The Samba-Bugzilla – Attachment 2072 Details for
Bug 3971
Some unprotected strncpy() calls
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Change sprintf(buf,...) to snprintf(buf, sizeof(buf), ...)
snprintf.diff (text/plain), 6.33 KB, created by
David S. Collier-Brown
on 2006-07-27 15:54:25 UTC
(
hide
)
Description:
Change sprintf(buf,...) to snprintf(buf, sizeof(buf), ...)
Filename:
MIME Type:
Creator:
David S. Collier-Brown
Created:
2006-07-27 15:54:25 UTC
Size:
6.33 KB
patch
obsolete
> >------- client.c ------- >No differences encountered > >------- clitar.c ------- >No differences encountered > >------- mount.cifs.c ------- >--- /tmp/sccs..qayrF Thu Jul 27 16:53:11 2006 >+++ mount.cifs.c Thu Jul 27 16:52:22 2006 >@@ -489,7 +489,7 @@ > printf("bad user name \"%s\"\n", value); > exit(1); > } >- sprintf(temp, "%u", pw->pw_uid); >+ snprintf(temp, sizeof(temp) "%u", pw->pw_uid); > value = temp; > endpwent(); > } >@@ -505,7 +505,7 @@ > printf("bad group name \"%s\"\n", value); > exit(1); > } >- sprintf(temp, "%u", gr->gr_gid); >+ snprintf(temp, sizeof(temp), "%u", gr->gr_gid); > value = temp; > endpwent(); > } > >------- smbctool.c ------- >No differences encountered > >------- smbmount.c ------- >No differences encountered > >------- smbspool.c ------- >No differences encountered > >------- smbumount.c ------- >No differences encountered > >------- tree.c ------- >No differences encountered > >------- dictionary.c ------- >--- /tmp/sccs.JyaivF Thu Jul 27 16:53:11 2006 >+++ dictionary.c Thu Jul 27 16:52:25 2006 >@@ -401,7 +401,7 @@ > void dictionary_setint(dictionary * d, char * key, int val) > { > char sval[MAXVALSZ]; >- sprintf(sval, "%d", val); >+ snprintf(sval, sizeof(sval), "%d", val); > dictionary_set(d, key, sval); > } > >@@ -423,7 +423,7 @@ > void dictionary_setdouble(dictionary * d, char * key, double val) > { > char sval[MAXVALSZ]; >- sprintf(sval, "%g", val); >+ snprintf(sval, sizeof(sval), "%g", val); > dictionary_set(d, key, sval); > } > > >------- iniparser.c ------- >--- /tmp/sccs.YzaWvF Thu Jul 27 16:53:11 2006 >+++ iniparser.c Thu Jul 27 16:52:24 2006 >@@ -41,7 +41,7 @@ > > /* Make a key as section:keyword */ > if (key!=NULL) { >- sprintf(longkey, "%s:%s", sec, key); >+ snprintf(longkey, sizeif(longkey), "%s:%s", sec, key); > } else { > strcpy(longkey, sec); > } >@@ -193,7 +193,7 @@ > secname = iniparser_getsecname(d, i) ; > seclen = (int)strlen(secname); > fprintf(f, "\n[%s]\n", secname); >- sprintf(keym, "%s:", secname); >+ snprintf(keym, sizeof(keym), "%s:", secname); > for (j=0 ; j<d->size ; j++) { > if (d->key[j]==NULL) > continue ; > >------- debug.c ------- >No differences encountered > >------- interfaces.c ------- >No differences encountered > >------- ldap_escape.c ------- >No differences encountered > >------- substitute.c ------- >No differences encountered > >------- kerberos.c ------- >No differences encountered > >------- krb5_setpw.c ------- >No differences encountered > >------- libmsrpc.c ------- >No differences encountered > >------- clidgram.c ------- >No differences encountered > >------- clilist.c ------- >No differences encountered > >------- libsmbclient.c ------- >No differences encountered > >------- vfs_afsacl.c ------- >No differences encountered > >------- vfs_prealloc.c ------- >No differences encountered > >------- pam_winbind.c ------- >No differences encountered > >------- wb_common.c ------- >No differences encountered > >------- winbind_nss_aix.c ------- >--- /tmp/sccs.uSaiFF Thu Jul 27 16:53:13 2006 >+++ winbind_nss_aix.c Thu Jul 27 16:52:24 2006 >@@ -793,7 +793,7 @@ > return 0; > } > >- sprintf(shortname, "%c%07u", WB_AIX_ENCODED, pwd->pw_uid); >+ snprintf(shortname, sizeof(shortname), "%c%07u", WB_AIX_ENCODED, pwd->pw_uid); > > free_pwd(pwd); > > >------- winbind_nss_linux.c ------- >No differences encountered > >------- winbind_nss_solaris.c ------- >No differences encountered > >------- pam_smb_passwd.c ------- >No differences encountered > >------- support.c ------- >No differences encountered > >------- pdb_smbpasswd.c ------- >No differences encountered > >------- secrets.c ------- >No differences encountered > >------- findme.c ------- >No differences encountered > >------- popt.c ------- >No differences encountered > >------- popthelp.c ------- >--- /tmp/sccs.Z3aWKF Thu Jul 27 16:53:13 2006 >+++ popthelp.c Thu Jul 27 16:52:23 2006 >@@ -340,7 +340,7 @@ > while (ch > (help + 1) && isspace(*ch)) ch--; > ch++; > >- sprintf(format, "%%.%ds\n%%%ds", (int) (ch - help), indentLength); >+ snprintf(format, sizeof(format), "%%.%ds\n%%%ds", (int) (ch - help), indentLength); > /*@-formatconst@*/ > fprintf(fp, format, help, " "); > /*@=formatconst@*/ > >------- lpq_parse.c ------- >No differences encountered > >------- print_cups.c ------- >No differences encountered > >------- print_iprint.c ------- >No differences encountered > >------- reg_cachehook.c ------- >No differences encountered > >------- parse_prs.c ------- >No differences encountered > >------- srv_eventlog_lib.c ------- >No differences encountered > >------- srv_spoolss_nt.c ------- >No differences encountered > >------- lanman.c ------- >No differences encountered > >------- mangle_hash2.c ------- >No differences encountered > >------- tdbtest.c ------- >--- /tmp/sccs.FhaaRF Thu Jul 27 16:53:14 2006 >+++ tdbtest.c Thu Jul 27 16:52:23 2006 >@@ -195,7 +195,7 @@ > TDB_DATA key, data; > > for (i = 0; i < 5; i++) { >- sprintf(keys[i], "%d", i); >+ snprintf(keys[i], sizeof(keys[i]), "%d", i); > key.dptr = keys[i]; > key.dsize = 2; > > >------- crypttest.c ------- >No differences encountered > >------- os2_delete.c ------- >--- /tmp/sccs.VnaqSF Thu Jul 27 16:53:15 2006 >+++ os2_delete.c Thu Jul 27 16:52:22 2006 >@@ -37,7 +37,7 @@ > int i; > for (i=0;i<NUM_FILES;i++) { > char fname[40]; >- sprintf(fname, TESTDIR "/test%u.txt", i); >+ snprintf(fname, sizeof(fname), TESTDIR "/test%u.txt", i); > close(open(fname, O_CREAT|O_RDWR, 0600)) == 0 || FAILED("close"); > } > } >@@ -64,7 +64,7 @@ > /* delete the first few */ > for (j=0; j<MIN(i, DELETE_SIZE); j++) { > char fname[40]; >- sprintf(fname, TESTDIR "/%s", names[j]); >+ snprintf(fname, sizeof(fname), TESTDIR "/%s", names[j]); > unlink(fname) == 0 || FAILED("unlink"); > } > >@@ -144,7 +144,7 @@ > int i; > for (i=0;i<NUM_FILES;i++) { > char fname[40]; >- sprintf(fname, TESTDIR "/test%u.txt", i); >+ snprintf(fname, sizeof(fname), TESTDIR "/test%u.txt", i); > close(open(fname, O_CREAT|O_RDWR, 0600)) == 0 || FAILED("close"); > } > } >@@ -171,7 +171,7 @@ > /* delete the first few */ > for (j=0; j<MIN(i, DELETE_SIZE); j++) { > char fname[40]; >- sprintf(fname, TESTDIR "/%s", names[j]); >+ snprintf(fname, sizeof(fname), TESTDIR "/%s", names[j]); > unlink(fname) == 0 || FAILED("unlink"); > } > > >------- unixsock.c ------- >No differences encountered > >------- sharesec.c ------- >No differences encountered > >------- smbget.c ------- >No differences encountered > >------- swat.c ------- >No differences encountered
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 3971
:
2070
|
2071
| 2072