mirror of
https://github.com/Llewellynvdm/conky.git
synced 2025-01-28 01:28:30 +00:00
Replace vulnerable functions with safer alternatives
This commit is contained in:
parent
6bda01266b
commit
0a4eb8fda5
13
src/exec.cc
13
src/exec.cc
@ -168,17 +168,18 @@ void exec_cb::work() {
|
||||
// remove backspaced chars, example: "dog^H^H^Hcat" becomes "cat"
|
||||
// string has to end with \0 and it's length should fit in a int
|
||||
#define BACKSPACE 8
|
||||
static void remove_deleted_chars(char *string) {
|
||||
static void remove_deleted_chars(char *string, unsigned int p_max_size) {
|
||||
int i = 0;
|
||||
while (string[i] != 0) {
|
||||
if (string[i] == BACKSPACE) {
|
||||
if (i != 0) {
|
||||
strcpy(&(string[i - 1]), &(string[i + 1]));
|
||||
strncpy(&(string[i - 1]), &(string[i + 1]),
|
||||
strnlen(string, p_max_size) - i + 1);
|
||||
i--;
|
||||
} else {
|
||||
strcpy(
|
||||
&(string[i]),
|
||||
&(string[i + 1])); // necessary for ^H's at the start of a string
|
||||
strncpy(&(string[i]), &(string[i + 1]),
|
||||
strnlen(string, p_max_size) -
|
||||
i); // necessary for ^H's at the start of a string
|
||||
}
|
||||
} else {
|
||||
i++;
|
||||
@ -229,7 +230,7 @@ void fill_p(const char *buffer, struct text_object *obj, char *p,
|
||||
snprintf(p, p_max_size, "%s", buffer);
|
||||
}
|
||||
|
||||
remove_deleted_chars(p);
|
||||
remove_deleted_chars(p, p_max_size);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -59,7 +59,8 @@ void addmessage(struct ctx *ctxptr, char *nick, const char *text) {
|
||||
struct ll_text *lastmsg = ctxptr->messages;
|
||||
struct ll_text *newmsg = (struct ll_text *)malloc(sizeof(struct ll_text));
|
||||
newmsg->text = (char *)malloc(strlen(nick) + strlen(text) + 4); // 4 = ": \n"
|
||||
sprintf(newmsg->text, "%s: %s\n", nick, text);
|
||||
snprintf(newmsg->text, strlen(nick) + strlen(text) + 4, "%s: %s\n", nick,
|
||||
text);
|
||||
newmsg->next = nullptr;
|
||||
int msgcnt = 1;
|
||||
if (!lastmsg) {
|
||||
@ -107,7 +108,7 @@ void ev_num(irc_session_t *session, unsigned int event, const char *,
|
||||
if (event == 433) { // nick in use
|
||||
int len = strlen(params[1]) + 4;
|
||||
char *newnick = (char *)malloc(len);
|
||||
strcpy(newnick, params[1]);
|
||||
strncpy(newnick, len, params[1]);
|
||||
attachment[1] += rand() % 10;
|
||||
attachment[2] += rand() % 10;
|
||||
strncat(newnick, attachment, len - 1);
|
||||
|
@ -580,9 +580,9 @@ void update_net_interfaces(FILE *net_dev_fp, bool is_first_update,
|
||||
nullptr, NULL);
|
||||
ns2->addr = ((struct ifreq *)conf.ifc_buf)[k].ifr_ifru.ifru_addr;
|
||||
char temp_addr[18];
|
||||
sprintf(temp_addr, "%u.%u.%u.%u, ", ns2->addr.sa_data[2] & 255,
|
||||
ns2->addr.sa_data[3] & 255, ns2->addr.sa_data[4] & 255,
|
||||
ns2->addr.sa_data[5] & 255);
|
||||
snprintf(temp_addr, sizeof(temp_addr), "%u.%u.%u.%u, ",
|
||||
ns2->addr.sa_data[2] & 255, ns2->addr.sa_data[3] & 255,
|
||||
ns2->addr.sa_data[4] & 255, ns2->addr.sa_data[5] & 255);
|
||||
if (nullptr == strstr(ns2->addrs, temp_addr))
|
||||
strncpy(ns2->addrs + strlen(ns2->addrs), temp_addr, 17);
|
||||
}
|
||||
|
@ -255,7 +255,8 @@ static void update_mail_count(struct local_mail_s *mail) {
|
||||
NORM_ERR("malloc");
|
||||
return;
|
||||
}
|
||||
strcpy(mailflags, strrchr(dirent->d_name, ','));
|
||||
strncpy(mailflags, strrchr(dirent->d_name, ','),
|
||||
strlen(strrchr(dirent->d_name, ',')));
|
||||
if (strchr(mailflags, 'T') ==
|
||||
nullptr) { /* The message is not in the trash */
|
||||
if (strchr(mailflags, 'S') !=
|
||||
|
@ -145,7 +145,8 @@ static void mbox_scan(char *args, char *output, size_t max_len) {
|
||||
|
||||
/* allowing $MAIL in the config */
|
||||
if (strcmp(mbox_mail_spool, "$MAIL") == 0) {
|
||||
strcpy(mbox_mail_spool, current_mail_spool.get(*state).c_str());
|
||||
strncpy(mbox_mail_spool, current_mail_spool.get(*state).c_str(),
|
||||
DEFAULT_TEXT_BUFFER_SIZE);
|
||||
}
|
||||
|
||||
if (stat(mbox_mail_spool, &statbuf) != 0) {
|
||||
|
@ -298,13 +298,13 @@ void print_v6addrs(struct text_object *obj, char *p, unsigned int p_max_size) {
|
||||
// netmask
|
||||
if (ns->v6show_nm) {
|
||||
char netmaskstr[5]; // max 5 chars (/128 + null-terminator)
|
||||
sprintf(netmaskstr, "/%u", current_v6->netmask);
|
||||
snprintf(netmaskstr, sizeof(netmaskstr), "/%u", current_v6->netmask);
|
||||
strncat(p, netmaskstr, p_max_size);
|
||||
}
|
||||
// scope
|
||||
if (ns->v6show_sc) {
|
||||
char scopestr[4];
|
||||
sprintf(scopestr, "(%c)", current_v6->scope);
|
||||
snprintf(scopestr, sizeof(scopestr), "(%c)", current_v6->scope);
|
||||
strncat(p, scopestr, p_max_size);
|
||||
}
|
||||
// next (or last) address
|
||||
|
@ -130,7 +130,7 @@ static void print_tailhead(const char *type, struct text_object *obj, char *p,
|
||||
}
|
||||
// use the buffer if possible
|
||||
if (ht->buffer != nullptr) {
|
||||
strcpy(p, ht->buffer);
|
||||
strncpy(p, ht->buffer, p_max_size);
|
||||
ht->current_use++;
|
||||
} else { // otherwise find the needed data
|
||||
if (stat(ht->logfile.c_str(), &st) == 0) {
|
||||
|
@ -84,7 +84,8 @@ static char *backslash_escape(const char *src, char **templates,
|
||||
dup_len += strlen(templates[tmpl_num - 1]);
|
||||
src_dup =
|
||||
static_cast<char *>(realloc(src_dup, dup_len * sizeof(char)));
|
||||
sprintf(src_dup + dup_idx, "%s", templates[tmpl_num - 1]);
|
||||
snprintf(src_dup + dup_idx, dup_len - dup_idx, "%s",
|
||||
templates[tmpl_num - 1]);
|
||||
dup_idx += strlen(templates[tmpl_num - 1]);
|
||||
p += digits;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user