From b2f21c3d55956b2e64ab2093ec90ff553e1c8036 Mon Sep 17 00:00:00 2001 From: Brian Cox Date: Wed, 15 Mar 2017 19:06:52 -0700 Subject: [PATCH] Assorted bounds checks (via flawfinder) --- src/core/debug.cpp | 6 +++--- src/core/errorutil.cpp | 6 +++--- src/core/unixfsservices.cpp | 4 ++-- src/fco/fconametbl.cpp | 5 +++-- src/fco/signature.cpp | 16 ++++++++-------- src/tripwire/smtpmailmessage.cpp | 2 +- src/twparser/yyparse.cpp | 4 ++-- 7 files changed, 22 insertions(+), 21 deletions(-) diff --git a/src/core/debug.cpp b/src/core/debug.cpp index 7914f93..6870b7d 100644 --- a/src/core/debug.cpp +++ b/src/core/debug.cpp @@ -63,7 +63,7 @@ cDebug::cDebug(const char* label) cDebug::cDebug(const cDebug &rhs) { - strcpy(mLabel, rhs.mLabel); + strcpy(mLabel, rhs.mLabel, MAX_LABEL); } cDebug::~cDebug() @@ -102,7 +102,7 @@ void cDebug::DoTrace(const char *format, va_list &args) char out[2048]; size_t guard2 = 0xBABABABA; - vsprintf(out, format, args); + vsnprintf(out, 2048, format, args); ASSERT(guard1 == 0xBABABABA && guard2 == 0xBABABABA); // string was too long ASSERT(strlen(out) < 1024); @@ -304,7 +304,7 @@ void cDebug::DebugOut( const char* lpOutputString, ... ) // create the output buffer va_list args; va_start(args, lpOutputString); - vsprintf(buf, lpOutputString, args); + vsnprintf(buf, 2048, lpOutputString, args); va_end(args); #ifdef _DEBUG diff --git a/src/core/errorutil.cpp b/src/core/errorutil.cpp index 65f5099..da4aff8 100644 --- a/src/core/errorutil.cpp +++ b/src/core/errorutil.cpp @@ -43,9 +43,9 @@ #if IS_UNIX namespace //unique { - TCHAR* tw_itot( int value, TCHAR* string, int radix) + TCHAR* tw_itot( int value, TCHAR* string, int radix, int size) { - _stprintf( string, "%d", value ); + snprintf( string, size, "%d", value ); return string; } } @@ -61,7 +61,7 @@ eInternal::eInternal(TCHAR* sourceFile, int lineNum) mMsg = _T("File: "); mMsg += sourceFile; mMsg += _T(" Line: "); - mMsg += tw_itot(lineNum, buf, 10); + mMsg += tw_itot(lineNum, buf, 10, 256); } //============================================================================= diff --git a/src/core/unixfsservices.cpp b/src/core/unixfsservices.cpp index 5da6073..6ebf4d1 100644 --- a/src/core/unixfsservices.cpp +++ b/src/core/unixfsservices.cpp @@ -264,7 +264,7 @@ TSTRING& cUnixFSServices::MakeTempFilename( TSTRING& strName ) const throw(eFSSe char szTemplate[iFSServices::TW_MAX_PATH]; int fd; - strcpy( szTemplate, strName.c_str() ); + strncpy( szTemplate, strName.c_str(), iFSServices::TW_MAX_PATH ); #ifdef HAVE_MKSTEMP // create temp filename and check to see if mkstemp failed @@ -605,7 +605,7 @@ bool cUnixFSServices::GetGroupName( gid_t group_id, TSTRING& tstrGroup ) const void cUnixFSServices::ConvertModeToString( uint64 perm, TSTRING& tstrPerm ) const { TCHAR szPerm[11]; //10 permission bits plus the NULL - _tcscpy( szPerm, _T("----------") ); + strncpy( szPerm, _T("----------"), 11); ASSERT( sizeof(unsigned short) <= sizeof(uint32) ); // We do this in case an "unsigned short" is ever larger than the diff --git a/src/fco/fconametbl.cpp b/src/fco/fconametbl.cpp index 26646d4..9eaa605 100644 --- a/src/fco/fconametbl.cpp +++ b/src/fco/fconametbl.cpp @@ -112,8 +112,9 @@ void cFCONameTblNode::SetString(const TSTRING& newStr) mpString = NULL; } - mpString = (TCHAR*)util_AllocMem( sizeof(TCHAR)*(newStr.length()+1) ); - _tcscpy( mpString, newStr.c_str() ); + size_t alloc_size = sizeof(TCHAR)*(newStr.length()+1); + mpString = (TCHAR*)util_AllocMem(alloc_size); + strncpy( mpString, newStr.c_str(), alloc_size ); // NOTE -- the lower case pointer is now invalid. } diff --git a/src/fco/signature.cpp b/src/fco/signature.cpp index cee4240..27e59f9 100644 --- a/src/fco/signature.cpp +++ b/src/fco/signature.cpp @@ -556,8 +556,8 @@ TSTRING cMD5Signature::AsStringHex() const for(int i = 0; i < SIG_BYTE_SIZE; ++i) { - _stprintf(stringBuffer, _T("%02lx"), (unsigned long)dbuf[i]); - _tcscat(sigStringOut, stringBuffer); + snprintf(stringBuffer, 128, _T("%02lx"), (unsigned long)dbuf[i]); + strncat(sigStringOut, stringBuffer, 128); } ret.append(sigStringOut); @@ -679,8 +679,8 @@ TSTRING cSHASignature::AsStringHex() const for (int i=0; i < SIG_UINT32_SIZE*(int)sizeof(uint32); ++i) { - _stprintf(stringBuffer, _T("%02x"), dbuf[i]); - _tcscat(sigStringOut, stringBuffer); + snprintf(stringBuffer, 128, _T("%02x"), dbuf[i]); + strncat(sigStringOut, stringBuffer, 128); } ret.append(sigStringOut); @@ -754,8 +754,8 @@ TSTRING cSHASignature::AsStringHex() const for (int i=0; i < SIG_UINT32_SIZE; ++i) { - _stprintf(stringBuffer, _T("%08x"), mSHAInfo.digest[i]); - _tcscat(sigStringOut, stringBuffer); + snprintf(stringBuffer, 128, _T("%08x"), mSHAInfo.digest[i]); + strncat(sigStringOut, stringBuffer, 128); } ret.append(sigStringOut); @@ -856,8 +856,8 @@ TSTRING cHAVALSignature::AsStringHex() const for (int i=0; i < SIG_BYTE_SIZE; ++i) { - _stprintf(stringBuffer, _T("%02x"), mSignature[i]); - _tcscat(sigStringOut, stringBuffer); + snprintf(stringBuffer, 128, _T("%02x"), mSignature[i]); + strncat(sigStringOut, stringBuffer, 128); } ret.append(sigStringOut); diff --git a/src/tripwire/smtpmailmessage.cpp b/src/tripwire/smtpmailmessage.cpp index 4a9ee5e..52c6adc 100644 --- a/src/tripwire/smtpmailmessage.cpp +++ b/src/tripwire/smtpmailmessage.cpp @@ -92,7 +92,7 @@ static int gethostname( char* name, int namelen ) if ( strlen( myname.nodename ) < (unsigned int)namelen ) { - strcpy( name, myname.nodename ); + strncpy( name, myname.nodename, namelen ); return 0; } else diff --git a/src/twparser/yyparse.cpp b/src/twparser/yyparse.cpp index 0bb7645..9deb903 100644 --- a/src/twparser/yyparse.cpp +++ b/src/twparser/yyparse.cpp @@ -1393,7 +1393,7 @@ yy_parse::yyExpandName(int num, int isrule, char * buf, int len) for (endp = buf + len - 8; *s; s++) { if (buf >= endp) { /* too large: return 0 */ - full: (void) strcpy(buf, " ...\n"); + full: (void) strncpy(buf, " ...\n", len); return 0; } else if (*s == '%') { /* nonterminal */ type = 0; @@ -1423,7 +1423,7 @@ yy_parse::yyExpandName(int num, int isrule, char * buf, int len) if ((i = strlen(cp)) + buf > endp) goto full; - (void) strcpy(buf, cp); + (void) strncpy(buf, cp, len); buf += i; } else *buf++ = *s;