From 9270c2fa335bc3c2d4cb02cc33f8922ea7bcc865 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Tue, 9 Mar 2010 16:47:45 +0000 Subject: replace unsafe functions --- milter.c | 36 +++++++++++++++++++----------------- 1 file changed, 19 insertions(+), 17 deletions(-) (limited to 'milter.c') diff --git a/milter.c b/milter.c index d319164..ddb207e 100644 --- a/milter.c +++ b/milter.c @@ -208,11 +208,11 @@ mlfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr) if(!inet_ntop(hostaddr->sa_family, mysaddr, host, sizeof(host))) { syslog(LOG_ERR, "mlfi_connect: inet_ntop failed"); - strcpy(host, "*"); + strlcpy(host, "*", sizeof(host)); } } else - strcpy(host, "*"); + strlcpy(host, "*", sizeof(host)); if(debug) syslog(LOG_DEBUG, "connection from %s [ %s ]", hostname, host); @@ -489,7 +489,7 @@ mlfi_body(SMFICTX *ctx, unsigned char *bodyp, size_t bodylen) { if(debug) syslog(LOG_DEBUG, "body_limit reached, " - " %d bytes discarded", bodylen); + " %zd bytes discarded", bodylen); bodylen=0; } @@ -498,7 +498,7 @@ mlfi_body(SMFICTX *ctx, unsigned char *bodyp, size_t bodylen) { if(debug) syslog(LOG_DEBUG, "body_limit reached, " - " %d bytes discarded", + " %zd bytes discarded", bodylen-(bodylimit-priv->bodylen)); bodylen=bodylimit-priv->bodylen; @@ -517,7 +517,7 @@ mlfi_body(SMFICTX *ctx, unsigned char *bodyp, size_t bodylen) else { if(debug) - syslog(LOG_DEBUG, "%d body bytes written", + syslog(LOG_DEBUG, "%zd body bytes written", bodylen); priv->bodylen+=bodylen; @@ -533,6 +533,7 @@ mlfi_eom(SMFICTX *ctx) struct mlfiPriv *priv; int status, i; char *bogocl, header[64]; + size_t bogosz; float spamicity_val; char *tmp_subj; FILE *proc; @@ -550,7 +551,8 @@ mlfi_eom(SMFICTX *ctx) fclose(priv->f); priv->f=NULL; - bogocl=(char *)malloc(strlen(bogo)+strlen(priv->fullpath)+16); + bogosz=strlen(bogo)+strlen(priv->fullpath)+16; + bogocl=(char *)malloc(bogosz); if(!bogocl) { syslog(LOG_ERR, "on mlfi_eom: %s", strerror(errno)); @@ -558,19 +560,19 @@ mlfi_eom(SMFICTX *ctx) return SMFIS_CONTINUE; } - sprintf(bogocl, "%s -", bogo); + snprintf(bogocl, bogosz, "%s -", bogo); if(train) - strcat(bogocl, "u"); + strlcat(bogocl, "u", bogosz); if(verbose) - strcat(bogocl, "l"); + strlcat(bogocl, "l", bogosz); if(spamicity) - strcat(bogocl, "TT"); + strlcat(bogocl, "TT", bogosz); - strcat(bogocl, "B "); - strcat(bogocl, priv->fullpath); + strlcat(bogocl, "B ", bogosz); + strlcat(bogocl, priv->fullpath, bogosz); #ifdef __sun__ proc=popen(bogocl, "rF"); @@ -623,7 +625,7 @@ mlfi_eom(SMFICTX *ctx) snprintf(header, 64, "Spam, spamicity=%.6f", spamicity_val); else - strcpy(header, "Yes, tests=bogofilter"); + strlcpy(header, "Yes, tests=bogofilter", sizeof(header)); smfi_insheader(ctx, 0, "X-Bogosity", header); priv->old_headers++; @@ -718,7 +720,7 @@ mlfi_eom(SMFICTX *ctx) snprintf(header, 64, "Ham, spamicity=%.6f", spamicity_val); else - strcpy(header, "No, tests=bogofilter"); + strlcpy(header, "No, tests=bogofilter", sizeof(header)); smfi_insheader(ctx, 0, "X-Bogosity", header); priv->old_headers++; @@ -731,7 +733,7 @@ mlfi_eom(SMFICTX *ctx) snprintf(header, 64, "Unsure, spamicity=%.6f", spamicity_val); else - strcpy(header, "Unsure, tests=bogofilter"); + strlcpy(header, "Unsure, tests=bogofilter", sizeof(header)); smfi_insheader(ctx, 0, "X-Bogosity", header); priv->old_headers++; @@ -849,7 +851,7 @@ hostname_tmp() if(gethostname(myhostname+strlen(myhostname), MAXHOSTNAMELEN)==-1) { syslog(LOG_NOTICE, "failed to get my hostname"); - strcpy(myhostname, "unknown_hostname"); + strlcpy(myhostname, "unknown_hostname", sizeof(myhostname)); } p=myhostname; @@ -860,7 +862,7 @@ hostname_tmp() while((p=strstr(p, ":"))) *p='\072'; - strcat(myhostname, ".XXXXXXXXXX"); + strlcat(myhostname, ".XXXXXXXXXX", sizeof(myhostname)); return strdup(myhostname); } -- cgit v1.2.3