } @@ -289,7 +288,7 @@ struct direct *dp; char *path, *name, buffer[MAXPATHLEN]; - strcpy(buffer, pathname); + strlcpy(buffer, pathname, sizeof(buffer)); path = buffer; ino = ROOTINO; while (*path == '/') @@ -434,7 +433,7 @@ memset(ndp, 0, (long)(sizeof *ndp)); ndp->d_ino = odp->d_ino; ndp->d_type = DT_UNKNOWN; - (void) strncpy(ndp->d_name, odp->d_name, ODIRSIZ); + strlcpy(ndp->d_name, odp->d_name, sizeof(ndp->d_name)); ndp->d_namlen = strlen(ndp->d_name); ndp->d_reclen = DIRSIZ(0, ndp); } @@ -578,7 +577,8 @@ if ((tmpdir = getenv("TMPDIR")) == NULL || tmpdir[0] == '\0') tmpdir = _PATH_TMP; if (command == 'r' || command == 'R') - sprintf(modefile, "%s/rstmode%ld", tmpdir, (long)dumpdate); + snprintf(modefile, sizeof(modefile), "%s/rstmode%ld", + tmpdir, (long)dumpdate); if (modefile[0] == '#') { panic("modefile not defined\n"); fprintf(stderr, "directory mode, owner, and times not set\n"); diff -ru sbin/restore.orig/interactive.c sbin/restore/interactive.c --- sbin/restore.orig/interactive.c 2004-02-04 15:40:01.000000000 -0200 +++ sbin/restore/interactive.c 2004-10-26 23:27:29.000000000 -0200 @@ -147,7 +147,7 @@ fprintf(stderr, "%s: not a directory\n", name); break; } - (void) strcpy(curdir, name); + strlcpy(curdir, name, sizeof(curdir)); break; /* * Delete elements from the extraction list. @@ -319,7 +319,7 @@ fprintf(stderr, "restore > "); (void) fflush(stderr); if (fgets(input, BUFSIZ, terminal) == NULL) { - strcpy(cmd, "quit"); + strlcpy(cmd, "quit", BUFSIZ); return; } } while (input[0] == '\n'); @@ -335,8 +335,7 @@ * If no argument, use curdir as the default. */ if (*cp == '\0') { - (void) strncpy(name, curdir, size); - name[size - 1] = '\0'; + strlcpy(name, curdir, size); return; } nextarg = cp; @@ -370,8 +369,7 @@ ap->argcnt = ap->glob.gl_pathc; retnext: - strncpy(name, ap->glob.gl_pathv[ap->glob.gl_pathc - ap->argcnt], size); - name[size - 1] = '\0'; + strlcpy(name, ap->glob.gl_pathv[ap->glob.gl_pathc - ap->argcnt], size); if (--ap->argcnt == 0) { ap->freeglob = 0; globfree(&ap->glob); @@ -437,17 +435,17 @@ register char *cp, *np; if (strcmp(rawname, ".") == 0 || strncmp(rawname, "./", 2) == 0) - (void) strcpy(canonname, ""); + strlcpy(canonname, "", len); else if (rawname[0] == '/') - (void) strcpy(canonname, "."); + strlcpy(canonname, ".", len); else - (void) strcpy(canonname, "./"); + strlcpy(canonname, "./", len); if (strlen(canonname) + strlen(rawname) >= len) { fprintf(stderr, "canonname: not enough buffer space\n"); done(1); } - (void) strcat(canonname, rawname); + strlcat(canonname, rawname, len); /* * Eliminate multiple and trailing '/'s */ @@ -469,14 +467,14 @@ np++; if (np - cp == 1 && *cp == '.') { cp--; - (void) strcpy(cp, np); + strlcpy(cp, np, len); np = cp; } if (np - cp == 2 && strncmp(cp, "..", 2) == 0) { cp--; while (cp > &canonname[1] && *--cp != '/') /* find beginning of name */; - (void) strcpy(cp, np); + strlcpy(cp, np, len); np = cp; } } @@ -524,8 +522,7 @@ fprintf(stderr, "%s:\n", name); entries = 0; listp = list; - (void) strncpy(locname, name, MAXPATHLEN); - (void) strncat(locname, "/", MAXPATHLEN); + snprintf(locname, sizeof(locname), "%s/", name); namelen = strlen(locname); while ((dp = rst_readdir(dirp))) { if (dp == NULL) @@ -536,13 +533,11 @@ strcmp(dp->d_name, ".") == 0 || strcmp(dp->d_name, "..") == 0)) continue; - locname[namelen] = '\0'; if (namelen + dp->d_namlen >= MAXPATHLEN) { fprintf(stderr, "%s%s: name exceeds %d char\n", locname, dp->d_name, MAXPATHLEN); } else { - (void) strncat(locname, dp->d_name, - (int)dp->d_namlen); + strlcat(locname, dp->d_name, sizeof(locname)); mkentry(locname, dp, listp++); entries++; } diff -ru sbin/restore.orig/main.c sbin/restore/main.c --- sbin/restore.orig/main.c 2003-11-01 15:16:01.000000000 -0200 +++ sbin/restore/main.c 2004-10-26 23:26:27.000000000 -0200 @@ -334,7 +334,7 @@ err(1, NULL); nargv[0][0] = '-'; nargv[0][1] = *ap; - (void)strcpy(&nargv[0][2], *argv); + strlcpy(&nargv[0][2], *argv, strlen(*argv) + 1); ++argv; ++nargv; break; diff -ru sbin/restore.orig/restore.c sbin/restore/restore.c --- sbin/restore.orig/restore.c 2003-11-01 15:16:01.000000000 -0200 +++ sbin/restore/restore.c 2004-10-26 23:26:27.000000000 -0200 @@ -81,7 +81,7 @@ if (ino == WINO && command == 'i' && !vflag) return (descend); if (!mflag) { - (void) sprintf(buf, "./%u", ino); + snprintf(buf, sizeof(buf), "./%u", ino); name = buf; if (type == NODE) { (void) genliteraldir(name, ino); @@ -490,16 +490,16 @@ { static char keybuf[32]; - (void) strcpy(keybuf, "|NIL"); + strlcpy(keybuf, "|NIL", sizeof(keybuf)); keybuf[0] = '\0'; if (key & ONTAPE) - (void) strcat(keybuf, "|ONTAPE"); + strlcat(keybuf, "|ONTAPE", sizeof(keybuf)); if (key & INOFND) - (void) strcat(keybuf, "|INOFND"); + strlcat(keybuf, "|INOFND", sizeof(keybuf)); if (key & NAMEFND) - (void) strcat(keybuf, "|NAMEFND"); + strlcat(keybuf, "|NAMEFND", sizeof(keybuf)); if (key & MODECHG) - (void) strcat(keybuf, "|MODECHG"); + strlcat(keybuf, "|MODECHG", sizeof(keybuf)); return (&keybuf[1]); } @@ -782,7 +782,7 @@ for (np = ep->e_links; np != NULL; np = np->e_links) { if ((np->e_flags & NEW) == 0) continue; - (void) strcpy(name, myname(ep)); + strlcpy(name, myname(ep), sizeof(name)); if (ep->e_type == NODE) { (void) linkit(name, myname(np), SYMLINK); } else { diff -ru sbin/restore.orig/symtab.c sbin/restore/symtab.c --- sbin/restore.orig/symtab.c 2003-11-01 15:16:01.000000000 -0200 +++ sbin/restore/symtab.c 2004-10-26 23:26:27.000000000 -0200 @@ -397,7 +397,7 @@ if (cp == NULL) panic("no space for string table\n"); } - (void) strcpy(cp, name); + strlcpy(cp, name, len); return (cp); } diff -ru sbin/restore.orig/tape.c sbin/restore/tape.c --- sbin/restore.orig/tape.c 2004-02-04 15:40:01.000000000 -0200 +++ sbin/restore/tape.c 2004-10-26 23:26:27.000000000 -0200 @@ -333,11 +333,11 @@ " Otherwise, begin with volume 1.\n"); } else { fprintf(stderr, "You have read volumes"); - strcpy(buf, ": "); + strlcpy(buf, ": ", sizeof(buf)); for (i = 0; i < 32; i++) if (tapesread & (1 << i)) { fprintf(stderr, "%s%ld", buf, i + 1); - strcpy(buf, ", "); + strlcpy(buf, ", ", sizeof(buf)); } fprintf(stderr, "\n"); } @@ -368,10 +368,8 @@ terminateinput(); return; } - if (buf[0] != '\n') { - (void) strcpy(magtape, buf); - magtape[strlen(magtape) - 1] = '\0'; - } + if (buf[0] != '\n') + strlcpy(magtape, buf, strlen(magtape)); #ifdef RRESTORE if (host) mt = rmtopen(magtape, 0); @@ -775,7 +773,7 @@ curfile.name, lnkbuf, buf, pathlen); done(1); } - (void) strcat(lnkbuf, buf); + strlcat(lnkbuf, buf, sizeof(lnkbuf)); } /* diff -ru sbin/restore.orig/utilities.c sbin/restore/utilities.c --- sbin/restore.orig/utilities.c 2003-09-28 11:39:22.000000000 -0300 +++ sbin/restore/utilities.c 2004-10-26 23:33:29.000000000 -0200 @@ -89,7 +89,7 @@ if (ep->e_flags & TMPNAME) badentry(ep, "mktempname: called with TMPNAME"); ep->e_flags |= TMPNAME; - (void) strcpy(oldname, myname(ep)); + strlcpy(oldname, myname(ep), sizeof(oldname)); freename(ep->e_name); ep->e_name = savename(gentempname(ep)); ep->e_namlen = strlen(ep->e_name); @@ -111,7 +111,7 @@ i++; if (np == NULL) badentry(ep, "not on ino list"); - (void) sprintf(name, "%s%ld%lu", TMPHDR, i, (u_long)ep->e_ino); + snprintf(name, sizeof(name), "%s%ld%lu", TMPHDR, i, (u_long)ep->e_ino); return (name); } @@ -345,20 +345,20 @@ { static char flagbuf[BUFSIZ]; - (void) strcpy(flagbuf, "|NIL"); + strlcpy(flagbuf, "|NIL", sizeof(flagbuf)); flagbuf[0] = '\0'; if (ep->e_flags & REMOVED) - (void) strcat(flagbuf, "|REMOVED"); + strlcat(flagbuf, "|REMOVED", sizeof(flagbuf)); if (ep->e_flags & TMPNAME) - (void) strcat(flagbuf, "|TMPNAME"); + strlcat(flagbuf, "|TMPNAME", sizeof(flagbuf)); if (ep->e_flags & EXTRACT) - (void) strcat(flagbuf, "|EXTRACT"); + strlcat(flagbuf, "|EXTRACT", sizeof(flagbuf)); if (ep->e_flags & NEW) - (void) strcat(flagbuf, "|NEW"); + strlcat(flagbuf, "|NEW", sizeof(flagbuf)); if (ep->e_flags & KEEP) - (void) strcat(flagbuf, "|KEEP"); + strlcat(flagbuf, "|KEEP", sizeof(flagbuf)); if (ep->e_flags & EXISTED) - (void) strcat(flagbuf, "|EXISTED"); + strlcat(flagbuf, "|EXISTED", sizeof(flagbuf)); return (&flagbuf[1]); }