diff -ru sbin/routed.orig/if.c sbin/routed/if.c --- sbin/routed.orig/if.c 2004-07-28 09:27:40.000000000 -0300 +++ sbin/routed/if.c 2004-10-27 23:48:36.000000000 -0200 @@ -761,8 +761,8 @@ #endif sdl = (struct sockaddr_dl *)(ifm + 1); sdl->sdl_data[sdl->sdl_nlen] = 0; - strncpy(ifs0.int_name, sdl->sdl_data, - MIN(sizeof(ifs0.int_name), sdl->sdl_nlen)); + strlcpy(ifs0.int_name, sdl->sdl_data, + sizeof(ifs0.int_name)); continue; } if (ifam->ifam_type != RTM_NEWADDR) { @@ -899,7 +899,7 @@ * SIOCSIFMETRIC ioctl. */ #ifdef SIOCGIFMETRIC - strncpy(ifr.ifr_name, ifs.int_name, sizeof(ifr.ifr_name)); + strlcpy(ifr.ifr_name, ifs.int_name, sizeof(ifr.ifr_name)); if (ioctl(rt_sock, SIOCGIFMETRIC, &ifr) < 0) { DBGERR(1, "ioctl(SIOCGIFMETRIC)"); ifs.int_metric = 0; diff -ru sbin/routed.orig/main.c sbin/routed/main.c --- sbin/routed.orig/main.c 2003-06-17 01:27:34.000000000 -0300 +++ sbin/routed/main.c 2004-10-27 23:48:37.000000000 -0200 @@ -316,7 +316,7 @@ if (tracename != 0) { - strncpy(inittracename, tracename, sizeof(inittracename)-1); + strlcpy(inittracename, tracename, sizeof(inittracename)); set_tracefile(inittracename, "%s", -1); } else { tracelevel_msg("%s", -1); /* turn on tracing to stdio */ diff -ru sbin/routed.orig/parms.c sbin/routed/parms.c --- sbin/routed.orig/parms.c 2004-07-28 09:27:40.000000000 -0300 +++ sbin/routed/parms.c 2004-10-27 23:48:37.000000000 -0200 @@ -280,7 +280,7 @@ * tables to prevent overriding them with something * else. */ - strcpy(qual,"external"); + strlcpy(qual,"external", sizeof(qual)); state = IS_REMOTE | IS_PASSIVE | IS_EXTERNAL; if (metric == 0) metric = 1; @@ -341,7 +341,8 @@ if (!(state & IS_EXTERNAL) && ifp->int_mask != ifp->int_std_mask) ifp->int_state |= IS_SUBNET; - (void)sprintf(ifp->int_name, "%s(%s)", type, gname); + snprintf(ifp->int_name, sizeof(ifp->int_name), "%s(%s)", + type, gname); ifp->int_index = -1; if_link(ifp); @@ -445,15 +446,15 @@ buf,bufsize) || buf[bufsize-1] != '\0' || buf[bufsize-2] != '\0') { - sprintf(buf,"bad timestamp %.25s", val0); + snprintf(buf, bufsize, "bad timestamp %.25s", val0); return buf; } - strcat(buf,"\n"); + strlcat(buf,"\n", bufsize); memset(&tm, 0, sizeof(tm)); #if defined(sgi) || defined(__NetBSD__) ptr = strptime(buf, "%y/%m/%d@%H:%M\n", &tm); if (ptr == NULL || *ptr != '\0') { - sprintf(buf,"bad timestamp %.25s", val0); + snprintf(buf, bufsize, "bad timestamp %.25s", val0); return buf; } #else @@ -462,7 +463,7 @@ &tm.tm_hour, &tm.tm_min) || tm.tm_mon < 1 || tm.tm_mon > 12 || tm.tm_mday < 1 || tm.tm_mday > 31) { - sprintf(buf,"bad timestamp %.25s", val0); + snprintf(buf, bufsize, "bad timestamp %.25s", val0); return buf; } tm.tm_mon--; @@ -471,7 +472,7 @@ #endif if ((*tp = mktime(&tm)) == -1) { - sprintf(buf,"bad timestamp %.25s", val0); + snprintf(buf, bufsize, "bad timestamp %.25s", val0); return buf; } @@ -524,12 +525,13 @@ || buf[sizeof(buf)-1] != '\0' || (l = strtoul(buf,&p,0)) > 255 || *p != '\0') { - sprintf(buf,"bad KeyID \"%.20s\"", val0); + snprintf(buf, sizeof(buf), "bad KeyID \"%.20s\"", val0); return buf; } for (ap2 = parmp->parm_auth; ap2 < ap; ap2++) { if (ap2->keyid == l) { - sprintf(buf,"duplicate KeyID \"%.20s\"", val0); + snprintf(buf, sizeof(buf), + "duplicate KeyID \"%.20s\"", val0); return buf; } } @@ -547,7 +549,8 @@ buf,sizeof(buf)))) return p; if ((u_long)k.start > (u_long)k.end) { - sprintf(buf,"out of order timestamp %.30s", + snprintf(buf, sizeof(buf), + "out of order timestamp %.30s", val0); return buf; } @@ -566,7 +569,7 @@ { static char buf[100+8]; - sprintf(buf, "bad \"%.100s\"", estr); + snprintf(buf, sizeof(buf), "bad \"%.100s\"", estr); return buf; } @@ -675,7 +678,7 @@ if (parm.parm_name[0] != '\0' || strlen(buf) > IF_NAME_LEN) return bad_str(tgt); - strcpy(parm.parm_name, buf); + strlcpy(parm.parm_name, buf, sizeof(parm.parm_name)); } else if (PARSEQ("addr")) { /* This is a bad idea, because the address based diff -ru sbin/routed.orig/rtquery/rtquery.c sbin/routed/rtquery/rtquery.c --- sbin/routed.orig/rtquery/rtquery.c 2004-07-28 09:27:40.000000000 -0300 +++ sbin/routed/rtquery/rtquery.c 2004-10-28 00:10:24.000000000 -0200 @@ -231,7 +231,8 @@ default: usage(); } - strcpy((char*)OMSG.rip_tracefile, result); + strlcpy((char*)OMSG.rip_tracefile, result, + strlen(result) + 1); omsg_len += strlen(result) - sizeof(OMSG.ripun); } break; @@ -575,7 +576,7 @@ *p++ = 'b'; break; default: - p += sprintf(p,"%o",c); + p += snprintf(p, buf + sizeof(buf) - p, "%o", c); break; } } @@ -646,14 +647,15 @@ name = ""; if (n->n_family == RIP_AF_INET) { in.s_addr = n->n_dst; - (void)strcpy(net_buf, inet_ntoa(in)); + strlcpy(net_buf, inet_ntoa(in), sizeof(net_buf)); mask = ntohl(n->n_mask); dmask = mask & -mask; if (mask != 0) { sp = &net_buf[strlen(net_buf)]; if (IMSG.rip_vers == RIPv1) { - (void)sprintf(sp," mask=%#x ? ",mask); + snprintf(sp, net_buf + sizeof(net_buf) - sp, + " mask=%#x ? ",mask); mask = 0; } else if (mask + dmask == 0) { for (i = 0; @@ -661,9 +663,11 @@ && ((1<n_family), (char)(n->n_dst >> 24), (char)(n->n_dst >> 16), diff -ru sbin/routed.orig/table.c sbin/routed/table.c --- sbin/routed.orig/table.c 2004-07-28 09:27:40.000000000 -0300 +++ sbin/routed/table.c 2004-10-27 23:48:37.000000000 -0200 @@ -1225,10 +1225,11 @@ continue; } - strcpy(str, rtm_type_name(m.r.rtm.rtm_type)); + strlcpy(str, rtm_type_name(m.r.rtm.rtm_type), sizeof(str)); strp = &str[strlen(str)]; if (m.r.rtm.rtm_type <= RTM_CHANGE) - strp += sprintf(strp," from pid %d",m.r.rtm.rtm_pid); + strp += snprintf(strp, sizeof(str) - strlen(str), + " from pid %d",m.r.rtm.rtm_pid); rt_xaddrs(&info, m.r.addrs, &m.r.addrs[RTAX_MAX], m.r.rtm.rtm_addrs); @@ -1250,7 +1251,7 @@ ? HOST_MASK : std_mask(S_ADDR(INFO_DST(&info)))); - strp += sprintf(strp, ": %s", + strp += snprintf(strp, sizeof(str) - strlen(str), ": %s", addrname(S_ADDR(INFO_DST(&info)), mask, 0)); if (IN_MULTICAST(ntohl(S_ADDR(INFO_DST(&info))))) { @@ -1265,13 +1266,15 @@ if (get_info_gate(&INFO_GATE(&info), &gate_sin)) { gate = S_ADDR(INFO_GATE(&info)); - strp += sprintf(strp, " --> %s", naddr_ntoa(gate)); + strp += snprintf(strp, sizeof(str) - strlen(str), + " --> %s", naddr_ntoa(gate)); } else { gate = 0; } if (INFO_AUTHOR(&info) != 0) - strp += sprintf(strp, " by authority of %s", + strp += snprintf(strp, sizeof(str) - strlen(str), + " by authority of %s", saddr_ntoa(INFO_AUTHOR(&info))); switch (m.r.rtm.rtm_type) { @@ -1824,7 +1827,7 @@ return; swap = rt->rt_spares[0]; - (void)sprintf(label, "Use #%d", (int)(rts - rt->rt_spares)); + snprintf(label, sizeof(label), "Use #%d", (int)(rts - rt->rt_spares)); rtchange(rt, rt->rt_state & ~(RS_NET_SYN | RS_RDISC), rts, label); if (swap.rts_metric == HOPCNT_INFINITY) { *rts = rts_empty; diff -ru sbin/routed.orig/trace.c sbin/routed/trace.c --- sbin/routed.orig/trace.c 2003-06-17 01:27:34.000000000 -0300 +++ sbin/routed/trace.c 2004-10-27 23:48:37.000000000 -0200 @@ -110,7 +110,7 @@ *p++ = 'b'; break; default: - p += sprintf(p,"%o",c); + p += snprintf(p, buf + sizeof(buf) - p, "%o",c); break; } } @@ -134,7 +134,8 @@ struct in_addr addr; addr.s_addr = a; - s = strcpy(bufs[bufno].str, inet_ntoa(addr)); + strlcpy(bufs[bufno].str, inet_ntoa(addr), sizeof(bufs[bufno].str)); + s = bufs[bufno].str; bufno = (bufno+1) % NUM_BUFS; return s; #undef NUM_BUFS @@ -369,7 +370,7 @@ trace_close(file_trace = 1); if (fn != savetracename) - strncpy(savetracename, fn, sizeof(savetracename)-1); + strlcpy(savetracename, fn, sizeof(savetracename)); ftrace = n_ftrace; fflush(stdout); @@ -444,7 +445,8 @@ naddr dmask; int i; - s = strcpy(bufs[bufno].str, naddr_ntoa(addr)); + strlcpy(bufs[bufno].str, naddr_ntoa(addr), sizeof(bufs[bufno].str)); + s = bufs[bufno].str; bufno = (bufno+1) % NUM_BUFS; if (force == 1 || (force == 0 && mask != std_mask(addr))) { @@ -454,10 +456,12 @@ if (mask + dmask == 0) { for (i = 0; i != 32 && ((1<", addrname(dst, mask, 0)); - (void)sprintf(&buf[i], "%-*s", 15+20-MAX(20,i), naddr_ntoa(gate)); + i = snprintf(buf, sizeof(buf), "%-16s-->", addrname(dst, mask, 0)); + snprintf(&buf[i], sizeof(buf) - i, "%-*s", + 15+20-MAX(20,i), naddr_ntoa(gate)); return buf; }