Ignore:
Timestamp:
04/02/11 23:26:47 (9 years ago)
Author:
Admin
Message:

Replace all occurences of strcpy and sprintf by their safe variants (please report in the forum if anything broke by this revision!). Prevent future usage of these functions through globals.h

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/oscam-http-helpers.c

    r4860 r4896  
    312312  char noncetmp[128];
    313313  unsigned char md5tmp[MD5_DIGEST_LENGTH];
    314   sprintf(noncetmp, "%d:%s", (int)time(NULL)/AUTHNONCEVALIDSECS, noncekey);
     314  snprintf(noncetmp, sizeof(noncetmp), "%d:%s", (int)time(NULL)/AUTHNONCEVALIDSECS, noncekey);
    315315  char_to_hex(MD5((unsigned char*)noncetmp, strlen(noncetmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)result);
    316316}
     
    362362        char A1[(MD5_DIGEST_LENGTH * 2) + 1], A2[(MD5_DIGEST_LENGTH * 2) + 1], A3[(MD5_DIGEST_LENGTH * 2) + 1];
    363363        unsigned char md5tmp[MD5_DIGEST_LENGTH];
    364         sprintf(A1tmp, "%s:%s:%s", username, AUTHREALM, expectedPassword);
     364        snprintf(A1tmp, sizeof(A1tmp), "%s:%s:%s", username, AUTHREALM, expectedPassword);
    365365        char_to_hex(MD5((unsigned char*)A1tmp, strlen(A1tmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)A1);
    366366       
    367367        char A2tmp[2 + strlen(method) + strlen(uri)];
    368         sprintf(A2tmp, "%s:%s", method, uri);       
     368        snprintf(A2tmp, sizeof(A2tmp), "%s:%s", method, uri);       
    369369        char_to_hex(MD5((unsigned char*)A2tmp, strlen(A2tmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)A2);
    370370       
    371371        char A3tmp[10 + strlen(A1) + strlen(A2) + strlen(authnonce) + strlen(authnc) + strlen(authcnonce)];
    372         sprintf(A3tmp, "%s:%s:%s:%s:auth:%s", A1, authnonce, authnc, authcnonce, A2);
     372        snprintf(A3tmp, sizeof(A3tmp), "%s:%s:%s:%s:auth:%s", A1, authnonce, authnc, authcnonce, A2);
    373373        char_to_hex(MD5((unsigned char*)A3tmp, strlen(A3tmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)A3);
    374374       
     
    415415    char *pos = buf;
    416416   
    417   pos += sprintf(pos, "%s %d %s\r\n", PROTOCOL, status, title);
    418   pos += sprintf(pos, "Server: %s\r\n", SERVER);
     417  pos += snprintf(pos, sizeof(buf)-(pos-buf), "%s %d %s\r\n", PROTOCOL, status, title);
     418  pos += snprintf(pos, sizeof(buf)-(pos-buf), "Server: %s\r\n", SERVER);
    419419
    420420  now = time(NULL);
    421421  strftime(timebuf, sizeof(timebuf), RFC1123FMT, gmtime(&now));
    422   pos += sprintf(pos, "Date: %s\r\n", timebuf);
     422  pos += snprintf(pos, sizeof(buf)-(pos-buf), "Date: %s\r\n", timebuf);
    423423
    424424    if (extra)
    425         pos += sprintf(pos, "%s\r\n", extra);
     425        pos += snprintf(pos, sizeof(buf)-(pos-buf),"%s\r\n", extra);
    426426
    427427    if (mime)
    428         pos += sprintf(pos, "Content-Type: %s\r\n", mime);
     428        pos += snprintf(pos, sizeof(buf)-(pos-buf),"Content-Type: %s\r\n", mime);
    429429
    430430    if(!cache){
    431         pos += sprintf(pos, "Cache-Control: no-store, no-cache, must-revalidate\r\n");
    432         pos += sprintf(pos, "Expires: Sat, 26 Jul 1997 05:00:00 GMT\r\n");
     431        pos += snprintf(pos, sizeof(buf)-(pos-buf),"Cache-Control: no-store, no-cache, must-revalidate\r\n");
     432        pos += snprintf(pos, sizeof(buf)-(pos-buf),"Expires: Sat, 26 Jul 1997 05:00:00 GMT\r\n");
    433433    } else {
    434         pos += sprintf(pos, "Cache-Control: public, max-age=7200\r\n");
    435     }
    436     pos += sprintf(pos, "Last-Modified: %s\r\n", timebuf);
    437     pos += sprintf(pos, "Connection: close\r\n");
    438     pos += sprintf(pos, "\r\n");
     434        pos += snprintf(pos, sizeof(buf)-(pos-buf),"Cache-Control: public, max-age=7200\r\n");
     435    }
     436    pos += snprintf(pos, sizeof(buf)-(pos-buf),"Last-Modified: %s\r\n", timebuf);
     437    pos += snprintf(pos, sizeof(buf)-(pos-buf), "Connection: close\r\n");
     438    pos += snprintf(pos, sizeof(buf)-(pos-buf),"\r\n");
    439439    webif_write(buf, f);
    440440}
     
    478478    char *pos = buf;
    479479    send_headers(f, status, title, extra, "text/html", 0);
    480     pos += sprintf(pos, "<HTML><HEAD><TITLE>%d %s</TITLE></HEAD>\r\n", status, title);
    481     pos += sprintf(pos, "<BODY><H4>%d %s</H4>\r\n", status, title);
    482     pos += sprintf(pos, "%s\r\n", text);
    483     pos += sprintf(pos, "</BODY></HTML>\r\n");
     480    pos += snprintf(pos, sizeof(buf)-(pos-buf), "<HTML><HEAD><TITLE>%d %s</TITLE></HEAD>\r\n", status, title);
     481    pos += snprintf(pos, sizeof(buf)-(pos-buf), "<BODY><H4>%d %s</H4>\r\n", status, title);
     482    pos += snprintf(pos, sizeof(buf)-(pos-buf), "%s\r\n", text);
     483    pos += snprintf(pos, sizeof(buf)-(pos-buf), "</BODY></HTML>\r\n");
    484484    webif_write(buf, f);
    485485}
Note: See TracChangeset for help on using the changeset viewer.